Spain’s data protection watchdog has fined Facebook €1.2 million euros (roughly $1.44 million), after it found three instances when it collected personal data on its Spanish users without informing them of how it was to be used.
The judgement is the latest in a series of legal issues that have befallen the social media giant. According to Mark Scott, Politico’s Chief Politics correspondent, the French, German, and Dutch governments are also looking into how Facebook holds and uses data pertaining to their citizens.
Facebook will likely appeal this ruling. It previously overturned a similar judgement in Belgium, having successfully argued that its base in Ireland means that it’s only subject to Irish law.
€1.2 million euros barely constitutes a slap on the wrist for a company that has Q2 revenues of $9.32 billion. That said, it’s probably relieved the ruling came before the introduction of the tough new GDPR rules, which could have seen the company fined a percentage of its global annual turnover.
We’ve reached out to Facebook, and will update this post if we hear back from it.
UPDATE: A Facebook spokesperson got in touch.
“We take note of the DPA’s decision with which we respectfully disagree. Whilst we value the opportunities we’ve had to engage with the DPA to reinforce how seriously we take the privacy of people who use Facebook, we intend to appeal this decision.
“As we made clear to the DPA, users choose which information they want to add to their profile and share with others, such as their religion. However, we do not use this information to target adverts to people.”
“Facebook has long complied with EU data protection law through our establishment in Ireland. We remain open to continuing to discuss these issues with the DPA, whilst we work with our lead regulator the Irish Data Protection Commissioner as we prepare for the EU’s new data protection regulation in 2018.”