Norway’s data regulator seeks to extend Meta’s fine across the EU and EEA

Norwegian data regulator (Datatilsynet) stated that it will contact the European Data Protection Board (EDPB) to discuss keeping the fine against Meta permanent while also expanding its Norwegian borders, including the EU member states and the European Economic Area (EEA). According to Reuters, EDPB confirmed this move and stated that it will first assess the case and will have a two-week period to make an immediate and binding decision. In August 2023, Datatilsynet fined Meta1 million krone ($98,500) per day over privacy breaches.

Tobias Judin, Datatilsynet’s head of the international section, stated that Meta continues to violate Norway’s decision and is still committing data breaches across other the EU Member states.

Meta stated that it was surprised by Datatilsynet’s decision, emphasizing its commitment to transitioning to a consent-based approach for advertising in the EU/EEA. The company also stated that it is engaged in ongoing discussions through the Irish Data Protection Commission and plans to provide further updates. Meanwhile, the Norwegian regulator expressed concerns about the lack of clarity regarding Meta’s strategy for obtaining user consent and its impact on user rights.

Why does it matter?

Expanding and keeping the fine permanent against Meta in the EU could be a game changer for Meta’s ads in the EU. According to TechCrunch, if the European Data Protection Board (EDPB) agrees, this decision might completely prohibit Meta from running tracking ads across the entire the EU single market without obtaining user consent. Alternatively, Meta could request user permission for “personalized ads” before any EDPB action, as previously indicated it might do.