European Consumer Groups Sue Meta for GDPR Breaches

Republic, Denmark, Greece, France, Norway, Slovakia, Slovenia and Spain, are European Consumer Organisation (BEUC) members. In complaints filed with their national data protection authorities (DPAs), they charged the tech giant with failing to comply with GDPR principles of fair processing, data minimization and purpose limitation. Moreover, they said Meta has no valid legal basis to justify the massive data sweep it carries out on Facebook and Instagram users because the choice it gives them can't lead to free and informed consent. "Meta has tried time and time again to justify the massive commercial surveillance it places its users under," said BEUC Deputy Director-General Ursula Pachl. "Its unfair 'pay-or-consent' choice is the company's latest effort to legalise its business model." In recent years several DPAs have tried to force Meta to change the legal basis for collecting and processing people's data, and the company's "last resort" is to obtain users' consent for those activities by offering them the choice to either pay to see a supposedly ad-free service or consent to the company's full commercial surveillance with ads, BEUC said. Asked why BEUC didn't file the complaint with the DPA in Ireland, where Meta is headquartered, a spokesperson said the organization wanted to involve national data protection authorities that can then take ownership of the issue when those authorities transfer the matter to the Irish authority. In addition, he said, BEUC wanted to involve its members because they know the procedural rules of their own DPAs and to maximize coverage of the issue to show that it affects all Europeans.