Home / News / Internet / Meta tracking violates EU data transfer rules

Meta tracking violates EU data transfer rules

Austria’s data protection authority found that Meta’s tracking technologies violated EU data protection law by transferring personal data to the US, where government surveillance was possible.

In August 2020, the European privacy rights group NOYB filed a number of complaints against websites using Google Analytics for data export. Several EU DPAs have declared Google Analytics illegal, and some, like France’s CNIL, have advised against its use without additional safeguards. This is the first time Facebook’s tracking technology violated the EU’s GDPR.

All the decisions follow the European Union’s top court’s July 2020 ruling that struck down the high-level EU-US Privacy Shield data transfer agreement after judges again found a fatal conflict between US surveillance laws and EU privacy rights. Privacy Shield’s predecessor, Safe Harbor, was overturned in 2015.

Noyb calls the Austrian DPA’s data transfer breach finding “groundbreaking” and says it should warn other sites not to use Meta trackers (the complaint concerns Facebook Login and the Meta pixel).

A local news website (whose name is redacted from the decision) stopped using Meta’s tracking tools in August 2020, after the complaint was filed. Given how much personal data Meta processes, the decision could have far-reaching effects for its technology. Given the legal uncertainty around EU-US data transfers, the breach finding could affect scores of sites not yet targeted in this batch of strategic complaints, as well as any EU site still using Meta’s tracking tools.

Despite two U.S. Court of Justice rulings, Facebook has claimed its commercial customers can use its technology. “The first regulator told a customer that Facebook tracking technology is illegal,” said Max Schrems, chair of noyb.eu.

“Many websites track users and show personalized ads using Facebook tracking technology. Websites using this technology send user data to US multinationals and the NSA. “The fact that US law still allows bulk surveillance means that this matter will not be solved any time soon,” Noyb said in a press release.

Meta downplayed the Austrian DPA’s decision. A company spokesperson said the finding is “based on historical circumstances” and “does not impact how businesses can use our products”. Full statement:

About Jacob Chambers

As long-time IT enthusiasts, gamers and gadget fanatics, Mark and I have been working in the industry for a long time and we both have a vast experience in dealing with smartphones, tablets, PC and console hardware and everything tech-related. My list of industry insiders is long-enough to allow me to get insights into what's going on in the technology field and provide my readers with interesting and timely updates. I focus on brief, to-the-point reporting, keeping the "bla bla" to a minimum and making sure my readers get easy access to important information and updates. I mainly specialize in Android-based mobile devices, leaving iOS and Apple devices in Mark's capable hands.

Check Also

Everything about “The Last of Us” is talked about on Wt FX, including the well-known “bloater” and “giraffe” moments

Craig Mazin, co-creator of HBO’s “The Last of Us,” remarked in the official podcast for …