The Irish DPC agreed with Facebook’s legal basis for processing user data (for purposes of performing a contract which its users were party to), which included processing for behavioural advertising purposes and is supported by provisions in its Terms of Service; however, the DPC found that Facebook’s privacy notice was disjointed, incomplete and lacked transparency (potentially misleading users on the processing basis), proposing a fine between €28,000,000 and €36,000,000, and ordering compliance within 3 months.
Related Posts
EU Introduces Stringent AI Legislation
The European Union has unveiled comprehensive legislation aimed at regulating artificial intelligence (AI) technologies, with a strong focus…
ANSSI and BSI Jointly Release Guidelines on Remote Identity Proofing
France’s National Cybersecurity Agency (ANSSI) and Germany’s Federal Office for Information Security (BSI) have issued a joint release…
Irish National Police Data Leak Highlights Third-Party Risk
The recent data breach incident involving the Irish National Police. This breach underscores the critical importance of addressing…