Your Privacy Hub
join the community
Your Privacy Hub

Yes We Trust moves to Didomi

We are excited to share that going forward, Yes We Trust content will be incorporated into Didomi, where we will continue to post relevant, educational content that helps you make sense of data privacy today, including out flagship newsletter and opinion pieces. Thank you for your continued support and see you there!

Continue to Didomi
    Norway bans Meta from using behavioral ads without user consent
    • company-news
    • industry-news

    Published on July 17, 2023 last updated on July 18, 2023

    Norway bans Meta from using behavioral ads without user consent

    Earlier this week, the Norwegian DPA Datatilsynet banned Meta from using behavioral ads for at least three months, or until the company demonstrates its compliance with Norwegian law. The ban will starts on August 4th and run until October. If Meta doesn't comply, the company risks a daily fine of up to one million Norwegian Krone (NOK), the equivalent of about USD $100K.

    This decision by the Norwegian DPA stems from another taken by the Irish DPC (on behalf of European Data Protection Authorities) in January, finding Meta in breach of the GDPR for processing data using contracts as a legal basis. Later this year, Meta switched to claiming legitimate interest, but that was also denied, this time by the Court of Justice of the European Union.

    In a press release, the Norwegian DPA highlights the potential risks associated with tracking and profiling, and by extension behavioral advertising: discrimination, misinformation, negative impact on vulnerable people, influence on the democratic process, and more.

    "Invasive commercial surveillance for marketing purposes is one of the biggest risks to data protection on the internet today"

    - Tobias Judin, Head of International in the Norwegian Data Protection Authority (source: Datatilsynet)

    Be mindful, however, that this is not a ban on Meta, nor a ban on advertising for Meta in Norway. The company will still be able to run advertising campaigns, but will need to collect valid consent for behavioral ads:

    The Norwegian Data Protection Authority does not ban personalised advertising on Facebook or Instagram as such. The decision does not for example stop Meta from targeting advertising based on information a user put in their bio, such as place of residence, gender and age, or based on interests a user has provided themselves. Nor does the decision stop Meta from showing behavioural advertising to users who have given valid consent to it. 

    - Datatilsynet press release (source: Datatilsynet)

    In a statement, data privacy organization noyb, which was behind the original complaint against Facebook, rejoices over the decision by the Norwegian DPA:

    "The decision of the Norwegian DPA is exciting. It clearly seems to be an attempt to bypass the Irish DPC, which wasn't enforcing its own decision against Meta 5 years after noyb's complaints."

    - Romain Robert, Program Director at noyb (source: noyb)

    Meta is in increasingly deep waters in Europe. The company held the crown for the biggest GDPR data privacy fines imposed last year and has already broken a record earlier in 2023 with a USD $1.2B fine for failing to comply with a 2020 decision on trans-Atlantic data transfers.

    As a result, the company's latest social media venture, Threads, is currently not available in the EU. What do you think about it and about the drastic approach by the Norwegian DPA? 

    Continue the conversation in the Yes We Trust community
    avatar Yes We Trust

    Yes We Trust

    Your privacy hub.

    Do you need help with your Privacy strategy? community@yes-we-trust.com
    Do you want to become a speaker? speakers@yes-we-trust.com