Meta Ireland Limited – Order (Italy, 2022)

From 20 September 2022 onwards, five days before the Italian general elections, Meta Platforms Ireland Limited (Meta), the controller, launched a campaign specifically aimed at Italian adults, for the stated purposes of encouraging voting, providing information on the election, and combatting election interference. Specifically, Meta prepared electoral reminders on its Facebook and Instagram services, which redirected users to the website of the Ministry of the Interior where they could find “reliable information about the elections”. These features were available through the Election Day Information (EDI) function on the Facebook service, and by clicking on election day “stickers” (which can be added to shared photos and videos) through the Instagram service. The Italian DPA considered it necessary to acquire further information regarding these activities and, by a letter dated 21 September 2022, sent a list of questions to Meta. In particular, this letter sought to ascertain: the nature and modalities of data processing in relation to the reminders and ‘stickers’, as well as the storage period of the data collected; the agreement allegedly in place with the Ministry of the Interior to redirect users to its website; any relevant corporate and community policies; any agreement with independent fact-checking organisations and the data exchanged with them; the manner in which the processing involved (in particular that which reveals political opinions) had been brought to the data subjects’ attention and the legal basis for such processing; and, finally, the measures put in place to ensure that these features would only be brought to the attention of those over 18 years old. Meta responded to the DPA on 22 September 2022, via a letter which did not contain much of the information requested and did not alleviate many of the concerns raised. As a result, on 23 September 2022, the DPA called upon Meta to temporarily suspend the aforementioned processing activity. Late in