Meta Ireland Limited – Order (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Meta Ireland was ordered to provide more information about its campaign to encourage voting in Italy. The Italian data protection authority wanted to understand how Meta was processing user data during this campaign. This case highlights the need for tech companies to be transparent about their data practices.
What happened
Meta was asked to provide details about its data processing related to an election campaign.
Who was affected
Italian users who interacted with Meta's voting reminders and stickers on Facebook and Instagram.
What the authority found
The Italian data protection authority required Meta to clarify its data processing activities during the election campaign.
Why this matters
This order emphasizes the importance of transparency for tech companies, especially during significant events like elections. Other companies should take note and ensure they are clear about how they use personal data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
From 20 September 2022 onwards, five days before the Italian general elections, Meta Platforms Ireland Limited (Meta), the controller, launched a campaign specifically aimed at Italian adults, for the stated purposes of encouraging voting, providing information on the election, and combatting election interference. Specifically, Meta prepared electoral reminders on its Facebook and Instagram services, which redirected users to the website of the Ministry of the Interior where they could find “reliable information about the elections”. These features were available through the Election Day Information (EDI) function on the Facebook service, and by clicking on election day “stickers” (which can be added to shared photos and videos) through the Instagram service. The Italian DPA considered it necessary to acquire further information regarding these activities and, by a letter dated 21 September 2022, sent a list of questions to Meta. In particular, this letter sought to ascertain: the nature and modalities of data processing in relation to the reminders and ‘stickers’, as well as the storage period of the data collected; the agreement allegedly in place with the Ministry of the Interior to redirect users to its website; any relevant corporate and community policies; any agreement with independent fact-checking organisations and the data exchanged with them; the manner in which the processing involved (in particular that which reveals political opinions) had been brought to the data subjects’ attention and the legal basis for such processing; and, finally, the measures put in place to ensure that these features would only be brought to the attention of those over 18 years old. Meta responded to the DPA on 22 September 2022, via a letter which did not contain much of the information requested and did not alleviate many of the concerns raised. As a result, on 23 September 2022, the DPA called upon Meta to temporarily suspend the aforementioned processing activity. Late in
Outcome
Order
A binding order requiring the controller to take specific action.
Related Enforcement Actions (0)
No other enforcement actions found for Meta Ireland Limited in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Order Date
21 December 2022
Authority
Garante per la protezione dei dati personali
GDPRhub ID
gdprhub-5699About this data
Cite as: Cookie Fines. Meta Ireland Limited - Italy (2022). Retrieved from cookiefines.eu
Last updated: