This week, Europe witnessed another example of how technology can change rapidly when Meta, the microtargeting advertising giant formerly known as Facebook, announced the launch of an ad-free subscription. It starts at €10 per month for web users and €13 per month for mobile users.
As recently as mid-2019, Facebook’s landing page boldly proclaimed, “Facebook is free and always will be.” However, by August 1, 2019, likely anticipating future regulatory challenges, the claim had quietly disappeared, replaced with a simple message encouraging new users to sign up quickly and easily.
Meta’s Most Recent Privacy Infringement Will Challenge the EU’s Determination to Regulate Big Tech
This wasn’t the first sign of a possible shift, though. Even earlier, back in April 2018 — as Facebook was embroiled in reputational fallout flowing from the Cambridge Analytica privacy and data scandal—its leadership explicitly said a version of its service that did not entail tracking and profiling the users would be a “paid product”. Well, five years on, here we are.
The slated pricing for the ad-free subscription puts the base cost of accessing Meta’s social networking services at roughly the same price as a Spotify Premium sub; Netflix’s standard offer; or an individual Apple Music subscription.
Meta appears to suggest that privacy can indeed be valued at these prices.
If you prefer not to include Meta in your monthly digital subscription expenses, the only free option available to European users will require them to agree to being tracked and profiled by Meta’s ad targeting system. This is what the adtech giant means when it states it’s changing its legal basis in Europe to “consent.”
You can either agree to pay Meta for their services or “consent” to pay with your privacy. The choice is yours!
However, in the European Union, where Meta is introducing the ad-free subscription option (while still offering free services with tracking and profiling), privacy is considered a fundamental right, and citizens are supposed to have comprehensive legal protections for their information.
The EU’s data protection framework has a long history, but it underwent significant changes in May 2018 when the General Data Protection Regulation (GDPR) took effect. This introduced a legal framework with more substantial penalties, including fines that can amount to 4% of a company’s global annual turnover.
Challenges in Enforcing GDPR Against Big Tech: The Case of Meta’s Privacy Practices
In theory, the cost of disregarding Europe’s privacy regulations increased significantly.
However, in practice, the enforcement of the GDPR, especially against Big Tech companies, has been slow and ongoing. This is due, in large part, to a regulatory system that allows large corporations to choose their jurisdiction, reducing their risk by establishing their primary operations in EU Member States with more business-friendly regulations, like Ireland, as Meta has done.
Although the GDPR has a system that often delays addressing privacy complaints, Meta’s ability to establish a legal basis for its tracking and profiling microtargeting advertising business in the EU has been narrowing. This is due to more than five years of privacy complaints, regulatory inquiries, and court decisions reaching a critical point concerning Meta’s legal justification for running tracking advertisements.
Significant events include a $410 million fine and a definitive decision in January, which ended Meta’s ability to use a contractual basis (performance of a contract) for ad processing. Then, in July of this summer, a ruling by the EU’s highest court removed Meta’s ability to claim a legitimate interest for tracking and profiling users, the basis it had turned to after regulators denied its ability to claim contractual necessity. This leaves consent as the only option (the other three of the GDPR’s six available legal bases for data processing being irrelevant for Meta’s purpose of running a targeted ads business).
However, Meta has now shifted its focus to manipulating consent itself.