Meta fined over privacy violations in South Korea

5 Nov, 2024 19:53 / Updated 3 weeks ago
Facebook’s parent company has been ordered to pay over $15 million for illegally collecting sensitive information

South Korea has slapped social media giant Meta with a multi-million-dollar fine after an investigation by the country’s privacy watchdog revealed the company had collected sensitive user data and shared it with thousands of advertisers. 

The country’s Personal Information Protection Commission said in a statement on Tuesday that the US company had obtained information from about 980,000 South Korean Facebook users on issues such as their religion, political views and sexuality, while having failed to seek their agreement.

According to the statement, Meta analyzed the pages that Facebook users liked or the advertisements they clicked on. The company then categorized ads to identify users interested in topics such as specific religions, same-sex and transgender issues, as well as information related to North Korean escapees. The sensitive information was later provided for use by approximately 4,000 advertisers.

Under South Korean privacy laws, companies are prohibited from processing or using any sensitive data related to personal beliefs, political views or sexual behavior, without the explicit consent of the person involved.

“While Meta collected this sensitive information and used it for individualized services, they made only vague mentions of this use in their data policy and did not obtain specific consent,” the statement reads.

The Commission also said that Meta had unfairly declined a request by users to access personal information and failed to prevent data leaks affecting about ten South Koreans.

The company has been ordered to pay 21.62 billion won ($15.67 million) in fines. The Commission said it will continue to monitor whether Meta is complying with its corrective order.

It’s not the first instance of the US company being held accountable for data breaches. In September, European regulators slapped Meta with a $100-million penalty for inadvertently storing some users’ passwords without protection or encryption. Earlier in June, Nigeria ordered the tech giant to pay a $220-million fine for breaching local data protection and privacy laws. Türkiye has also fined the company 1.2 billion lira ($35 million), after an investigation into data sharing on its Facebook, Instagram, Threads, and WhatsApp platforms.