The EDPB issued an urgent binding decision that essentially bans Meta from using personal data for behavioral advertising in the entire European Economic Area (EEA).
The EDPB issued an urgent binding decision that essentially bans Meta from using personal data for behavioral advertising in the entire European Economic Area (EEA).
Because getting caught and fined a couple million isn’t even a minor business expense to these companies. Stop acting surprised when they don’t follow your rules when you fine them 0.007% of their yearly profits.
Like,
Their bean counters probably laughed out loud when they were told about this, and I wouldn’t blame them. This is a joke. They probably spend more on toilet paper for their office workers. Meta has nearly 200 BILLION (with a B!) in assets. Treat them like it.
I always thought it would be a good idea to fine publicly traded corporations a percentage of their market cap + 10%, going up to maximum of 100% market cap + 10%.
If Meta is worth $817B USD, then we should treat them like it.
GDPR:
4% can be a lot in absolute numbers for these massive corporations. But it’s such a low percentage that it could indeed be included in operational cost and then be ignored.
It helps a lot that that’s revenue and not profit, so it ignores other expenses. Of course, I don’t know how much that matters, but it is still enough to hurt.
I’d say that’s a huge problem actually.
For a normal company, abusing data is a small part of their business and profit is a few percent of revenue, so such a fine would be devastating.
For some tech companies, profit is in the double digit percent of revenue and half of it comes from breaking the law, so the 4% are a tax they can happily pay and still be more profitable than if they followed the law.
Depends. It’s up to 4% of the yearly revenue per court ruling. And not necessarily once per year. If you were to continue to ignore these rulings and continue abusing the data, that can rack up fast. Pay once - that may or may not be a problem. Pay monthly - there goes up to 48% of your yearly revenue.
It’d be great if that was how it works, unfortunately it seems like the penalties are closer to once every 3-5 years than monthly, skewing the balance even further to “screw the law, just pay the fee”:(
They won’t hand out fines every few weeks easily. And usually you cannot get fined twice for the same thing. BUT it was a (albeit able bit exaggerated) projection what could happen, if you constantly ignore the court orders and continue breaking the law. At first, you might get some time to change your processes, get compliant, … but when it won’t stop, you get fined again. And it won’t be lenient the further you stress it. Also that’s just the fine for the GDPR violation itself. Ignoring court orders, violating the law continuously,… will get you other fines - assuming you don’t change you behavior.
It will take a while to get there, sure and I think Meta will try to continue processing this data as mich as they can, but the EU doesn’t look like they’re joking too much.
Oh man that sounds juicy 🤤
Only change I’d argue for is to go off market cap instead of annual worldwide revenue though because you can say some insanely small amount on paper like 4%, but then that same 4% turns from ~$5B USD with annual revenue to ~$33B USD with market cap. But because we’d also want to actually deter businesses from breaking it and considering it a cost of business, I would think something like a fine of 110% of market cap value would be a huge deterrence.