Facebook fined €1.2m by Spain’s data privacy regulator in stern warning ahead of GDPR

Facebook was today (September 11) dealt a €1.2m fine (approximately $1.4m) by Spain’s data privacy regulator, according to reports, with the ruling coming just months ahead of the implementation of the European General Data Protection Regulations (GDPR).

Politico quotes a statement issued by the authority claiming the social network’s privacy policy is “generic and unclear”, going on to state: “Facebook does not adequately collect the consent of either its users or nonusers, which constitutes a serious infringement.”

This comes just months after it was hit with a similar fine by privacy regulators in France, and faces similar scrutiny from data protection bodies elsewhere across the EU-member area, which are primed to implement GDPR in a uniform manner from May 2018.

GDPR requires those collecting, storing and processing data on EU residents to obtain specific consent to do so by the region’s internet users, with those found to be falling foul of the rules in line for a €20m fine, or up to 4% of global revenues, which ever is greater.

News of the fine comes the same day as influential Wall Street analyst Brian Wieser of Pivotal Research issued a note to investors reminding of the potential negative impact GDPR can have on Facebook (which collects 25% of its revenue in the EU) and Google (which likewise collects 30% of its revenue there).

“Implementing GDPR-compliant ad products may impact revenue growth primarily because it may require more ad inventory to satisfy advertiser goals,” reads his note.

“Generally, consumer-facing properties owned by Facebook, Google, Twitter and Snap and others owned by major publishers which consumers are generally familiar with should be able to secure consent exchanging use of some personal data in advertising for access to the media property.

"By contrast, ad networks and programmatic platforms owned by these media owners may face challenges doing the same. For everyone there will be more limits on how data is used to drive targeting relative to how it is used at present.”