South Korea has taken a strong stand against Meta’s privacy practices, slapping the company with a hefty $15 million fine for unauthorized data collection. This significant penalty comes after an extensive four-year investigation by the Personal Information Protection Commission (PIPC). Meta was found to have collected sensitive data from nearly a million Facebook users in South Korea without obtaining the necessary consent and later shared this information with advertisers.
Between July 2018 and March 2022, Meta gathered highly personal details such as religious and political affiliations and information about same-sex unions. The data watchdog PIPC emphasized that South Korea enforces stringent privacy laws, particularly when it comes to sensitive personal information. According to these laws, companies must obtain explicit permission before processing or sharing such information.
Investigators revealed that Meta acquired this data by monitoring user interactions on its platform, including the ads they engaged with. Despite using this information to tailor services for individual users, Meta’s data policy only vaguely alluded to such practices, failing to seek specific user consent. Lee Eun Jung, who spearheaded the investigation, highlighted these shortcomings in an official statement.
Moreover, PIPC criticized Meta for inadequate security measures, which allowed hackers to exploit inactive pages. This vulnerability facilitated fraudulent identity creation and unauthorized password reset requests, endangering the privacy and security of Facebook users.
This substantial fine serves as a stark reminder of the importance of adhering to privacy laws and protecting user data. As digital platforms continue to expand, companies must ensure transparent and secure data handling practices to maintain user trust and comply with global regulations.
