Subscribe to our newsletter
Data Privacy

1 Min

EDPB advertising ban for Meta: Key takeaways for your business

Boris Otterbach
Boris Otterbach

Principal Privacy

On 27 October 2023, the European Data Protection Board (EDPB) issued a critical and binding decision against Meta Ireland Ltd, marking a significant challenge to their practices.

The EDPB found that Meta had created detailed user profiles without consent by monitoring user activity on Facebook and Instagram for targeted advertising.

This approach breached the principles of the General Data Protection Regulation (GDPR), forcing the EDPB to enforce a ban on Meta's use of personal data for personalised advertising.

Irish authorities quickly followed suit, extending this ban to processing such data throughout the European Economic Area (EEA).

This directive has significant implications for businesses, requiring immediate and thorough adjustments to their data handling and advertising strategies. 

Here are some key steps you can take to prepare for the changes ahead: 

1. Secure user’s consent

The importance of explicit user consent cannot be overstated. Consider using solutions such as DataGuards' Consent and Preference Manager (CPM) to simplify this vital data processing element. Correct consent is not only a regulatory requirement; it also increases visitor’s trust.

 

2. Balance legitimate interests with individual rights

Simply claiming 'legitimate interest' to justify using personal data for advertising in your terms and conditions is insufficient. Legitimate interest is one of several possible legal grounds for legally processing personal data.

However, Article 6(1)(f) of the GDPR states that legitimate interests must not override the rights of the data subjects. It is essential to review your data processing practices to ensure that they comply with legal standards and respect the rights of individuals.

You might also be interested: Opt-in and Opt-out: How to get, record, and manage customer consent

DataGuard Newsletter

Secure your success.

Subscribe for actionable expert advice! 

Join 3,000+ business leaders who stay ahead of the curve with our monthly information security newsletter. 

Subscribe Now

 

3. Stay ahead of regulatory developments

The evolving data protection landscape requires organisations to be proactive. Responding to these changes quickly and effectively is critical. By implementing the steps outlined and leveraging the resources available, you can ensure the integrity of your data processing practices and position your organisation to meet future challenges successfully.

Meta's recent announcement of a pure subscription model raises further questions about GDPR compliance. While the EDPB and the Irish authorities review the approach, German authorities consider a pure subscription legitimate under strict and concrete conditions. Stay abreast of these developments and be prepared, especially about the treatment of data from underage users.

 

Consult with DataGuard‘s experts

In the face of these changes, professional guidance can be invaluable. If you're unsure of the implications for your specific context, get tailored advice from DataGuard’s experts to ensure your business remains compliant and ahead of the regulatory curve.

Get in touch
Veröffentlicht am Aktualisiert am
Tags Data Privacy

Über den Autor

Boris Otterbach Boris Otterbach
Boris Otterbach

Principal Privacy

Boris Otterbach ist Jurist und zertifizierter Datenschutzbeauftragter mit über fünf Jahren Erfahrung in diesem Bereich. Bereits während seines Studiums hat er sich vertieft mit den Bereichen Europarecht, Völkerrecht und Menschenrechtsschutz beschäftigt. Dabei war auch das Thema Datenschutz ein zentraler Aspekt. Die DSGVO hilft dabei, gemeinsam europäische Rahmenbedingungen zu schaffen, damit alle denselben Schutz erfahren – und diese Rahmenbedingungen müssen mit pragmatischen, alltagsfähigen Lösungen befüllt werden. Bei DataGuard arbeitet Boris an der Entwicklung pragmatischer Lösungen für DSGVO-Schutzmaßnahmen, damit Unternehmen DSGVO-konform werden können. Die tägliche Arbeit durch mehr Automatisierung effektiver zu gestalten, treibt ihn an, bei DataGuard jeden Tag neue Herausforderungen zu meistern und sicherzustellen, dass Unternehmen aus datenschutzrechtlicher Sicht geschützt sind und neueste Technologien optimal genutzt werden. Als Berater betreute er vor allem Kunden aus den Bereichen Personalwesen, Hotel und Gastgewerbe. In seiner Rolle als Principal Professional Services bei DataGuard unterstützt er die Datenschutz- , Informationssicherheit- und Compliance- Teams mit seinem umfassenden Know-how und seiner Erfahrung, um die Menschen hinter den Daten zu schützen.

Mehr Artikel ansehen

Diese Themen sollten Sie nicht verpassen:

Weitere Artikel

NIS2 ready? Why security automation is your compliance lifeline
Compliance

3 Min

NIS2 ready? Why security automation is your compliance lifeline

Discover why security automation is key to achieving and maintaining NIS2 compliance, reducing risk, and streamlining regulatory requirements.

Weiterlesen
AI Anonymization: How tech supports data privacy in employee surveys
Data Privacy

4 Min

AI Anonymization: How tech supports data privacy in employee surveys

Discover how AI-driven anonymization enhances data privacy in employee surveys, ensuring compliance and trust.

Weiterlesen
Three data privacy best practices from Empowering Privacy Ireland
Data Privacy

2 Min

Three data privacy best practices from Empowering Privacy Ireland

From vendor compliance to emerging technologies, here are three data privacy best practices from Empowering Privacy Ireland held at Meta Dublin HQ.

Weiterlesen
Data Privacy Week 2025: Compliance in a complex world
Data Privacy

3 Min

Data Privacy Week 2025: Compliance in a complex world

Discover top privacy trends for Data Privacy Week 2025. Simplify compliance, manage risks, and align with evolving regulations.

Weiterlesen
Compliance policy management: ensuring regulatory adherence
IT, Tools and Software

5 Min

Compliance policy management: ensuring regulatory adherence

Discover the key to effective compliance policy management: reduce risks, avoid penalties, and build trust with clear policies, audits, and training.

Weiterlesen
Top risk mitigation strategies to safeguard your business
Risk management

5 Min

Top risk mitigation strategies to safeguard your business

Learn how to safeguard your business with risk assessments, continuity planning, cybersecurity, and employee training to stay resilient and secure.

Weiterlesen

How can we help?Contact us.

(089) 8967 551 000
dg_seal_iso_2-0-3
dg_seal_tisax_2-0-3
dg_seal_gdpr_2-0-3

Products

Platform

Frameworks

Solutions

Resources

Company

English

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide Software-as-a-Service and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

All data provided is for information only, based on internal estimates. This information is not indicative of KPIs, and is not given with any warranties or guarantees, expressly stated or implied in relation to accuracy and reliability.

Contact Sales

See what DataGuard can do for you.

Find out how our Privacy, InfoSec and Compliance solutions can help you boost trust, reduce risks and drive revenue.

  • 100% success in ISO 27001 audits to date 
  • 40% total cost of ownership (TCO) reduction
  • A scalable easy-to-use web-based platform
  • Actionable business advice from in-house experts

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • External data protection officer
  • Audit of your privacy status-quo
  • Ongoing GDPR support from a industry experts
  • Automate repetitive privacy tasks
  • Priority support during breaches and emergencies
  • Get a defensible GDPR position - fast!

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Continuous support on your journey towards the certifications on ISO 27001 and TISAX®️, as well as NIS2 Compliance.
  • Benefit from 1:1 consulting
  • Set up an easy-to-use ISMS with our Info-Sec platform
  • Automatically generate mandatory policies
Certified-Icon

100% success in ISO 27001 audits to date

 

 

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Transparent consent collection
  • Comply with GDPR, CCPA, LGPD, ePrivacy, and more
  • Consolidate consents across multiple touchpoints
  • Support from privacy experts
  • Integrates with your marketing tools and CRM

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Proactive support
  • Create essential documents and policies
  • Staff compliance training
  • Advice from industry experts

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Comply with the EU Whistleblowing Directive
  • Centralised digital whistleblowing system
  • Fast implementation
  • Guidance from compliance experts
  • Transparent reporting

Trusted by 4.000+ customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Let's talk

0-25
26-250
251-500
501-2000
2001-10000
>10000
Privacy (GDPR Compliance/DPO)
Security (ISO 27001, TISAX, NIS2)
Consent & Preference Management
Whistleblowing
Germany
United Kingdom
Austria
Sweden
Norway
Finland
Denmark
Other

You can learn more about how we handle your personal data and your rights by reviewing our privacy policy.