(Photo : Meta)

• South Korea's PIPC fined Meta Platforms $15.67M for unlawfully collecting and sharing sensitive user data.
• Meta collected data from about 980,000 South Korean Facebook users without their consent.
• The data was used to create advertising themes, used by around 4,000 advertisers.
• This fine underscores the global concern over user data protection and the need for tech giants to adhere to privacy laws.

In a significant development, South Korea's data protection agency, the Personal Information Protection Commission (PIPC), has imposed a fine of 21.62 billion won ($15.67 million) on Meta Platforms, the parent company of Facebook. This decision comes after the PIPC found that Meta had unlawfully collected sensitive user data and shared it with advertisers without obtaining the necessary legal permissions.

The PIPC's investigation revealed that Meta had collected data from approximately 980,000 South Korean Facebook users. This data included sensitive information related to their religion, political views, and sexuality. The tech giant had failed to seek the users' consent before collecting this data, a clear violation of the users' privacy rights.

The collected data was then used to create and manage advertising themes related to the sensitive information. The PIPC's statement highlighted that users were categorized based on their interests, such as being North Korean defectors, following a certain religion, or identifying as a transgender or gay person. This information was subsequently used by around 4,000 advertisers.

Meta's Violation of South Korean Privacy Laws

South Korean privacy laws strictly prohibit companies from processing or using any sensitive data related to personal beliefs, political views, or sexual behavior, without the explicit consent of the person involved. The PIPC's statement emphasized that while Meta collected this sensitive information and used it for individualized services, they made only vague mentions of this use in their data policy and did not obtain specific consent.

In addition to the unlawful data collection, Meta was also found to have unfairly declined a request by users to access personal information and failed to prevent data leaks affecting about ten South Koreans. The PIPC has ordered Meta to pay the fine and will continue to monitor whether Meta is complying with its corrective order.

Historical Context and Global Implications

This is not the first time that Meta has faced scrutiny over its data collection practices. In the past, the company has been criticized for its handling of user data, with several instances of data breaches and privacy violations coming to light. This latest fine by the South Korean data protection agency is a clear indication of the increasing global concern over the protection of user data and the need for tech giants like Meta to ensure they adhere to privacy laws.

The PIPC's decision is a significant step in holding tech companies accountable for their data collection practices. It sends a clear message to other tech giants about the importance of respecting user privacy and obtaining explicit consent before collecting sensitive data.