Meta, formerly known as Facebook, has been planning the launch of Threads, its anticipated Twitter alternative. However, the app has already faced significant privacy concerns even before its public availability. Mandatory iOS disclosures have revealed that Threads may collect sensitive user information, including health and financial data, precise location, browsing history, contacts, and search history. This raises questions about the app’s compliance with European Union (EU) privacy regulations and whether it will be able to launch in the EU. In this blog post, we explore the privacy concerns surrounding Threads and the challenges Meta faces in the EU market.
Threads’ Privacy Concerns: The disclosed privacy information about Threads has raised concerns among users. Given Meta’s history of tracking and profiling users for targeted advertising, the extensive collection of sensitive user data for profiling purposes is not surprising. However, it brings into question the app’s compliance with EU privacy laws and regulations.
Legal Challenges in the EU: Meta’s privacy practices face legal obstacles in the EU. Initially, Meta claimed the legal basis for processing Facebook users’ personal data was the performance of a contract, but this claim was found unlawful earlier this year. The company has since switched to a claim of legitimate interest, but a recent court ruling stated that this legal basis is not appropriate for Meta’s behavioral ads. Furthermore, EU regulations ban the use of sensitive data for ads and require explicit consent for data combination for ad profiling. These legal complexities cast doubt on Threads’ future launch in the EU.
Data Protection Concerns and GDPR Fines: Meta has recently faced scrutiny over its data protection practices. The company was fined over $1.3 billion for breaching General Data Protection Regulation (GDPR) requirements on data exports. The order specifically targeted Facebook, but it could potentially extend to other Meta services that fail to adequately protect EU users’ data. The incoming Digital Services Act and Digital Markets Act introduce stricter regulations on surveillance ads and data sharing, further complicating Meta’s compliance with EU laws.
Postponed EU Launch and Legal Uncertainty: Meta has decided to postpone the launch of Threads in the EU due to legal uncertainty surrounding data use and the DMA’s restrictions on data sharing across platforms. The Irish Data Protection Commission (DPC) has clarified that it has not prevented Meta from launching Threads, but Meta has chosen to delay the launch based on its assessment of legal risks and concerns. The forthcoming DMA will be centrally enforced by the European Commission, increasing the regulatory scrutiny on digital giants like Meta.
Different Regulatory Landscape in the UK: Threads is set to launch in the UK, where regulatory standards differ following Brexit. Although the country’s data protection regime is derived from GDPR, the Information Commissioner’s Office (ICO) has been criticized for its lack of action against surveillance advertising breaches. Meta may view the legal risks differently in the UK, especially considering potential changes to data protection standards and weakened ICO independence.
Conclusion: Meta’s Threads app has encountered significant privacy concerns and legal challenges, leading to the postponement of its EU launch. The extensive data collection for profiling purposes raises questions about compliance with EU privacy regulations. The forthcoming DMA and GDPR fines pose additional challenges for Meta’s privacy practices. As the legal landscape evolves and data protection enforcement tightens, Meta will need to address these concerns and adapt its approach to user privacy to navigate the complexities of the EU market.