Meta has added another privacy sanction to its extensive collection: South Korea’s data protection agency fined the social media giant around $15.7 million for processing sensitive user data and passing it to advertisers without a proper legal basis, Reuters reports.
Seoul’s Personal Information Protection Commission (PIPC) found Facebook’s parent collected information from about 980,000 users, on sensitive topics such as politics, sexuality, and religion, without obtaining their permission. It then shared it with some 4,000 advertisers in violation of local data protection rules.
Meta obtained the sensitive behavioral data by analyzing pages users had liked and ads they’d clicked on, among other tracking and profiling methods. PIPC said examples of sensitive info the company compiled included users being categorized as North Korean defectors, following a certain religion, or identifying as transgender or gay.
It also unfairly declined a user data access request and failed to prevent data on a small number of users being exposed to hackers.
Meta spokesman Matthew Pollard said: “We will be reviewing the full written decision once it’s shared with us. We remain committed to engaging with the PIPC to protect the privacy of South Korean users.”
