SEOUL, South Korea (AP) – South Korea’s privacy watchdog was fined Tuesday. social media company meta 21.6 billion won ($15 million) for illegally collecting sensitive personal information, including data about political views and sexual orientation, from Facebook users and sharing it with thousands of advertisers.
This is the latest in a series of penalties South Korean authorities have handed out to Meta, which also owns Instagram and WhatsApp, in recent years as the company faces increased scrutiny over how it handles personal information.
As a result of a four-year investigation, South Korea’s Personal Information Protection Commission found that from July 2018 to March 2022, Meta collected information about approximately 980,000 people, including their religion, political opinions, and whether they are members of a homosexual union. It concluded that the company illegally collected sensitive information about Facebook users.
The company said it shared data with about 4,000 advertisers.
South Korean privacy laws strictly protect information related to personal beliefs, political opinions, and sexual behavior and prohibit companies from processing or using such data without the specific consent of the person concerned. Masu.
The commission said Meta collected sensitive information by analyzing the pages Facebook users liked and the ads they clicked.
Lee Eun-jung, the director of the commission who led the investigation into Meta, said the company uses cookies to identify users interested in topics such as specific religions, same-sex and transgender issues, and issues related to North Korean defectors. It is said that the advertisements were classified.
“Meta was collecting this sensitive information and using it for personalized services, but it only vaguely mentioned this use in its data policy and did not provide specific consent,” Lee said.
Lee also said that Meta was putting Facebook users’ privacy at risk by neglecting basic security measures such as removing and blocking inactive pages. As a result, hackers were able to use inactive pages to forge identities and request password resets for other Facebook users’ accounts. Meta approved these requests without proper verification, resulting in a data breach for at least 10 Korean Facebook users, Lee said.
In September, European regulators attack meta In 2019, a security lapse that briefly exposed users’ passwords in unencrypted form led to fines of more than $100 million.
Mehta’s South Korean office said it would “carefully consider” the committee’s decision, but had no immediate further comment.
In 2022, the commission imposed a fine. Google and Meta have a combined value of 100 billion won ($72 million) The fine was the largest ever imposed in South Korea for violating privacy laws for tracking consumers’ online behavior without their consent and using that data for targeted advertising.
The commission later said the companies used other websites and services outside of their own platforms and did not clearly notify users or obtain their consent to collect data about them. It ordered companies to provide “simple and clear” consent processes to give people more control over whether information about their online behavior is shared.
The commission also fined Meta 6.7 billion won ($4.8 million) in 2020 for providing the personal information of itsx users to a third party without their consent.
