Meta fined $15 million by South Korea for illegally collecting Facebook users’ information

Written by: KIM TONG-HYUNG, Associated Press

SEOUL, South Korea (AP) — South Korea’s privacy watchdog on Tuesday sued social media company Meta for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing that information with others. imposed a fine of 21.6 billion won ($15 million) for thousands of advertisers.

It was the latest in a series of fines handed down to Meta in recent years by South Korean authorities, who have stepped up scrutiny of how the company, which also owns Instagram and WhatsApp, handles private information.

After a four-year investigation, South Korea’s Personal Information Protection Commission concluded that Meta illegally collected sensitive information about approximately 980,000 Facebook users from July 2018 to March 2022, including their religion, political views and whether they were in same-sex partnerships .

It was stated that the company shared the data with approximately 4,000 advertisers.

• More: Technology companies remove Russian drone factory’s social media accounts after AP investigation

South Korea’s privacy law provides strict protection for information about personal beliefs, political opinions and sexual behavior and prohibits companies from processing or using such data without the specific consent of the individual concerned.

The Commission said Meta collects sensitive information by analyzing the pages Facebook users like or the ads they click on.

Lee Eun Jung, director of the commission that conducted the investigation into Meta, said the company categorizes ads to identify users interested in themes such as specific religions, homosexuality and transgender issues, and topics related to North Korean defectors.

“While Meta collected this sensitive information and used it for personalized services, it only vaguely referenced this use in its data policies and did not receive specific consent,” Lee said.

• More: Meta fined record $1.3bn ordered to stop sending European user data to US

Lee also said Meta puts Facebook users’ privacy at risk by not implementing basic security measures, such as removing or blocking inactive pages. As a result, hackers were able to use inactive pages to spoof identity and request reset passwords for other Facebook users’ accounts. Lee said Meta approved these requests without proper verification, resulting in data breaches affecting at least 10 South Korean Facebook users.

In September, European regulators fined Meta more than $100 million for a 2019 security flaw in which user passwords were temporarily exposed in an unencrypted form.

Meta’s South Korean office said it would “carefully review” the commission’s decision but did not immediately comment further.