Fed's New Rate Hike Eye Infections Money-Saving Tips Huawei Watch Ultimate Adobe's Generative AI Tips to Get More Exercise 12 Healthy Spring Recipes Watch March Madness
Want CNET to notify you of price drops and the latest stories?
No, thank you

Meta's Targeted Ad Model Could Face EU Restrictions

Facebook and Instagram shouldn't be able to target users with ads based on their online activity when using the apps, EU privacy regulators reportedly say.

Meta logo on a phone
Meta's advertising machine could take a hit if the ruling is upheld.
James Martin/CNET

Meta-owned platforms Facebook and Instagram shouldn't be able to hide behind terms of service in requiring users to agree to targeted ads based on their activity within those apps, privacy regulators in the European Union reportedly ruled on Monday.

The apparent ruling, by a board representing all EU privacy regulators, hasn't been disclosed publicly. But The Wall Street Journal reported that it calls on Ireland's Data Protection Commission, which regulates Meta in the EU, to issue public orders reflecting its decision and to levy fines. The Journal cited unnamed people familiar with the regulators' decision.

Though Meta lets users opt out of targeted ads based on data from other apps and websites, they don't have that option when it comes to ads based on their activity within Meta's apps, such as what videos they watch or items they tap, the Journal said. If upheld, the ruling could prompt Meta to offer such an opt-out, the Journal reported, though it's unclear what steps Meta would take. 

Meta can appeal the ruling, but if upheld, the decision could deal a significant blow to the tech giant's lucrative advertising business, according to the Journal. With less data to rely on for advertising, personalized ads across Facebook and Instagram would be far less effective, and Meta relies on such ads for much of its revenue, the Journal said.

"This is not the final decision and it is too early to speculate," Meta told CNET in an email. A company spokesperson said the EU's existing and overarching General Data Protection Regulation "allows for a range of legal bases under which data can be processed, beyond consent or performance of a contract."

Meta is cooperating with Ireland's Data Protection Commission on its inquiries, the spokesperson said. The final decision will come from that agency and is expected in January, the company told CNET.  Ireland's Data Protection Commission didn't respond to CNET's request for comment.

This isn't the first time Meta has faced scrutiny from privacy regulators in Europe. The company was fined $275 million in November after data scraped from Facebook was found on the internet, and it was fined $400 million in September for failing to protect children's privacy on Instagram.