South Korea fines Meta $15 million for storing data of Facebook users
SEOUL, South Korea: South Korea’s privacy watchdog has fined Meta 21.6 billion won (US$15 million) for collecting and sharing sensitive personal data from Facebook users without proper consent.
The fine follows a four-year investigation by the Personal Information Protection Commission, which found that Meta gathered information about around 980,000 users, including political views, sexual orientation, and religious beliefs, and shared it with around 4,000 advertisers between July 2018 and March 2022.
Under South Korea’s privacy laws, data related to personal beliefs, political views, and sexual behavior are strictly protected and require explicit consent for processing.
The commission reported that Meta identified users’ interests by analyzing their engagement with specific pages and ads on Facebook, tagging interests in areas such as religion, LGBTQ+ issues, and topics concerning North Korean defectors.
Lee Eun Jung, a director at the commission, stated that Meta vaguely referenced this data collection in its policy without seeking specific consent, thus violating user privacy. Additionally, the commission noted that Meta’s failure to secure inactive Facebook pages allowed hackers to forge identities and reset account passwords for other users, resulting in data breaches affecting at least 10 South Koreans.
Meta’s South Korean office stated it would “carefully review” the decision but did not offer further comment.
This fine is the latest in a series of penalties against Meta by South Korean authorities. In 2022, both Meta and Google were fined a combined 100 billion won ($72 million) for tracking users’ online behavior without consent. The commission at that time directed both companies to provide more precise consent mechanisms, allowing users more control over their data.
Meta also faced a 6.7 billion won ($4.8 million) fine in 2020 for sharing personal information with third parties without users’ permission.