South Korea has fined Meta Platforms, Facebook’s parent company, 21.62 billion won (approximately $15.67 million) for privacy violations.
The country’s Personal Information Protection Commission announced the penalty, stating that Meta unlawfully collected sensitive user data and shared it with advertisers without appropriate user consent.
The commission’s investigation revealed that Meta had gathered personal data from about 980,000 South Korean Facebook users, including their religious beliefs, political affiliations, and sexual orientation.
This data was then used to generate targeted advertising for some 4,000 advertisers. The findings highlight significant privacy and data protection failures, with Meta accused of not obtaining explicit consent from users for collecting and utilizing such sensitive information.
According to the commission, Meta analyzed Facebook user behavior—such as the pages they liked and the advertisements they clicked on—and then categorized them based on this sensitive data. Users were reportedly profiled on matters like religious beliefs, political status (such as being North Korean defectors), and sexual identity (such as identifying as transgender or gay), which were later used to tailor advertising content.
Additionally, the regulatory body found that Meta had refused user requests to access their personal information. The agency further noted that Meta had failed to protect the data of around 10 South Korean users, which was compromised in a hacker breach. These actions represent a breach of South Korea’s data protection laws, underscoring Meta’s alleged disregard for users’ privacy rights.
The fine is among Meta’s latest regulatory challenges as governments worldwide scrutinize its data practices and privacy policies.