Other privacy problems for the tech giant Facebook, the company has been fined for a series of privacy violations in Spain.
According to the AEPD, the social network giant collects users’ personal data without informed and ‘unequivocal consent’ for commercial purposes. It is sharing the data with advertisers and marketers without informing users, the company collects sensitive data on user’s ideology, religious beliefs, sex and personal tastes and navigation.
“The Agency notes that the social network collects, stores and uses data, including specially protected data, for advertising purposes without obtaining consent.
The data on ideology, sex, religious beliefs, personal preferences or browsing activity are collected directly, through interaction with their services or from third party pages without clearly informing the user about how and for what purpose will use those data” states the AGDP.
The list of violations continues, Facebook doesn’t totally cancel information when no longer needed for the purpose they were collected.
The Spanish Agency considered identified two serious and one very serious infringements of the Data Protection Law and imposes on the company a sanction of 1,200,000 euros.
The AEPD fined Facebook for €600,000 due to a “very serious” infringement, while the remaining two serious violations are:
The AEPD accuses Facebook of using a privacy policy containing “generic and unclear terms,” and that doesn’t “adequately collect the consent of either its users or nonusers, which constitutes a serious infringement.”
“We take note of the DPA’s decision with which we respectfully disagree. Whilst we value the opportunities we’ve had to engage with the DPA to reinforce how seriously we take the privacy of people who use Facebook, we intend to appeal this decision.”
“As we made clear to the DPA, users choose which information they want to add to their profile and share with others, such as their religion. However, we do not use this information to target adverts to people.” states Facebook.
In May, the company was fined €150,000 because the techniques used to target advertising and track users.
[adrotate banner=”9″]
(Security Affairs – social network, privacy)
[adrotate banner=”12″]
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.