Norway data protection authority, Datatilsynet, has declared that it will impose a daily fine of one million Norwegian crowns ($98,500) on Meta Platforms, the parent company of Facebook and Instagram, beginning August 14, due to privacy breaches.
This decision follows Datatilsynet’s prior warning on July 17, where the company was given notice of potential penalties if it didn’t address the privacy violations that were identified.
The regulatory action is directed at Meta’s practice of collecting user data in Norway, including physical locations, to enable targeted behavioral advertising—an approach commonly employed by major tech firms.
The fine is set to be effective until November 3, subject to potential extensions or permanence as determined by the European Data Protection Board.
Tobias Judin, who heads Datatilsynet’s international section, underscored the imminent consequences, noting that “a daily fine of 1 million crown will start to apply” as of next Monday.
This enforcement underscores the authority’s commitment to upholding data protection standards within the country and possibly throughout Europe.
Despite not being a member of the European Union, Norway operates within the European single market, potentially leading to broader implications if the case is referred to the European Data Protection Board.
However, Datatilsynet has yet to take this step.
In response to these regulatory challenges, Meta recently announced its intention to seek user consent within the European Union before facilitating targeted advertising for businesses based on user activities on Facebook and Instagram.
This adjustment aligns with a directive from Ireland’s Data Protection Commissioner issued in January, which called for a reevaluation of Meta’s legal foundation for ad targeting in the region.
With the implementation date of the fine approaching, Meta Platforms is likely to face heightened scrutiny not only in Norway but also from other European data protection authorities.