Meta, the parent company of Facebook, is facing legal troubles in Australia as two of its subsidiaries have been ordered to pay a hefty fine of $14 million due to undisclosed data collection practices. The case revolves around Onavo, a now-defunct Virtual Private Network (VPN) app that was acquired by Facebook in 2013. The app, touted as a separate brand from the flagship company, promised privacy and security to users, assuring them that their data would solely be used for Onavo Protect’s services.
However, investigations revealed that the app was sending user data, including location, app usage frequency, and visited websites, to Facebook for advertising purposes.
Despite disclosures in the app’s Terms of Service and Privacy Policy, the Australian court found that the statements were not prominently displayed or proximate to the listings, leading to deception and misleading practices.
Facebook Israel and Onavo admitted that the listings likely misled or deceived users, and they did not provide sufficient disclosures to Australian consumers regarding the additional uses of their data beyond Onavo Protect’s services. While the maximum penalty could have reached billions or trillions of dollars, the court assessed the appropriate range based on factors other than the maximum penalty’s theoretical value.
Meta has faced significant fines in the past for data-related issues. Instagram, which is owned by Meta, received a record fine of $400 million for mishandling children’s data, and Meta itself was fined $277 million for a data breach impacting millions of users.
Critics argue that social networks might view such fines as a mere cost of doing business, potentially undermining their incentive to address data privacy concerns. The long-term impact of these fines remains uncertain, raising questions about whether they will lead to meaningful changes in the way companies handle user data and privacy in the future.
