MADRID – The Spanish data protection agency (AEPD) reported on Monday that it had fined Facebook €1.2 million ($1.4 million) for violating local laws, after the social media giant gathered, collected and used data for publicity without consent.
The AEPD said information on ideology, gender, religious beliefs, personal tastes or online navigation were directly collected via interaction with Facebook’s services or from third-party pages, but that users were not being clearly informed of how it would be utilized and to what ends.
“Facebook does not receive unequivocal, specific and informed consent from users for managing their data, as the information it offers is not adequate,” said the agency in a statement.
The social network would also handle highly protected data for publicity without express permission from users and would keep it even when users specifically requested it be deleted.
According to the AEPD, this would happen even if users were not members of the popular social network but visited its pages as well as when browsing third party pages while not signed in to Facebook.
“The Agency declares that two serious infractions and one very serious infraction of the Data Protection Law were committed and imposes a 1.2 million euro fine on Facebook,” read the statement.
The AEPD is part of a contact group alongside authorities from Belgium, France, Hamburg and the Netherlands, which have also launched investigations on the company.