According to Silicon Republic, a Madrid commercial court has ordered Meta to pay €479 million to 87 Spanish digital media outlets and news agencies for GDPR violations. The lawsuit was filed by media association Asociación de Medios de Información (AMI) in late 2023, originally seeking €550 million. The case focused on Meta’s actions between 2018 and 2023, specifically how the company processed user data for targeted advertising without proper consent. The court found that Meta’s actual net revenue in Spain during that five-year period was nearly €5.3 billion. Meta has already stated it will appeal the judgment, calling the claim “baseless” and arguing it ignores how online advertising works.
The Core GDPR Problem
Here’s what actually happened. When GDPR came into force in 2018, Meta made a crucial change to its legal basis for processing personal data. Instead of seeking proper user consent for behavioral advertising, the company started justifying it under different legal grounds. Basically, they tried to work around the consent requirements that GDPR was specifically designed to enforce. And they kept this approach running for five years before finally reverting their methods in 2023. The Spanish court looked at this and said, “Nope, that’s not how this works.”
Why This Matters Beyond Spain
AMI’s director general Irene Lanzaco wasn’t exaggerating when she called this a case with global implications. Look, if Meta’s approach to data processing was found illegal in Spain, what does that say about their operations across the entire EU? The court specifically found that publishers were “significantly disadvantaged” when competing with Meta for advertising. That’s the real kicker – this isn’t just about regulatory compliance, it’s about market fairness. When one player can allegedly ignore the rules that everyone else follows, the entire ecosystem suffers.
Meta’s Position and What Comes Next
Meta’s response is exactly what you’d expect from a tech giant facing a half-billion euro fine. They’re calling the claim “baseless” and saying there’s no evidence of actual harm. They point to their “clear choices” and “transparent information” for users. But here’s the thing – European courts have been consistently skeptical of Meta’s data practices for years. This isn’t their first GDPR rodeo, and it probably won’t be their last. The appeal process could drag on for years, but the initial ruling sends a clear message: European regulators are serious about enforcing their digital rules.
The Advertising Industry Fallout
So what does this mean for the online advertising world? If the ruling stands, it could force a fundamental rethink of how behavioral advertising works in Europe. The court essentially said Meta’s entire targeted ad revenue in the EU was obtained “in an illegitimate way.” That’s a pretty dramatic finding when you consider how much of Meta’s business model relies on precisely that revenue. Other platforms are probably watching this case very carefully and reevaluating their own compliance strategies. The days of “move fast and break things” are clearly over in Europe, at least when it comes to data protection.
