Meta has received multiple complaints about its plans to use customers’ data in AI training, which has resulted in privacy advocacy organizations and data protection authorities filing complaints in 11 countries. The privacy activist group Noyb filed the complaints after Meta updated its privacy policy.
Also read: Who Decides How Personal Data Is Used in Training AI Systems? PDPC Issues guidelines
Meta has its own LLM called Llama, whose latest version, Llama 3, was released in April. According to Noyb, the main issue is Meta’s proposal to use years of posts, including pictures, as training data to improve its artificial intelligence system. This training data, however, won’t include private messages between users and friends or their families.
Meta is accused of violating the GDPR
Meta has recently released its privacy policy update in the European market, and the latest updates come into effect on June 26. According to Noyb, a closer look at the links in the notification shows Meta’s plans to use data for an undefined AI technology. The firm also mentions that instead of asking for user consent, Meta maintains that it has a “legitimate interest that overrides the fundamental right” to data protection and the protection of EU users.
“Meta is basically saying that it can use ‘any data from any source for any purpose and make it available to anyone in the world,’ as long as it is done via ‘AI technology.” – Noyb founder Max Schrems.
Schrems also mentioned that Meta is violating the EU’s General Data Protection Regulation (GDPR). He further added that “Meta doesn’t say what it will use the data for, so it could either be a simple chatbot, extremely aggressive personalized advertising, or even a killer drone. Meta also says that user data can be made available to any third party.”
We (@NOYBeu) filed 11 complaints today against @MetaAI's attempt to just use all public and private data (other than chats) of roughly 400 million European users for unspecified current and future "AI technology". We asked for an urgency perocedure.https://t.co/U52U7CyNh3
— Max Schrems 🇪🇺 (@maxschrems) June 6, 2024
Can users opt out of it?
Noyb further indicates that users don’t have the right to get their data removed or the “right to be forgotten.” Due to these reasons, Noyb asked data protection authorities in 11 European countries to initiate processes to “stop this change immediately” before Meta operationalizes the updated policy this month.
Noyb has filed complaints with privacy groups in Austria, Belgium, France, Greece, Germany, Ireland, Italy, Netherlands, Norway, Poland, and Spain to act and stop the policy. According to Noyb, Article 66 allows data protection authorities to give preliminary halts for similar situations.
Also read: Italy Launches Investigation into OpenAI’s Sora Over Data Protection Concerns
A Meta spokesperson, however, told The Register that their actions are above board.
“We are confident that our approach complies with privacy laws, and our approach is consistent with how other tech companies are developing and improving their AI experiences in Europe.”
The Irish Data Protection Commission (DPC) said Meta delayed launching its project to respond to inquiries from the DPC, which have since been resolved. However, Noyb accuses Meta of making the opt-out decision difficult for users.
Cryptopolitan reporting by Enacy Mapakame