Discussion Paper
Meta’s Path to Compliant Processing of Personal Data in Europe
Published: March 2025
Across the European Union, the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR) framework serve to regulate social networks and other online platforms, with the aims of ensuring fair competition and protecting user privacy.
This paper examines Meta's current approach to the processing of personal user data in Europe. It identifies key aspects of that approach that obscure user choices, making it difficult for users to understand what data Meta is collecting and how it will use that data across and beyond its products.
It provides concrete recommendations for how to bring Meta into compliance with the DMA and the GDPR. Key to this is ensuring users can make a “free choice” to share their data without coercion by the platform.
The paper also discusses different ways platforms can allow users to benefit from the data economy, explains how to preserve ad-supported platforms like those that Meta runs while respecting user consent and choice, and provides real-time guidance to regulators on the economic and legal considerations surrounding this complex issue.
This paper examines Meta's current approach to the processing of personal user data in Europe. It identifies key aspects of that approach that obscure user choices, making it difficult for users to understand what data Meta is collecting and how it will use that data across and beyond its products.
It provides concrete recommendations for how to bring Meta into compliance with the DMA and the GDPR. Key to this is ensuring users can make a “free choice” to share their data without coercion by the platform.
The paper also discusses different ways platforms can allow users to benefit from the data economy, explains how to preserve ad-supported platforms like those that Meta runs while respecting user consent and choice, and provides real-time guidance to regulators on the economic and legal considerations surrounding this complex issue.