On June 26, Meta is releasing new terms and conditions. Under those terms, the company is allowed to use photos and messages shared with Meta’s services to train its AI tool Llama. The action group none of your business (noyb) has filed complaints in 11 European countries against this policy.
Meta Will Use Personal Posts to Train AI-models
Meta, the tech company behind Facebook, Messenger, Instagram and WhatsApp wants to use personal posts, images and online tracking data, among other things, as training material for their AI tools. One of their tools is Imagine with Meta AI, a tool based on Meta’s Llama 3 technology. Versions of Llama are also incorporated into Meta’s other services.
Private communications such as chats from WhatsApp are not going to be used by Meta, unlike photos published on Instagram or Facebook. According to Meta, the company has a legitimate interest in using this data. Even if you no longer have a Facebook account, your old posts may be used.
11 Complaints Filed by Noyb
Action group noyb is concerned about Meta’s use of personal data. They state that the data of 4 billion Meta users can be used for AI training, including data of 400 million Europeans.
Meta does not ask permission, so users do not have an opt-in. Nor is it possible to have your personal data removed from Meta’s system. According to noyb, this violates the GDPR. Facebook does offer an objection form as an opt-out.
The action group has filed complaints with data protection authorities of 11 European countries, including France, Germany, Ireland, Norway and Spain. Noyb is asking the authorities to start an urgent procedure. The Norwegian authority has already indicated that Meta’s methods are questionable.
Previous Verdict
The European Court of Justice (ECJ) has ruled on Meta’s use of personal data in 2021. According to the Court, the tech company has no legitimate interest in violating the right to data protection. According to noyb, Meta is going against this verdict with the new terms and conditions.
Noyb also criticized Meta’s attempt to make deals with the Irish Data Protection Commission (DPC) to bypass the GDPR. In a previous attempt to do so, the European Data Protection Board (EDPB) intervened. That resulted in a €395 million fine for the tech giant.
