Meta subsidiaries ordered to pay $20 million to Australian government over 'misleading' ads for security app


Two subsidiaries of Facebook owner Meta have been ordered to pay the Australian government $20 million for misleading customers by not adequately advising them a free security app was mining their data.

Consumer watchdog the Australian Competition and Consumer Commission (ACCC) launched action against Meta companies Facebook Israel and Onavo Inc in the Federal Court, claiming they misled customers in promoting an app advertised as protecting users' data.

The VPN app, Onavo Protect, was spruiked on app stores on Android and Apple devices as a way to "keep your data safe when you browse and share information on the web".

But, the court heard, the ads did not make clear that tech giant Meta used Onavo Protect as a "business intelligence tool", allowing it to "know nearly everything" users were doing on their mobile devices.

The companies accepted they contravened the Competition and Consumer Act 2010 in that the listings for Onavo Protect were likely to mislead or deceive consumers about how their data would be used.

Justice Wendy Abraham ordered on Wednesday that the companies, both owned by Meta, pay $10 million each to the Commonwealth of Australia.

"While Onavo Protect was advertised and promoted as protecting users' personal information and keeping their data safe, in fact, Facebook Israel and Onavo used the app to collect an extensive variety of data about users' mobile device usage," she wrote in her judgement.

"An anonymised and aggregated form of that data was provided to their parent company, Meta Platforms Inc (Meta), and used by Meta for a range of commercial purposes."

An advertisement for free security app Onavo Protect tendered to the Federal Court.(Supplied)

In a statement, a spokesperson for Meta said the ACCC acknowledged in its case that the listings were not deliberately misleading and that Onavo did function properly as an online security tool.

"There was no allegation by the ACCC that the app did not function properly as an online security tool," they said.

"Protecting the privacy and security of people's data is fundamental to how Meta's business works. Over the last several years, we have built tools to give people more transparency and control over how their data is used, and we design every new product and feature with privacy in mind."

Disclosures on how data would be used were included in the terms of service and privacy policy for Onavo Protect, the court heard.

However, it was accepted this information was "not sufficiently prominent or proximate" to the listed advertisements for the product on app stores.

Onavo Protect was downloaded more than 271,000 times in Australia between February 2016 and October 2017.

Justice Abraham wrote that under the Act, the maximum penalty that could imply was "more than $145 billion", or $1.1 million for each breach.

She said the contraventions were "undoubtedly serious", noting thousands of Australians were deprived of an opportunity to make an "informed choice about the collection and use" of their data.

"I am satisfied the agreed penalty of $20 million, in the circumstances, satisfies the significant element of deterrence required in this proceeding," Justice Abraham said.

"It carries with it a sufficient sting to ensure that the penalty amount is not such as to be regarded by the parties or others as simply an acceptable cost of doing business."

She also ordered Meta's companies to contribute $400,000 towards the ACCC's legal costs.



Post a Comment

0 Comments