Meta subsidiaries Facebook Israel and Onavo Inc have been hit with penalties of $10 million each over misusing Australian users' data from the latter’s Onavo Protect app in action brought on by the national consumer watchdog.
The Federal Court declared that both subsidiaries’ conduct was liable to mislead the public in the app’s promotions from February 2016 to October 2017 by not saying that user data would be utilised for any reason other than the app’s usage.
Onavo Protect, a free app offering a virtual private network (VPN) service, was available to download from 1 February 2016 to February 2019. During the infringing period, the app was advertised as protecting users’ data, using language like “Use a free, fast and secure VPN to protect personal information” and “Helps Keep You and Your Data Safe”.
However, both subsidiaries shared this information with their parent company, which was previously named Facebook Inc, for commercial benefit, with anonymised and aggregated data shared including internet and app activity; records of every app that users accessed and the time spent using the apps were captured and used to support market research activities.
The case was brought on by the Australian Competition and Consumer Commission (ACCC), with chair Gina Cass-Gottlieb claiming the reason action was taken was that “many consumers are concerned about how their data is captured, stored and used by digital platforms”.
“In the case of the Onavo Protect app, we were concerned that consumers seeking to protect their privacy through a virtual private network were not clearly told that in downloading and using this app they were actually facilitating the use of their data for Meta’s commercial benefit,” she said.
In addition to the penalties, Facebook Israel and Onavo were ordered to pay a contribution to the ACCC’s cost, consented to the declarations and costs order, as well as made joint submissions with the ACCC in relation to penalties.