top of page

Meta's Subscription Model Sparks GDPR Debate: Balancing Privacy, Fees, and Universal Protection

Meta's controversial subscription model, currently under scrutiny by the Irish Data Protection Commission (DPC), is prompting intense debate over the perceived equity of charging European Union users for enhanced privacy. This development follows a pivotal ruling in July by the Court of Justice of the European Union, mandating that companies like Meta should obtain explicit user consent before tracking online activities for targeted advertising purposes. In response, Meta revealed its subscription plans in October, allowing users to opt-out of online tracking for a monthly fee of up to 13 euros.

Meta's Subscription Model Sparks GDPR Debate: Balancing Privacy, Fees, and Universal Protection

"The Irish DPC’s focus seemingly centers on whether the price charged for privacy is fair, rather than if a subscription model designed to monetize a right enshrined within the General Data Protection Regulation (GDPR) jibes with the legislation or not. A decision is likely in February," reports indicate.

Despite Meta's attempt to provide an alternative for users through a paid subscription, various European privacy and consumer groups, including the BEUC and NOYB, along with privacy regulators like the Norwegian Data Protection Authority, have openly criticized the "pay if you don't consent" approach. "European privacy and consumer groups, such as the BEUC and Max Schrems’ NOYB, as well as privacy regulators including the Norwegian Data Protection Authority, have publicly criticized Meta’s 'pay if you don’t consent' subscription plans," the reports state.

"The effectiveness of GDPR in protecting individuals’ fundamental rights could be brought into question," warns Victor Mound, a data protection lawyer at Charles Russell Speechlys. Mound emphasizes the potential conflict with GDPR principles, stating, "European guidance has long suggested that for consent to be freely given, individuals should be given the chance to withdraw consent ‘without detriment.’ Some might argue charging individuals to withdraw consent from tracking across Meta’s platforms would cause them financial detriment."


Joey Stanford, Vice President of Privacy and Security at tech firm, offers a nuanced perspective, acknowledging that while charging fees for privacy may not inherently breach GDPR provisions, it introduces complexities related to fairness, lawfulness, and transparency in data processing. Stanford raises concerns about potential socioeconomic disparities, where only those with financial means could afford privacy, potentially undermining the fundamental right to data protection for all.

"Meta has likely started a trend that many tech companies will be eager to jump on due to expenses associated with compliance," Joey Stanford adds. "However, its success will be based on how much individuals are willing to pay for their privacy. Many organizations will surely be keeping a close eye on it to see if this is a viable revenue stream."

Shaun Hurst, Europe, Middle East, and Africa principal regulatory adviser at software-as-a-service firm Smarsh, warns of a potential two-tier system emerging if Meta's subscription plans receive approval. "It could create a two-tier system where only those who can afford to pay can avoid targeted ads. It may also set a precedent for monetizing privacy," Hurst suggests. He believes that if Meta's plans get the green light, the GDPR will need to be revised. "It challenges the GDPR’s aim of universal privacy protection," he said. "As a result, there could be increased regulatory scrutiny and possibly new guidelines or amendments to ensure privacy isn’t commodified." The outcome of the Irish DPC's decision will likely shape the future landscape of data protection, influencing not only Meta but also serving as a precedent for how other tech companies approach privacy and monetization.



bottom of page