Meta’s AI Ambition Stalled in Europe: Privacy Concerns Trigger Regulatory Pause

By 2023, Meta AI proposed training its large language models (LLMs) based on user data from Europe. This proposal aims to improve LLMs’ ability to understand the dialect, geography and cultural references of European users.

Meta wanted to expand into Europe to optimize the accuracy of its artificial intelligence (AI) technology systems by training them to use user data. However, Ireland’s Data Protection Commission (DPC) raised major privacy concerns, forcing Meta to pause its expansion.

This blog discusses the DPC’s privacy and data security concerns and how Meta responded to them.

Privacy concerns raised by the DCP

The DPC is the main regulator of Meta in the European Union (EU). Following complaints, the DPC is investigating Meta’s data practices. Although she has requested Meta to suspend her plans until after an investigation, she may request additional changes or clarifications from Meta during the investigation.

One of those complainants, NOYB (none of your business), a privacy activist organization, has filed eleven complaints. In it, they argued that Meta violated several aspects of the General Data Protection Regulation (GDPR). One of the reasons given was that Meta did not explicitly ask users for permission to access their data, but only gave them the option to refuse.

In a previous case, Meta’s efforts were halted when it planned to target Europeans. The Court of Justice of the European Union (CJEU) ruled that Meta could not be used “legitimate interest” as justification. This ruling had a negative impact on Meta, as the company primarily relied on GDPR provisions to defend its practices.

The DPC has raised a list of concerns including:

1. Absence of explicit consent: As previously mentioned, Meta’s intentions were not entirely consensual. Their practices of sending consent agreements in notifications and potentially causing them to be missed made it difficult for users to opt out.
2. Unnecessary data collection: The GDPR stipulates that only necessary data may be collected. However, the DPC argued that Meta’s data set was excessively broad and lacked specifications.
3. Problems with transparency: Users were not informed exactly how their data would be used, creating a trust deficit. This was contrary to the principles of transparency and accountability of the GDPR.

These strict regulations posed significant obstacles for Meta, which responded by disagreeing with the DPC’s investigation and maintaining its compliance position.

Meta’s response

Meta was disappointed with the break and responded to the DPC’s concerns. They claimed that their actions were compliant with the regulations, citing the GDPR’s provision of ‘legitimate interests’ to justify the data processing practices.

Additionally, Meta argued that it had informed users in a timely manner through various communication channels and that its AI practices aim to improve the user experience without compromising privacy.

In response to user opt-in concerns, Meta argued that this approach would yield limited data volume, making the project ineffective. Therefore, the notification is strategically placed to maintain the size of the data.

However, critics highlighted that the reliance on ‘legitimate interests’ was insufficient for GDPR compliance and opaque for explicit user consent. Furthermore, they found the level of transparency to be inadequate, with many users unaware of the extent to which their data was being used.

A statement issued by Meta’s Global Engagement Director marked the company’s commitment to user privacy and regulatory compliance. In it, he emphasized that Meta would address the DPC’s concerns and work to improve data security measures. Additionally, Meta is committed to user awareness, user privacy, and the development of responsible and explainable AI systems.

Consequences of Meta’s AI pause

As a result of the pause, Meta has had to re-strategize and reallocate its financial and human capital accordingly. This has negatively impacted operations, leading to more recalibration.

Furthermore, this has led to regulatory uncertainty regarding data practices. The DPC’s decision will also pave the way for an era in which the technology industry may face much more, even stricter, regulation.

Meta’s metaverse, which is considered the “successor to the mobile internet,” will also experience a slowdown. Since collecting user data from different cultures is one of the essential factors for the development of the metaverse, the pause disrupts its development.

The break seriously affected public perception of Meta. Meta may be considering losing its competitive edge, especially in the LLM field. As a result of the pause, stakeholders will also question the company’s ability to manage user data and adhere to privacy regulations.

Broader implications

The DPC’s decision will have implications for the laws and regulations surrounding data privacy and security. Furthermore, this will push other companies in the technology sector to take precautions to improve their data protection policies. Technology giants like Meta must find a balance between innovation and privacy, and ensure that the latter is not compromised.

Furthermore, this pause presents an opportunity for ambitious tech companies to capitalize on Meta’s setback. By taking the lead and not making the same mistakes as Meta, these companies can drive growth.

Visit to stay up to date with AI news and developments around the world Unite.ai.