| There is nothing in there about retroactively applying laws. If there is anything, it may be that the laws were(/are) unclear. The Irish DPC states they never approved anything (but there has been discussions between various European data protection authorities and the EDPB during the investigation). See for example 2.44 or 2.46 of the report [1]: > It is factually not the case that the Commission endorsed or approved of the Terms of Service and Data Policy of Facebook or indeed of any other organisation and > To the extent that Facebook seeks to rely on or has ever relied on any consultative process with the Commission in order to defend the lawfulness of a particular practice, this has been in error. More pertinently, for present purposes, Facebook makes no such argument in the context of this Complaint. This is because the Commission never provided any such approval in this case nor does it do so in the context of its engagement and consultation role more generally If you look at the final decision on Meta, you'll see that most of the fine (80+70=150 million) is for the fact that Meta was not clear on what they were doing with user's data. Only the last 60 million is about the actual legal ground of the processing. So the past that Ben Thompson mentions essentially skips 70% of the fines. And yes, the data protection authorities are acting like a fair player and they are not the referee. We have courts for that (and this will find it's way through the courts, no worries). [1]: https://www.dataprotection.ie/sites/default/files/uploads/20... |