Meta’s “Privacy fee” at legal stake: noyb files new complaint

If you have a social media account in one or more of Meta’s services, you may remember seeing a pop-up recently saying that, if you do not want to be tracked, you must pay a “privacy fee” of 9,99€/month for web access and 12,99€/month for mobile device access. In recent years, Meta has attempted to circumvent the EU privacy laws consent requirements numerous times. Each time, they have tried to use every exemption available under the law, only to have regulatory agencies and courts rejecting these attempts over and over.

noyb, an NGO based in Austria known as one of the most well-know privacy advocates in Europe, has now filed a complaint before the Austrian data protection authority against Meta. Noyb believes that Meta has provided it’s users with a choice: pay us, or lose your fundamental rights. Remember that article 7.3 of GDPR states: “It shall be as easy to withdraw as to give consent”. This stems from the European Data Protection Board’s (EDPB) implementation instructions for Article 7 rules, which expressly state that it may be inappropriate to demand money in order to withdraw consent. 

The GDPR complaint was filed in Austria and asks the data protection authority to punish Meta and mandate that the company provide a suitable and straightforward method for consent to be withdrawn. However, noyb had previously filed other GDPR complaints that are specifically related to the “pay or okay” price. It filed a separate complaint in November, shortly after the announcement of the subscription plan, addressing the amount of money Meta is requesting for user privacy. The company receives an estimated €63 annually from the personalized ads it delivers to each user, according to the complaint (which was also filed with Austria’s DPA). However, the company is requesting at least €120 annually for its new subscription fee (and up to €250 annually if the user wants all available web and mobile services covered).

By contrasting the price of its membership with streaming services like Spotify and YouTube Premium, which offer the absence of advertisements as a major benefit, Meta has argued against noyb’s initial GDPR complaint. There are some clear distinctions, though: a large portion of the membership fees people pay for streaming services are used to license exclusive TV shows, movies, and music that, in comparison, users of Facebook and Instagram do not have access to. Additionally, Meta’s internet-wide ad networks that gather personal data as a payment incentive for consent withdrawal are not present in those services.

noyb has issued the data protection sector a warning, stating that if Meta wins, plenty of other apps may be able to charge users to withdraw their consent, causing a domino effect. According to noyb, the average mobile phone user has 35 installed apps. At prices comparable to Meta’s, this could add up to roughly €8,800 in annual membership costs. Moreover, a ruling against Meta would jeopardize its standing in the EU and compel it to withdraw from the area completely or obtain user authorization before proceeding further. Approximately 10% of the company’s yearly ad income comes from the EU, being one of its largest markets, which had a 35% increase in profit in 2023.

Share this article


In this constantly changing world of digital data, there is this hidden information known as “shadow data” that frequently eludes the data protection efforts of companies. Shadow data is unmonitored and unmanaged data that hides in the digital shadows, unlike its more noticeable counterpart, shadow IT, which refers to unapproved hardware or software within a company.  This blog will shed light on what shadow data is, its possible dangers, some examples, and the solution for uncovering shadow data and staying compliant.

Created by:

Picture of Borneo


Related articles



Subscribe to our legal newsletter and you will be the first to receive our new blog articles, webinar information, ebooks, and more.

Free Webinars