Meta’s AI data grab sparks legal battle as privacy group fights back

• Meta faces fierce backlash for resuming AI data collection in the EU despite a €1.2 billion fine, with privacy group noyb threatening legal action over its opt-out consent model.
• Critics accuse Meta of exploiting legal loopholes by claiming “legitimate interest” to harvest user data without explicit consent, violating GDPR principles.
• Privacy activist Max Schrems condemns Meta’s tactics, arguing competitors like OpenAI prove AI can thrive without social media data scraping.
• Noyb has issued a cease-and-desist letter, warning of injunctions and a potential billion-euro class-action lawsuit if Meta doesn’t halt its AI training practices.
• The legal battle could redefine data privacy in Europe, testing whether corporations can bypass consent or if regulators will enforce stricter accountability.

In a brazen move that reeks of corporate arrogance, Meta, the tech behemoth behind Facebook and Instagram, has once again ignited a firestorm over privacy rights by attempting to exploit Europeans’ personal data for AI training.

Despite being slapped with a staggering €1.2 billion fine in 2023 for violating EU data laws, Meta is doubling down, claiming it now has regulatory approval to resume harvesting public posts and interactions from millions of users. But privacy watchdog noyb (which stands for “none of your business”) isn’t backing down, issuing a cease-and-desist letter and threatening a massive class-action lawsuit to stop Meta’s latest assault on digital freedoms.

This isn’t just about data; it’s about control. Meta insists it has a “legitimate interest” in vacuuming up personal information, but critics argue the company is trampling on fundamental rights, forcing users into an opt-out scheme rather than seeking their explicit consent. With billions in potential damages on the line, this battle could redefine how Big Tech operates in Europe and whether corporations can continue profiting from personal data without accountability.

Meta’s shady AI training scheme

After pausing its AI data collection in June 2024 following regulatory pushback, Meta announced in April 2025 that it would resume training its AI models using public posts and interactions from EU and European Economic Area users. The company claims the European Data Protection Board (EDPB) gave its approach a green light, stating, “We welcome the opinion provided by the EDPB in December, which affirmed that our original approach met our legal obligations.”

But noyb, led by privacy activist Max Schrems, calls this a gross misinterpretation. The group argues that Meta is exploiting a legal loophole by relying on “legitimate interest” rather than obtaining opt-in consent, as required under the EU’s General Data Protection Regulation (GDPR).

Schrems minced no words: “The European Court of Justice has already held that Meta cannot claim a ‘legitimate interest’ in targeting users with advertising. How should it have a ‘legitimate interest’ to suck up all data for AI training?”

A fight for consent… or corporate theft?

At the heart of the dispute is a simple question: Should users have a say in how their data is used, or should tech giants like Meta simply take it by default? Meta’s opt-out system forces users to actively object to their data being harvested in a tactic that privacy advocates say is deliberately designed to maximize compliance while minimizing transparency.

Schrems slammed Meta’s justification as absurd: “Meta starts a huge fight just to have an opt-out system instead of an opt-in system. Instead, they rely on an alleged ‘legitimate interest’ to just take the data and run with it. This is neither legal nor necessary.” He pointed out that competitors like OpenAI and Mistral have built powerful AI models without relying on social media data, proving Meta’s claims of necessity are baseless.

Legal showdown looms

Noyb isn’t just issuing warnings; it’s preparing for war. The group has set a May 21 deadline for Meta to respond to its cease-and-desist letter. If Meta refuses to back down, noyb could file injunctions across multiple EU jurisdictions, potentially forcing Meta to delete illegally trained AI models. Even worse for Meta, a class-action lawsuit could see the company on the hook for billions in damages.

Schrems laid out the stakes: “If you think about the more than 400 million European Meta users who could all demand damages of just €500 or so, you can do the math.” With German consumer groups also gearing up for legal action, Meta faces a coordinated resistance that could derail its AI ambitions in Europe.

Meanwhile, Meta continues to play the victim, accusing noyb of stifling innovation. A spokesperson dismissed the group’s actions as “part of an attempt by a vocal minority of activist groups to delay AI innovation in the EU.” But critics argue that Meta’s real goal isn’t progress; it’s profit, no matter the cost to privacy.

A reckoning for Big Tech?

Meta’s latest power grab is a test of whether Europe’s data protection laws have teeth or if corporations can simply ignore them. The company’s history of fines and violations suggests a pattern of disregard for user rights, and noyb’s legal offensive could finally force accountability.

If Meta succeeds in bulldozing privacy protections, it sets a dangerous precedent that personal data is corporate property, not a fundamental right. But if noyb prevails, it could mark a turning point in the fight against Big Tech’s unchecked exploitation.

Sources for this article include:

ReclaimTheNet.org

Reuters.com

Noyb.eu

ArsTechnica.com