On April 22, 2021, the European Data Protection Board (‘EDPB’) published the final version of its guidelines on the targeting of social media users which were adopted on 13 April 2021.
The main aim of these guidelines is to clarify the roles and responsibilities among the social media provider and the targeter. In order to do so, the guidelines also identify the potential risks for the rights and freedoms of individuals, the main actors and their roles, and tackle the application of key data protection requirements (such as lawfulness and transparency, DPIA, etc.)as well as key elements of arrangements between social media providers and the targeters.
The scope of these Guidelines covers the relationships between the registered users of a social network, its providers, as well as the targeters. Thorough analysis, of scenarios, such as individuals that are not–registered with social media providers does not fall under the scope of the present guidelines.
The Guidelines can be found HERE