What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://www.facebook.com/off_facebook_activity', 'difficulty': 'MODERATE', 'action_type': 'OPT_OUT_ARBITRATION', 'instructions': "Go to facebook.com/off_facebook_activity, click 'Clear History' to disconnect past off-Facebook browsing data from your profile, then select 'Manage Future Activity' and turn off future off-Facebook activity tracking.", 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': "The FTC has enforcement authority over Meta's data combination practices under FTC Act Section 5 and has issued enforcement actions against Meta for deceptive cross-platform data use.", 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Cross-Platform Data Combination clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Cross-Platform Data Combination — Meta

Share 𝕏 Share in Share 🔒 PDF

Watch Meta Get alerts when this provision or policy changes.

Watch — $9.99/mo

What it is

Meta takes all the information it has about you from Facebook, Instagram, Messenger, and WhatsApp and combines it into a single profile, which is also enriched with data from outside companies and public sources.

Why it matters (compliance & risk perspective)

This means a single behavioral or demographic signal from one app — say, a health group you joined on Facebook — can influence what ads you see on Instagram, creating a far more comprehensive and potentially sensitive profile than users expect from any single service.

Consumer impact (what this means for users)

Your activity on Instagram, Facebook, WhatsApp, and Messenger is merged into one unified advertising profile, meaning data you share in one context (such as a health-related Facebook group) can shape your experience across all Meta platforms.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Opt Out of Arbitration

Go to facebook.com/off_facebook_activity, click 'Clear History' to disconnect past off-Facebook browsing data from your profile, then select 'Manage Future Activity' and turn off future off-Facebook activity tracking.

How other platforms handle this

Google Medium

We will share personal information outside of Google if we have a good-faith belief that disclosure of the information is reasonably necessary to: Respond to any applicable law, regulation, legal process, or enforceable governmental request.

Reddit Medium

Reddit, Inc., is based in the United States and we process and store information on servers located in the United States. We may store information on servers and equipment in other countries depending on a variety of factors, including the locations of our users and service providers. By accessing o...

Microsoft Medium

Microsoft complies with applicable legal requirements providing adequate protection for the transfer of personal data to countries outside of the EEA. We transfer personal data from the EEA using the European Commission approved Standard Contractual Clauses.

See all platforms with this clause type →

This clause could change without notice.

Get alerted when Meta updates this policy — with plain-language summaries and severity ratings.

Watch Meta Need compliance memos? Professional →

View original clause language

We combine information about you from across the Meta Products and devices you use. We also combine information about you that we receive from third-party partners, and information about you that is available from public sources. We share information about you across the different Meta Products, and we use that information to provide and improve these products, for ads and measurement purposes, and to promote safety, integrity, and security.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: This provision implicates GDPR Art. 6(1)(f) (legitimate interests as legal basis for cross-platform combination), Art. 9 (special category data that may be inferred through combination), Art. 22 (automated profiling), and Recital 47 (legitimate interests balancing test). The Irish DPC is the lead supervisory authority; all EU/EEA DPAs retain concurrent jurisdiction. CCPA/CPRA §1798.140 (definition of 'sharing' for cross-context behavioral advertising) and §1798.120 (right to opt out of sharing) are also engaged.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC has enforcement authority over Meta's data combination practices under FTC Act Section 5 and has issued enforcement actions against Meta for deceptive cross-platform data use.
File a complaint →