SAN FRANCISCO — The setting that let Facebook and Instagram users disconnect their shopping history from their accounts will disappear next month, replaced by a narrower control that does not offer the same protection. Meta announced the change Tuesday, framing it as a simplification. What the company did not emphasize is which countries will not be affected: the European Union, the United Kingdom, Brazil, South Africa, Nigeria, Kenya, South Korea, Turkey, Ecuador, and Thailand are all excluded from the rollout at launch.
The list is not random. It tracks, almost exactly, the jurisdictions where data regulators have fined Meta most heavily, where GDPR-equivalent laws apply, or where enforcement pressure has historically forced the company to modify its practices. Europe has levied €2.6 billion in GDPR penalties against Meta over five years. The UK’s Information Commissioner’s Office has maintained parallel scrutiny since Brexit. Brazil’s Lei Geral de Proteção de Dados — its national privacy law — came into full enforcement in 2021. Meta told The Wall Street Journal that the change will go into effect in the United States and other countries with “more countries to follow,” but a spokesperson confirmed the excluded list separately.
The mechanism being retired is called “Your activity off Meta technologies.” It allowed users to break the link between their account and the data that businesses — retailers, app developers, gaming platforms — routinely send to Meta about what those users do outside Facebook and Instagram. That data has long powered Meta’s advertising targeting. Under Tuesday’s announcement, it will now also shape what users see in their main feeds, in their Reels recommendations, and in responses from Meta AI. The company told users that if they recently purchased a tent, they might see more camping Reels — the gentlest possible framing of a substantially broader data-use expansion.
The replacement setting is called “Activity from other businesses,” previously known as “Activity information from ad partners.” It lets users choose whether Meta uses off-platform business data to show them personalized content. Critically, turning it off does not stop businesses from sending their data to Meta. It only prevents Meta from using that data to target the individual user’s feed and ads. The underlying data pipeline remains intact regardless of what users select.
Meta has been methodical about expanding the surface area of its data use in recent months. Earlier this year, the company introduced an “incognito” mode for AI conversations on WhatsApp, positioning it as a privacy measure while simultaneously signaling that standard AI interactions would be used to refine its services. In May, Instagram moved to end default end-to-end encryption on direct messages in a policy reversal that drew immediate criticism from digital rights groups. Tuesday’s announcement continues the same pattern: each change is framed in the language of user control while the practical effect is a broader claim on user data.
The scale Meta is operating at is worth pausing on. The company’s most recent earnings filing puts its daily active user base at 3.58 billion — a figure that exceeds the combined populations of China, India, and the United States. The decision about which countries receive which privacy settings is, in effect, a governance decision affecting a population larger than any nation on earth, made unilaterally by a Menlo Park corporation.
The geographic disparity in the rollout is not new for Meta, but it is unusually stark. When Meta began using AI chat interactions to personalize feeds and ads in late 2025, that rollout also excluded the European Union, the United Kingdom, and South Korea — the same cluster of high-scrutiny markets. Each time, the company cited regulatory differences. Privacy advocates note that the pattern amounts to a two-tier internet: users in markets with strong enforcement receive meaningful opt-outs, while users in the United States and elsewhere are placed in a structure that requires active effort to resist.
For advertisers and investors, the move is straightforwardly positive. Meta’s ad targeting has always depended on the richness of its off-platform data signals. Extending those signals from the ad layer into the content recommendation layer makes the system more predictive — and, from an advertiser’s standpoint, more valuable. The company has faced mounting legal and civic accountability in recent years, but its data advantage over competing platforms remains structurally intact — and Tuesday’s change widens it.
What that calculus does not account for is the regulatory trajectory in markets not yet excluded. The European Data Protection Board and the European Data Protection Supervisor issued Joint Opinion 2/2026 in February, warning that pending Digital Omnibus legislation that would narrow the GDPR’s definition of personal data went “far beyond a targeted or technical amendment.” EDPB Chair Anu Talus said plainly that simplification was “not at the expense of fundamental rights.” That opinion is a signal that European regulators are in no mood to allow the kind of data-use expansion Meta is now rolling out in the United States — and are actively fighting to prevent domestic legislation from making it easier. The Verge reported the same regulatory asymmetry is visible across Meta’s recent product rollouts.
The question Meta’s blog post does not answer, and which the company’s spokesperson declined to address, is what happens to the excluded markets next. The phrase “more countries to follow” in Tuesday’s statement carries different weight depending on where you sit. For users in the European Union, it is an assurance that the continent’s regulatory framework is working as designed. For users in Nigeria or South Africa — where Meta excluded those markets not because of regulatory muscle but, according to people familiar with the matter, because of uncertain data infrastructure — it raises a different concern: whether the protection is structural or temporary.
Meta’s track record on this question is instructive. The data-use controls it is now removing in the United States are controls it introduced, at least in part, under regulatory pressure. What is being retired is not a feature Meta designed to protect users. It is a concession Meta made to stay compliant — and it is being retired in the markets where the pressure to maintain it has eased.
