Italy’s competition regulator has fined Facebook US$11 million for its “aggressive” business practices, pre-selected functions, and a mammoth data breach.

The Italian Competition Authority (ICA) launched an investigation in April into alleged violations of the Consumer Code by Facebook Ireland Ltd. and its parent company, Facebook Inc. The deep dive wrapped up on November 29 and now Facebook is being forced to pay up.

The ICA found Facebook to have violated four of the Consumer Code articles (21, 22, 24 and 25). Facebook did this by claiming the service to be “free” for users all whilst not disclaiming how the company earns revenue from user data.

ICA’s statement, released Friday, said Facebook fails to be transparent about its use of data:

Facebook emphasizes the free nature of the service but not the commercial objectives that underlie the provision of the social network service, thus inducing users into making a transactional decision that they would not have taken otherwise (i.e., to register in the social network and to continue using it).

The information provided is in fact general and incomplete and does not adequately make a distinction between the use of data to personalize the service (in order to connect “consumer” users with each other) and the use of data to carry out advertising campaigns aimed at specific targets.