Meta, the parent company of Facebook, has been fined €1.2 billion ($1.3 billion) by the European Union (EU) for breaching the General Data Protection Regulation (GDPR). The fine comes as a result of Meta’s failure to adequately protect European users’ personal data from American security services’ surveillance activities.
Record-breaking GDPR fine for exporting European data to the US
The Irish Data Protection Commission, which made the decision, stated that Meta’s data transfers to the United States did not sufficiently address the risks to individuals’ fundamental rights and freedoms. The company used standard contractual clauses (SCCs) to transfer data to the US, but these measures were deemed inadequate following a ruling by the EU’s highest court.
In addition to the record-breaking fine, Meta has been given a five-month deadline to halt any future transfer of personal data to the US and a six-month deadline to stop the unlawful processing and storage of transferred personal data from the EU in the US.
This decision is part of an ongoing dispute that has created legal uncertainty for Facebook and other companies. The EU’s highest court invalidated an EU-US agreement governing data transfers in 2020 due to concerns about data protection in the US. Subsequently, the Irish authority ordered Facebook to cease transferring data to the US using alternative mechanisms like contractual clauses.
Efforts have been made to establish a new EU-US data flows agreement, and a replacement for the defunct “Privacy Shield” agreement was proposed in December 2022. The fine imposed on Meta coincides with the fifth anniversary of the GDPR, which is considered the global standard for privacy protection.
Meta intends to challenge the decision and the fine, emphasizing the potential harm to millions of people who use Facebook every day. The company warns that if it is forced to stop using contractual clauses without a suitable alternative, it may have to shut down services like Facebook and Instagram in Europe.
Under the GDPR, EU regulators have the authority to impose fines of up to 4% of a company’s annual revenue for severe violations. The Irish Data Protection Commission has become the leading privacy regulator for major tech companies with an EU presence, including Meta and Apple.
RELATED:
- Meta’s Massively Multilingual Speech to Redefine Boundaries of Language
- Meta reportedly in talks to license Magic Leap’s AR technology
- Instagram was Down for Hundreds of Thousands of Users Worldwide
- Best Gaming Controllers of 2023: Enhance Your Gaming Experience
(Source)
