Meta Hit With Record $1.3 Billion Fine for Mishandling Data

Meta could be in for a wild ride in its efforts to become profitable again.

Ireland's Data Protection Commission (DPC) has fined the social media giant a record-breaking amount for mishandling people's data when transferring it between the US and Europe.

Meta has decided to appeal the fine since its Facebook social media acted in good faith, calling it an "unjustified and unnecessary" ruling.

Meta Tweaks Controversial ‘Cross-Check’ System For VIPs On Facebook, Instagram
Getty Images

Meta DPC Fine Details

The DPC mentioned in its statement that Meta's Ireland branch infringed Article 46(1) GDPR when it continued to transfer personal data from the EU to the USA following the delivery of the EU's Court of Justice (CJEU) judgment in the 2020 case titled "Data Protection Commissioner v Facebook Ireland Limited and Maximillian Schrems."

For those unaware, the Court of Justice of the EU found that the previous mechanism to legally transfer personal data between the U.S. and the EU called the Privacy Shield pact, must be invalidated to protect user privacy when transferred from the EU to the US in 2020.

The watchdog stated that Meta effected the data transfers in question on the basis of the updated Standard Contractual Clauses (SCC) the European Commission adopted in 2021, along with several supplementary measures that it included to safeguard user data. According to the BBC, the legal contracts that make the SCC contain safeguards to ensure personal data continues to be protected when transferred outside Europe.

However, it found this insufficient, saying that Meta Ireland's attempt to address potential legal hurdles did not address the risks to the fundamental rights and freedoms of data subjects that the CJEU identified in its judgment in 2020.

As a result, the DPC ordered Meta to suspend any future data transfers to the US for five months and to pay a $1.3 billion administrative fine to the DPC - the largest imposed under the EU's GDPR privacy law. According to Macrumors, the previous largest fine was imposed on Amazon, which amounted to $8.07 million.

The DPC also ordered Meta Ireland to have its process operations comply with Chapter V of the GDPR and to cease "the unlawful processing, including storage, in the US of personal data of EU/EEA users transferred in violation of the GDPR" within six months.

Meta's Response To Ireland's DPC

Meta is less than pleased with the DPC's conclusion and fines to the company. According to Facebook president and Meta president of global affairs Nick Clegg, the DPC singled Meta out when it was using the same legal mechanism thousands of other companies have been using to provide services in Europe.

He added that the DPC's decision is setting a dangerous precedent for other companies transferring data between the EU and the US and that Meta would appeal the fine and its decision, per Engadget.

The DPC's findings are the culmination of a decade-long battle over where Meta's Facebook stores its data after Edward Snowden's disclosures about data privacy in the US, per Reuters.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

Tags Meta

More from iTechPost

Real Time Analytics