Meta Hit with Record €1.2 Billion Fine for Data Misuse by European Regulators
Social media giant Meta, formerly known as Facebook, has been slapped with an unprecedented fine of €1.2 billion by the Irish Data Protection Commission for alleged violations of European Union (EU) data protection regulations.
The fine stems from Meta’s failure to uphold EU privacy rules while transferring user data between Europe and the United States.
According to the Irish Data Protection Commission, Meta’s actions exposed European users to potential data misuse under US law, thus breaching the EU’s strict data protection guidelines. As part of the penalty, Meta is required to either delete the affected Facebook data or ensure its relocation back to European servers.
This €1.2 billion fine sets a new record under the EU’s General Data Protection Regulations (GDPR), surpassing the previous highest penalty imposed on Amazon, which amounted to €746 million. Notably, Meta has frequently faced substantial fines related to data issues involving its platforms, including Facebook, Instagram, and WhatsApp.
In response to the ruling, Meta decried the fine as “unjustified and unnecessary” and vowed to appeal the decision. The company also assured users that the ruling would not immediately disrupt the functioning of Facebook.
Meta has previously warned of potential consequences, including the possibility of shutting down Facebook and Instagram in Europe, due to stricter limitations on transatlantic data transfers. However, the company stated that it can continue its operations as usual if a new data agreement is reached between the EU and the US.
Previously, data sharing between the US and Europe relied on the “Privacy Shield” framework, which permitted data transfers if US companies adhered to adequate data protection measures. However, this framework was invalidated in 2020 by the European Court of Justice, citing insufficient data safeguards. Since then, policymakers have been diligently working on a new agreement called the Trans-Atlantic Data Privacy Framework, which is expected to come into effect by October. If the new framework is implemented by the deadline, Meta will need to comply by deleting the implicated Facebook data that led to the substantial fine.