Ireland fines Meta €1.2bn for data privacy breaches
Dublin, May 22 (EFE).- Meta, the parent company of Facebook, was hit Monday with a record fine of 1.2 billion euros ($1.29 billion) for violating data privacy regulations by Ireland’s data privacy regulator DPC.
The social media giant has said it will appeal.
The company that owns Facebook, WhatsApp and Instagram was ordered to “suspend any future transfer of personal data to the US within the period of five months” from the communication of the decision, according to the DPC statement.
The DPC, the lead data protection regulator for top tech companies in Europe, explained that Meta had breached Article 46(1) of the General Data Protection Regulation (GDPR) that has been in force for five years.
“The decision records that Meta Ireland infringed Article 46(1) GDPR when it continued to transfer personal data from the EU/EEA to the USA” following an EU Court of Justice ruling in 2020 for a lawsuit filed by Austrian lawyer and activist Maximillian Schrems.
In the wake of the court ruling, the European Commission (EC) eliminated the so-called EU-US Privacy Shield, the agreement with which the EU and the US used to regulate data transfer between them. Both are planning to establish a new pact this year.
The DPC investigation, launched in August 2020, examined arrangements designed by Meta to transfer Facebook users’ private data from the EU to the US.
These arrangements, known as “standard contractual clauses”, did not take the “fundamental rights and freedoms of data subjects” into account, the DPC reported.
Mete has said it will appeal the DPC’s “unjustified and unnecessary” decision, as well as “seek a stay of the orders through the courts.”
“We are (…) disappointed to have been singled out when using the same legal mechanism as thousands of other companies looking to provide services in Europe,” the company said.
“This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and US,” it added.
This is the biggest fine imposed on a multinational company in the EU over data privacy violations, after the 746 million euro fine ($807 million) that Amazon received in 2021.EFE