Facebook Owner Fined $1.3b For Mishandling Users’ Information
Meta, the owner of Facebook, WhatsApp and Instagram, has been fined €1.2 billion for mishandling people’s data when transferring it between Europe and the US.
The fine which is equivalent to $1.3 billion – imposed by Ireland’s Data Protection Commission (DPC), which regulates Meta across the EU, is a record for a breach of the bloc’s General Data Protection Regulation (GDPR).
BBC reports that Meta immediately responded to the ruling, saying it will appeal against the “unjustified and unnecessary” fine which sets a “dangerous precedent”.
Meta incurred the fine for transferring EU users’ data to the US for processing, despite a 2020 verdict handed down by the highest EU court, saying the data was insufficiently protected from US spying agencies.
Facebook has been ordered to cease the practice and has been given a minimum of five months to suspend future transfers, and six months to stop unlawful processing and storage of data in the US.
Instagram and WhatsApp are not subject to the order and the decision does not affect Facebook in the UK.
The DPC said Meta infringed GDPR by continuing to transfer EU user data to the US despite a ruling by the European Court of Justice requiring strong protection of that information.
The regulator said data transferred by Facebook under a legal instrument called standard contractual clauses “did not address the risks to the fundamental rights and freedoms of data subjects that were identified by the [court of justice] in its judgment”.
Meta said it had been “singled out” by the DPC despite thousands of other businesses using the same data transfer processes.
“We are disappointed to have been singled out when using the same legal mechanism as thousands of other companies looking to provide services in Europe,” wrote Nick Clegg, the Meta president of global affairs, and Jennifer Newstead, the Meta chief legal officer, in a blog post on Monday.
