According to a Monday announcement by Ireland’s regulator, Facebook owner Meta has been fined a record-breaking € 1.2 billion (about Rs. 10,750 crore) for violating a past court order by sending EU user data to the US.
The European Data Protection Board (EDPB), which represents the European Union, instructed the Irish Data Protection Commission (DPC) to levy “an administrative fine in the amount of EUR 1.2 billion.”
Since 2020, the DPC has been looking into Meta Ireland’s transfer of personal data from the EU to the US.
It was determined that Meta, whose European headquarters are in Dublin, failed to “address the risks to the fundamental rights and freedoms of data subjects” that had been noted in a prior decision by the Court of Justice of the European Union.
To ensure that EU law is applied fairly for all member states, the CJEU interprets it.
In reaction, Meta stated that it was “disappointed to have been singled out” and that the decision was “flawed, unjustified and sets a dangerous precedent for the countless other companies”.
“We intend to appeal both the decision’s substance and its orders, including the fine, and will seek a stay through the courts to pause the implementation deadlines,” Meta President of Global Affairs Nick Clegg and Chief Legal Officer Jennifer Newstead stated in a blog post.
“There is no immediate disruption to Facebook in Europe,” they stated.
Fourth offence
The DPC initially sought to require Meta to stop the illegal data transfers, claiming that imposing a fine “would exceed the extent of powers that could be described as being appropriate, proportionate, and necessary.”
The EU’s Concerned Supervisory Authorities (CSAs), which are its counterpart regulators, disagreed.
“All four CSAs took the view that Meta Ireland should be subject to an administrative fine,” the DPC stated. Without any chance of agreement, the DPC sent the complaints to the EDPB, which decided that Meta Ireland must stop all future data transfers to the US and pay a fine.
Clegg and Newstead wrote in a blog post that the EDPB’s decision to overturn the DPC “raises serious questions.”
“No country has done more to align with European rules than the US through their most recent reforms, while transfers to countries like China continue largely unchallenged,” they noted.
Due to data breaches through its Facebook, Instagram, and WhatsApp platforms, EU regulators have already fined Meta hundreds of millions of euros.
This sanction, Meta’s fourth in the past six months, is the third the EU has imposed on the company so far this year.
For violating the EU’s General Data Protection Regulation, Amazon was fined EUR 746 million (about Rs. 6,685 crore) in Luxembourg in 2021.