Jessica Heygate
May 23, 2023

Meta fined $1.3 billion for violating E.U. data privacy rules

Facebook parent receives record-breaking fine for breaching GDPR, the EU’s privacy law.

Photo: Getty Images
Photo: Getty Images

Meta has been hit with a record €1.2 billion ($1.3 billion) fine for breaching the European Union’s privacy law by transferring user data to the U.S.

The ruling by Ireland’s Data Protection Commission (DPC) also requires Meta’s Facebook to suspend data transfers from the E.U. to the U.S. The ruling applies only to Facebook — not to Meta’s other social platforms — which has at least five months to comply. 

The case relates to a 2013 complaint filed by Austrian privacy campaigner Max Schrems, who argued that in light of Edward Snowden’s revelations about tech companies being subject to U.S. surveillance programmes, Facebook could not guarantee the safety of E.U. user data that was transferred to the U.S.

Schrems won a lawsuit in 2020 to strike down a U.S.-E.U. agreement known as Privacy Shield through which companies, including Facebook, were permitted to move data across the Atlantic. A new Data Privacy Framework between the two regions is currently being developed.

In its ruling on Monday, the DPC said Meta failed to comply with the 2020 order that requires companies to protect data from U.S. surveillance, after admitting that it continues to receive requests from the U.S. government to disclose users’ communications.

In its ruling, the DPC said Meta’s data transfers “fail to guarantee a level of protection” that is “essentially equivalent to that provided by E.U. law.”

In its responses to the suit, the Facebook parent company has argued that such data transfers are necessary for the company to provide its service — but the DPC did not find this justifiable under GDPR.

Meta said it would appeal the decision and that there would be no immediate disruption to Facebook’s service in the E.U.

In a blog post, Nick Clegg, Meta’s president of global affairs, and Jennifer Newstead, the chief legal officer, said the company was being unfairly targeted.

“This is not about one company’s privacy practices — there is a fundamental conflict of law between the U.S. government’s rules on access to data and European privacy rights, which policymakers are expected to resolve in the summer,” the two said.

The Meta spokespeople went on to call the €1.2 billion fine “unjustified and unnecessary” and reiterated the company’s position on the necessity of data transfers.

“Without the ability to transfer data across borders, the internet risks being carved up into national and regional silos, restricting the global economy and leaving citizens in different countries unable to access many of the shared services we have come to rely on,” the statement said.

 

Source:
Campaign US

Related Articles

Just Published

17 hours ago

40 Under 40 2024: Matthew Zeng, DSTNCT

Zeng co-founded DSTNCT and has propelled it into a top creative agency known for impactful public sector work.

18 hours ago

Nunn Media climbs to $42.8 million in wins, leading ...

Australian and New Zealand agencies make a mark in the global indie new-business league with over $120 million in wins.

20 hours ago

Agency of the Year 2024 winners: Japan/Korea

Check out the complete winner list for the Japan/Korea region in the 2024 Campaign Asia-Pacific Agency of the Year awards.

1 day ago

Igniting the spark: A how-to-guide for finding ...

Here’s how one native designer brings her full self to her creative work — and how you can, too.