The Irish privacy watchdog has imposed a fine of 1.2 billion euros on Meta, the parent company of Facebook, for the illegal transfer of personal data to U.S. servers of hundreds of millions of Europeans.
In addition to the financial penalty, Meta is also required to cease the transfer of personal data to servers in the U.S. within five months. They must also stop processing that data within six months.
This was announced by the regulator in Dublin just now. Last month, it received a binding European recommendation to take these actions.
This is the highest fine ever imposed in Europe for a violation of the General Data Protection Regulation (GDPR), known as the AVG in the Netherlands. The fine could have been higher, as privacy breaches of this magnitude can be punished with a maximum monetary penalty of four percent of the annual revenue. For Facebook, that would amount to 4.3 billion euros, but it was 28 percent of that. It falls at the lower end of the margin recommended by the European supervisory authority, EDPB. The Brussels advice was somewhere between twenty and a hundred percent, as a clear signal to other market players in a similar situation.
In terms of content, the case is as follows: The European Court ruled in 2020 that the social networking site is not allowed to transfer personal data of European users to the U.S.
The ruling protects the personal data of European citizens from U.S. government and intelligence agencies. They should not be able to secretly sift through personal data of citizens on the servers of companies like Google, Facebook, and Microsoft. The U.S. law currently allows them to do so through the Cloud Act.
Therefore, Facebook now uses so-called “standard contract clauses” as a legal workaround to continue operating its advertising business with personal data. However, the Austrian regulator recently rejected this construction. The Irish regulator shares this view, and therefore, it will automatically apply throughout Europe. Facebook’s European headquarters are located in Ireland. That is why the Irish regulator is being called upon to enforce European rules.
In an initial response, Meta stated, “This decision is incorrect and sets a dangerous precedent for numerous companies transferring personal data from Europe to the U.S.” Some of these companies include Amazon, Google, and Microsoft. There are, however, rules for proper data transfer and processing, but Meta is not adhering to them.
#European record fine for privacy violation by #Facebook: 1.2 billion euro’s #socialmediaTweet