Meta Platforms Inc. was slapped with another major fine by the Irish Data Protection Commission, the second major fine for Meta in less than three months!
According to Bloomberg (Meta Fined $277 Million for Leak of Half a Billion Users, written by Stephanie Bodoni), the Irish DPC, the main privacy watchdog for Meta in the European Union, levied the fine following a probe that found the social-media company had failed to apply strict safeguards required under the General Data Protection Regulation (GDPR).
On top of the fine – the third-biggest under GDPR and the second major fine for Meta since September – the watchdog ordered Meta’s Irish unit to make sure its processing complies with the law, according to an emailed statement on Monday.
The Irish authority is the lead watchdog for some of Silicon Valley’s biggest tech firms that have set up an EU base in the country, including Meta. It opened its probe following revelations that “a collated dataset of Facebook personal data” had been published on the internet. Personal information on 533 million Facebook users worldwide reemerged on a hacker website last year, including their phone numbers and email addresses.
The investigation looked into “Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools in relation to processing carried out by Meta” between May 2018 and September 2019, the data protection commission said.
The social network has previously said the data is old and that the problem had been found and fixed in 2019.
This is the second major fine for Meta in less than three months. The Irish DPC also slapped Instagram with a fine of €405 million after an investigation found the social media platform mishandled teenagers’ personal information in violation of strict European Union data privacy rules.
So, Meta platforms now account for two of the three highest GDPR fines, with only Amazon’s €746 million fine back in July of 2021 (covered by us here) larger than these two recent fines. The data privacy stakes continue to rise!
So, what do you think? Do you expect to see even larger fines in the future? Please share any comments you might have or if you’d like to know more about a particular topic.
Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.
[…] teeth. GDPR fines almost doubled in the first half of 2022, compared to the first half of 2021. Two of the three largest fines ever (both for Meta, which also just had a proposed privacy settlement rejected by a judge). Maybe […]
[…] teeth. GDPR fines almost doubled in the first half of 2022, compared to the first half of 2021. Two of the three largest fines ever (both for Meta, which also just had a proposed privacy settlement rejected by a judge). Maybe […]
[…] personal information in violation of strict European Union data privacy rules. And they were also fined another $277 million by the Irish DPC following a probe that found the social-media company had failed to apply strict […]
[…] They fined Instagram $432 million in June 2022 for mishandling teenagers’ personal information, fined Meta (Instagram’s parent company) $277 million in November 2022 for failing to protect personal […]