Meta gets slapped with €1.2 billion fine for transferring EU user data to U.S.
By
Meta gets slapped with €1.2 billion fine for transferring EU user data to U.S.
The European Data Protection Board (EDPB) recently announced a massive €1.2 billion (~S$1.75 billion) fine issued to Meta by Irish regulators for a perceived infringement on personal data.
According to its announcement, the fine was for a “systematic, repetitive and continuous” infringement where user data of Facebook users in Europe was transferred to the United States (U.S.). Meta was also ordered to stop processing and storing European personal data in the U.S. within six months of the ruling.
According to the EPDB, this infringement goes against Chapter 5 (specifically Article 46) of the European Union’s Data Protection Regulation (GDPR), which necessitates safeguards, legal remedies, and authoritative oversight in the event of unavoidable personal data transfers out of the European Union (EU).
A detailed breakdown of findings in the decision (PDF download) claimed that the infringement was committed with “at least the highest degree of negligence”, resulting in the heftiest fine in GDPR’s existence to date.
In a blog post about the fine, Meta opines that European privacy rights and U.S. rules around data access are fundamentally conflicted, with its hopeful eyes on the incoming Data Privacy Framework improving how data is treated across the U.S. and EU.
“At a time where the internet is fracturing under pressure from authoritarian regimes, like-minded democracies should work together to promote and defend the idea of the open internet. No country has done more than the US to align with European rules via their latest reforms, while transfers continue largely unchallenged to countries such as China,” said the blog post.
Source: European Data Protection Board, Meta (Newsroom), Ars Technica
