Summary
On Monday, Facebook parent company Meta was fined 1.2 billion euros ($1.3B) by the Irish Data Protection Commission (DPC), acting on behalf of the EU, for failing to comply with a 2020 decision on trans-Atlantic data transfers.
The advent of this decision can be traced back to 2013 and the complaint from Austrian lawyer and founder of the non-profit organization noyb Max Schrems. In his original complaint, the privacy activist essentially requested that Facebook be prohibited from transferring his data to the United States, on the ground that the law in the U.S. did not ensure adequate protection of his personal data.
Nearly a decade later, Max Schrems has issued a statement about the fine on the noyb website:
"We are happy to see this decision after ten years of litigation. The fine could have been much higher, given that the maximum fine is more than 4 billion and Meta has knowingly broken the law to make a profit for ten years. Unless US surveillance laws get fixed, Meta will have to fundamentally restructure its systems." - Max Schrems (source: noyb) |
This is a record-breaking fine, even by Meta's standards, which had already topped the charts for the biggest GDPR data privacy fines imposed last year:
-
Instagram: €405 million (Children's data rights)
-
Facebook: €265 million (Data scraping)
In a statement published on Meta's website, company spokespersons seemingly challenge the ruling, pointing at European regulators' focus on U.S. businesses (as opposed to other countries like China) and appealing to ongoing efforts for a new EU-U.S. data privacy framework for data transfers.
After reassuring Facebook users that there won't be an immediate impact on the social media platform in Europe for now, they confirm Meta's intent to appeal the decision and fine:
"At a time where the internet is fracturing under pressure from authoritarian regimes, like-minded democracies should work together to promote and defend the idea of the open internet. No country has done more than the US to align with European rules via their latest reforms, while transfers continue largely unchallenged to countries such as China. Our priority is to ensure that our users, advertisers, customers and partners can continue to enjoy Facebook while keeping their data safe and secure. There is no immediate disruption to Facebook because the decision includes implementation periods that run until later this year. We intend to appeal both the decision’s substance and its orders including the fine, and will seek a stay through the courts to pause the implementation deadlines." - Nick Clegg, President, Global Affairs & Jennifer Newstead, Chief Legal Officer at Meta (statement via Meta) |
How do you feel about this record-breaking fine and Meta's answer? Join the conversation in our Yes We Trust community, a free discussion group for data privacy professionals and enthusiasts, on LinkedIn: