The umbrella company Meta, which owns Facebook, has been fined €1.2 billion by the Irish Data Protection Authority (IE DPA). According to the European Data Protection Board (EDPB), this is the highest fine ever for violations of the GDPR.
The fine was imposed because Meta had been transferring European users’ personal data to the US on standard contractual clauses since July 2020, which EDPB deemed illegal. The company must stop the procedure within a period of six months.
According to the Data Protection Commission, Meta Ireland has breached Article 46(1) of the GDPR. The article itself allows organizations to transfer data to a third country or to international organisations, provided there are adequate safeguards and effective remedies for data subjects. The DPC concluded that Meta’s measures were inadequate in addressing the risks to the rights and freedoms of data subjects.
The inquiry was launched in August 2020 but was given the green light by the Irish courts in May 2021. The DPC was given time to prepare a draft of the decision, which was supported by most other EU members/ IF IT’S.
Andrea Jelinek, president of the EDPB, said the breach was “very serious as it involves regular, frequent and continuous transfers”. He also added that the unprecedented fine should warn other companies that “serious violations have far-reaching consequences.”
Start a new Thread