Ireland fined Facebook €1.2bn for mishandling users’ data2 min read
Published on: 22 May 2023 at 15:54 IST
Meta, the parent company of Facebook, has been penalized with a hefty fine of €1.2 billion (£1 billion) by the Data Protection Commission of Ireland. This significant penalty is a result of mishandling individuals’ data during its transfer between Europe and the United States.
The fine imposed on Meta is the largest one ever recorded under the privacy law of the European Union known as the General Data Protection Regulation (GDPR). According to GDPR regulations, companies are obligated to obtain individuals’ consent before utilizing their personal data.
In response to the ruling, Meta has expressed its intention to challenge the decision, labeling it as both “unjustified” and “unnecessary.”
The focal point of this ruling revolves around the utilization of standard contractual clauses (SCCs) for transferring European Union (EU) data to the United States (US). These contractual agreements, formulated by the European Commission, incorporate safeguards to ensure the ongoing protection of personal data during its transfer outside of Europe.
However, concerns have been raised regarding the potential exposure of Europeans to the comparatively weaker privacy laws in the US, as well as the potential access to the data by US intelligence agencies.
The intricate networks of data transfers employed by most large companies encompass various types of information, such as email addresses, phone numbers, and financial data, which frequently rely on SCCs. Meta argues that the imposition of the fine is unjust given the widespread use of these contractual mechanisms by numerous other companies seeking to offer services in Europe.
Nick Clegg, the president of Facebook, expressed disappointment, stating, “We are therefore disappointed to have been singled out when using the same legal mechanism as thousands of other companies looking to provide services in Europe.”
The decision made in this case is regarded as flawed and unjustified, and it establishes a worrisome precedent for numerous other companies engaged in data transfers between the European Union (EU) and the United States (US).