 |
| Mark Zuckerberg Founder and CEO of Meta owner of Facebook |
Meta, the owner of Facebook, has been fined €1.2 billion for mishandling people's data when transferring it between Europe and the United States.
The fine was issued by the Irish Data Protection Commission, and is the largest fine ever imposed under the General Data Protection Regulation in the European Union.
The GDPR sets out the rules that companies must follow when transferring user data outside the European Union.
Meta says it will appeal the ruling as "unjustified and unnecessary."
The crux of the decision relates to the transfer of data to the United States. These legal contracts, drawn up by the European Commission, contain guarantees that ensure the continued protection of personal data when it is transferred outside of Europe.
However, there are concerns that this data flow still exposes Europeans to weaker privacy laws in the United States, and that US intelligence agencies can access the data.
Serious precedent
Most large companies use complex networks of data transfers to recipients abroad, which can include email addresses, phone numbers, and financial information.
Meta says the fine is unfair. Nick Clegg, Facebook's head, said: "We are disappointed that we have been singled out, even though we use the same legal mechanism as thousands of other companies that seek to provide services in Europe."
"This decision is flawed and unjustified and represents a serious precedent for countless other companies that transfer data between the European Union and the United States."
A decade-long battle
Former National Security Agency contractor Edward Snowden revealed in 2013 that US authorities repeatedly accessed people's information through companies like Facebook and Google.
Austrian privacy activist Max Schrems sued Facebook for failing to protect his privacy rights, sparking a decade-long battle over the legitimacy of transferring European Union data to the United States.
The European Court of Justice, the highest court in Europe, repeatedly stated that Washington does not have adequate oversight to protect Europeans' information.
In 2020, the European Court of Justice ruled the data transfer agreement between the European Union and the United States invalid.
Fundamental restructuring
Asked about the €1.2 billion fine, Schrems said he was "happy to see this decision after 10 years of litigation," but it could have been much higher.
He added: "Unless US surveillance laws are reformed, Meta will have to fundamentally restructure its systems."
The United States recently updated its internal legal protection procedures to give the European Union greater assurances that US intelligence agencies will follow the new rules governing access to data.
Amazon was fined for violating European Union privacy standards in 2021.
The Irish Data Protection Commission also fined the Meta-owned WhatsApp application for transparency violations.