European record fine for Facebook privacy violation: 1.2 billion euros

The Irish privacy watchdog fines Facebook parent Meta 1.2 billion euros for the illegal transfer of personal data to American servers of hundreds of millions of Europeans.

In addition to the fine, Meta is also required to stop transferring personal data to servers in the US within five months. They must stop processing that data within six months.

The regulator in Dublin just announced this. Last month it received a binding European advice to this end.

It is the highest fine ever imposed in Europe for violation of the GDPR privacy directive, known in the Netherlands as AVG. The fine could have been higher, because privacy violations on this scale can be punished with a maximum fine of four percent of annual turnover. At Facebook, that would mean 4.3 billion euros, but that became 28 percent of that. That is at the lower end of the range recommended by the European regulator EDPB. The Brussels advice was: somewhere between twenty and one hundred percent, as a clear signal to other market parties who are in the same boat.

In substance, the case is about the following. The European Court ruled in 2020 that the profile site may not send personal data of European users to the US.

The ruling protects the personal data of European citizens from US government and intelligence agencies. They should not just be able to secretly sniff into the personal data of citizens on the servers of parties such as Google, Facebook and Microsoft. American law now allows them to do so through the Cloud Act.

Facebook therefore now uses so-called ‘standard contract clauses’ as a legal detour to still be able to run its advertising company with personal data. However, the Austrian regulator recently brushed that construction off the table. The Irish regulator shares this insight, which is why it will automatically apply to the whole of Europe. Facebook’s European headquarters is in Ireland. That is why the Irish regulator is held accountable for enforcing European rules.

Meta says in a first response: “This decision is not correct and sets a dangerous precedent for countless companies that transport personal data from Europe to the US.” Some of these parties are, for example, Amazon, Google and Microsoft. There are also rules for correct data transfer and processing, but Meta does not adhere to them.

Civil rights organization noyb welcomes the decision and expects CEO Zuckerberg to appeal. The chance of success, says privacy advocate Max Schrems, is small because similar appeal cases were rejected in Dublin.

About admin

Check Also

Government plan to regulate Step scooter sharing senseless as cities look at bans

Government plan to regulate Step scooter sharing senseless as cities look at bans | Dutch …

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir