Bad news for Meta, good news for European users. The European Data Protection Board (EDPB), through DPA Ireland, has fined to goal with a record €1.2 billion for misuse of customer data for use in targeted advertisements.
This is the absolute record in terms of sanctions within the General Data Protection Regulation, surpassing the fine Amazon previously received of $887 million. In addition, the data protection agency also prohibits Meta from transferring user data to third states (basically, to the US)
This time it is not a direct violation of the privacy of the users, but rather due to behaviors contrary to the protection of said data within the current regulations. The main motivation of the EDPB is that Meta has been carrying out transfers of personal data to third countries (in this case, the USA) without guaranteeing adequate protections to safeguard user information.
The fine is the final consequence after the study of the matter and the EDPB’s recommendation to the regulator in Ireland (where Meta and the competent body for the sanction are based). The European body considered that, given the seriousness of the offence, the starting point for calculating the fine it should be between 20% and 100% of the applicable legal maximum. The result has been a record penalty for the European and Irish body: 1,200 million.
And it is that in reality who has been fined has been Meta IE (Meta Platforms Ireland Limited), the subsidiary of the company in Ireland, which, in addition, is forced to comply with Chapter V of the GDPR. That means that illegal data processing, including data storage, in the United States must stop. This applies to all personal data of European users transferred in violation of the GDPR. And it gives you a period of 6 months to do it:
The EDPB considered that the infringement of Meta IE is very serious, since it deals with systematic, repetitive and continuous transfers. Facebook has millions of users in Europe, so the volume of personal data transferred is enormous. This unprecedented fine is a strong signal to organizations that serious violations have serious consequences.”
Andrea Jelinek, EDPB
A key issue, moreover, is that both the sanction and the order to stop the transfer of data are for Facebookand they are not related to the rest of Meta’s companies or social networks, such as WhatsApp, Instagram, Meta itself as a company.