The Irish Data Protection Commission on Monday fined Meta (formerly Facebook) a record $1.3 billion fine over violating data transfer rules in the European Union (EU).
The Irish watchdog said that Meta violated the General Data Protection Regulation (GDPR) which came into force on May 25, 2018.
The Wall Street Journal was first to report about the landmark penalty on Meta.
The ruling applies only to Facebook and not Instagram and WhatsApp. Meta said it would appeal against the Irish watchdog’s decision.
Standard Contractual Clauses
“Without the ability to transfer data across borders, the internet risks being carved up into national and regional silos, restricting the global economy and leaving citizens in different countries unable to access many of the shared services we have come to rely on,” Nick Clegg, Meta’s President of Global Affairs said in a statement.
The Irish privacy watchdog said that Meta’s use of a legal instrument known as standard contractual clauses (SCCs) to move data to the US “did not address the risks to the fundamental rights and freedoms” of European users, reports Politico.
Regulators said that Meta failed to comply with a 2020 decision by the EU’s highest court that data shipped across the Atlantic was not sufficiently protected from the US spy agencies.
The European Court of Justice in 2020 struck down an EU-US data flows agreement known as the Privacy Shield. The EU and US are now working on a new data flow deal that could come later this year.
Amazon was previously fined 746 euros million by Luxembourg and the Irish regulator also imposed fines against Meta’s platforms Facebook, Instagram and WhatsApp ranging between 405 million and 225 million euros in the past two years.