Meta was fined a record-breaking $1.3 billion, for failing to comply with the European Union’s privacy policies by transferring the personal data of Facebook users to servers in the United States.
The fine was announced on Monday by the European Data Protection Board, stating that Facebook’s parent company, violated the terms of General Data Protection Regulations, a set of rules that seek to protect customer privacy in the European Union.
Following an inquiry into Facebook by the Irish Data Protection Commission—the chief regulator overseeing Meta’s operations in Europe—it was resolved to fine Meta for the infringement with the sum of $1.3 billion.
Meta has also been ordered to cease the processing of personal data of European users in the United States within six months.
Monday’s fine amounts to the largest sum ever imposed under the European General Data Protection Regulation, in force since May 2018. The previous record of $805.7 million was levied against Amazon in 2021.
According to the regulators, Meta has made data transfers between the United States and European Union which fail to comply with “standard contractual clauses” in place since July 2020.
Andrea Jelinek, chair of the European Data Protection Board Chair, said in a statement that “the unprecedented fine is a strong signal to organizations that serious infringements have far-reaching consequences.”
Meta’s infringement is “very serious since it concerns transfers that are systematic, repetitive, and continuous,” she continued.
“Facebook has millions of users in Europe, so the volume of personal data transferred is massive. The unprecedented fine is a strong signal to organizations that serious infringements have far-reaching consequences,” she added.
Chapter 5 of the GDPR lays out the conditions under which personal data can be transferred to third countries or international organizations. The EU regulator said the processing and storage of personal data in the United States breached Europe’s signature data privacy law.
Dublin is home to the European headquarters of Apple, Meta, Twitter, and Google, which have created thousands of jobs in the country and boosted its economic growth.
Although Ireland is in a delicate position when it comes to trying to retain these US tech companies while also aligning with the European Union’s strict approach to tech regulation, this time it had to side with the EU.
Prior to Monday’s ruling, Ireland’s Data Protection Commission had handed Meta nearly $1 billion in fines for alleged violations of GDPR since the fall of 2021. But in this instance it was not in favor of fining Meta, judging that doing so exceeded what could be regarded as “proportionate” to address the infringement.
