Global Courant 2023-05-22 17:59:12
Facebook parent company Meta was fined a record 1.2 billion euros ($1.75 billion Cdn) by the European Union’s leading privacy regulator for handling user information and was given five months to stop transferring user data to the United States.
The fine imposed by Ireland Data Protection Commissioner (DPC), came after Meta continued to transfer data following a 2020 EU court ruling that invalidated an EU-US data transfer pact. It surpasses the previous record EU privacy fine of 746 million euros ($1.09 billion Cdn) handed down by Luxembourg to Amazon.com Inc in 2021.
The battle over where Meta’s Facebook stores its data began a decade ago after Austrian privacy activist Max Schrems filed a legal challenge over the risk of US snooping in light of revelations by former US National Security Agency contractor Edward Snowden .
‘defective, unjustified’
“This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and the US,” Nick Clegg, Meta’s president of global affairs, and chief legal officer Jennifer Newstead said in a statement.
The social media giant reiterated that it expected a new pact allowing the secure transfer of personal data from EU citizens to the United States to be fully implemented before it has to suspend the transfer.
That would mean the earlier warning that a shutdown could force it to suspend Facebook services in Europe would fail.
“Without the ability to transfer data across borders, the internet risks being divided into national and regional silos,” Meta said.
The DPC said in March that EU and US officials hoped the new data protection framework — agreed by Brussels and Washington in March 2022 — could be ready by July.
Thrown out
Europe’s highest court, the European Court of Justice, rejected the two previous pacts over concerns about US surveillance.
Schrems, the Austrian privacy activist, said Meta’s plans to rely on the new deal for transfers in the future are unlikely to be a permanent solution.
“In my opinion, the new deal may have a 10 percent chance of not being killed by the CJEU (Court of Justice of the EU). Unless US surveillance laws are resolved, Meta will likely have to keep EU data in the EU, he said in a statement.
The Irish watchdog, which is the lead EU regulator for many of the world’s top tech companies due to the location of their European headquarters in Ireland, has said the suspension order could set a precedent for other companies.
It has now fined Meta a total of 2.5 billion euros ($3.65 billion Cdn) for breaches of the General Data Protection Regulation (GDPR), introduced in 2018.
The DPC said it was not initially proposing to add a fine to the suspension order, but four other EU supervisory authorities disagreed and the record fine was included following a ruling by the European Data Protection Authority. Protection Board (EDPB).
The Irish regulator has fined Meta more than any other tech company and has 10 more investigations open into the social media group’s platforms.