Meta Will Contest EU $1.3B Data Privacy Fine

Meta, the owner of Facebook, has been fined a record $1.3 billion for transferring EU user data to the US in breach of a previous EU court ruling. The fine is the largest ever levied under Europe’s influential data privacy law, the General Data Protection Regulation (GDPR). The previous record of $$850 million was levied against Amazon in 2021. Meta says that it will be appealing against the fine.

Meta, which also owns WhatsApp and Instagram, said it would appeal the ruling, including the fine. There would be no immediate disruption to Facebook in Europe while the appeal goes ahead.

The battle over where Facebook stores its data began a decade ago after Austrian privacy campaigner Max Schrems brought a legal challenge over the risk of US surveillance, following disclosures by former US National Security Agency contractor Edward Snowden.

The EU regulator insists that the processing and storage of personal data in the US contravened the GDPR. Now, the Irish Data Protection Commission’s (DPC) decision against Meta was published on 22nd May. The DPC aims to make Facebook suspend data transfers between the EU and US due to issues about EU citizens’ data privacy. 

The DPC said that current data transfer practices at Facebook “did not address the risks to the fundamental rights and freedoms of data subjects” and were in breach of the GDPR.

The legal action comes after a long-running question about citizens’ data privacy and how Facebook has conducted data transfers between the EU and US. Data transfers have been protected by the transatlantic Privacy Shield agreement, which was originally created to allow secure data transfers between the EU and US, which operate in different data protection jurisdictions. 

This was later invalidated after a lawsuit between Meta (then called Facebook) and Max Schrems concluded that the standard offered too much leniency to US surveillance laws.

Meta president of global affairs Nick Clegg said in a blog post "We intend to appeal both the decision's substance and its orders including the fine and will seek a stay through the courts to pause the implementation deadlines...  The ability for data to be transferred across borders is fundamental to how the global open internet works. From finance and telecommunications to critical public services like healthcare or education, the free flow of data supports many of the services that we have come to rely on... Thousands of businesses and other organisations rely on the ability to transfer data between the EU and the US in order to operate and provide services that people use every day,”

Meta maintains that there is a “fundamental conflict of law between the US government’s rules on access to data and European privacy rights". 

Clegg also wrote, “Our priority is to ensure that our users, advertisers, customers and partners can continue to enjoy Facebook while keeping their data safe and secure. There is no immediate disruption to Facebook because the decision includes implementation periods that run until later this year. We intend to appeal both the decision’s substance and its orders including the fine, and will seek a stay through the courts to pause the implementation deadlines.”

In 2020 Apple won its appeal against a European Commission ruling that it owed Ireland €13 billion ($14.9 billion) in taxes. In March this year, Meta was made to pay €5.5 million for breaching the GDPR with its WhatsApp messaging service.

facebook:     ITPro:    CNN:    Insurance Journal:     Bloomberg:    NNUK:     ChannelsTV

TimesOfMalta:   Yahoo

You Might Also Read: 

Facebook Users In Line For $725m Payout:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« AI Will Be Disruptive - For Both Security & Jobs
Julius Caesar Used Encryption. Shouldn’t You? »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

OpenSphere

OpenSphere

OpenSphere is an IT company providing security consultancy, information system risk management and security management services.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

LiveVault

LiveVault

LiveVault delivers fully automated, turnkey, backup over the Internet or a private network connection for uninterrupted remote data protection.

Zymbit

Zymbit

Zymbit provides hardware security modules (HSM) for IoT devices, including Raspberry Pi and other single board computers.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

Blackpoint Cyber

Blackpoint Cyber

Blackpoint’s mission is to provide effective, affordable real-time threat detection and response to organizations of all sizes around the world.

Global Cyber Risk (GCR)

Global Cyber Risk (GCR)

Global Cyber Risk is a technology and advisory services firm that provides first tier cybersecurity services to both large corporations and small and mid-sized businesses.

Bytes Technology Group

Bytes Technology Group

Bytes is a leading provider of world-class IT solutions. Our growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Kong

Kong

Kong - powering the API world. Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

Xmore AI

Xmore AI

Xmore AI, an emerging disruptor in our incubation, is building AI models to optimize and secure IT with the mission of increasing efficiency and reducing costs.

The Missing Link

The Missing Link

Whether your requirements are large or small, The Missing Link have you covered with our core offerings including IT & Cloud, Cyber Security and Automation.

SecureCo

SecureCo

SecureCo supports some of the most demanding cyber practitioners in the world, offering defense-in-depth cybersecurity to support API protection and data transport assurance.