Facebook parent company Meta has to pay a record $1.3 billion fine for transferring European user data to the US
LONDON (AP) – The European Union slapped a record $1.3 billion privacy fine on Meta on Monday, ordering it to stop transmitting user data across the Atlantic, the latest salvo in one The decades-long case was sparked by US cyber-snooping fears.
The €1.2 billion fine imposed by Ireland’s Data Protection Commission is the highest since the EU’s tough data protection rules came into force five years ago and exceeds them Amazon’s fine of 746 million euros in 2021 for data breaches.
The Irish regulator is Meta’s leading data protection regulator in the 27-country bloc, as the Silicon Valley tech giant’s European headquarters are based in Dublin.
Meta, which previously warned that services could be suspended for its users in Europe, promised to appeal and ask the courts to put the decision on hold immediately.
“There is no immediate disruption to Facebook in Europe,” the company said.
“This decision is flawed, unjustified and sets a dangerous precedent for the myriad other companies that transfer data between the EU and the US,” said Nick Clegg, Meta’s president of global affairs and affairs, and chief legal officer Jennifer Newstead in one Explanation.
It’s another twist in a legal battle that began in 2013, when Austrian lawyer and privacy activist Max Schrems filed a complaint about Facebook’s handling of his data after former National Security Agency official Edward Snowden made revelations about US cybersnooping had made.
The saga highlighted that Clash between Washington and Brussels about the differences between Europe’s strict view on data protection and the comparatively lax regime in the USA, where there is no federal data protection law.
An EU-US data transfer agreement known as the “Privacy Shield” was rejected by the EU’s top court in 2020 on the grounds that it had not done enough to protect residents from electronic spying by the US government.
This left another instrument for controlling data transfer – stock corporation contracts. Irish regulators initially ruled that Meta did not need to be fined as the company acted in good faith by using them to transmit data across the Atlantic. However, it was overruled by the EU’s top body of data protection authorities in Monday’s decision.
Meanwhile, Brussels and Washington signed an agreement last year on a revised Privacy Shield that Meta could leverage, but the pact awaits a decision from European officials on whether it adequately protects privacy.
EU institutions have reviewed the deal, and union lawmakers this month called for improvements because the safeguards weren’t strong enough.
Meta warned in its latest earnings report that without a legal basis for data transfers, the company will be forced to discontinue offering its products and services in Europe, “which would have a material and adverse impact on our business, financial condition and operating results.”
The social media company may face a costly and complex restructuring of its operations if it is forced to stop sending user data across the Atlantic. According to its website, Meta has a fleet of 21 data centers, but 17 of those are in the United States. Three more are located in the European countries of Denmark, Ireland and Sweden. Another is in Singapore.
Other social media giants are under pressure for their data practices. TikTok has tried to allay Western fears on the potential cybersecurity risks of the Chinese short-video sharing app related to a $1.5 billion project to store US user data on Oracle servers.