Meta on Monday was fined a record 1.8 billion dollars (1.2 billion euros) by the Irish regulator for breaching European data protection rules (GDPR) with its social network Facebook.
Meta, which intends to appeal, is condemned for having “continued to transfer personal data” of users from the European Economic Area (EEA) to the United States in violation of European rules in the matter, indicated in its decision the Irish Data Protection Commission (DPC), which acts on behalf of the EU.
Meta must also “suspend any transfer of personal data to the United States within five months” of notification of this decision and must comply with the GDPR within six months, added the DPC.
This sanction, the highest imposed by a data protection regulator in Europe, the DPC told AFP, is the result of an investigation launched in 2020.
Meta describes the fine as “unjustified and unnecessary” and will seek legal action to suspend it, the social media giant immediately reacted on Monday in a statement sent to AFP.
“Thousands of businesses and organizations rely on the ability to transfer data between the EU and the US” and “there is a fundamental rights conflict between US government rules on data access and European privacy rights”, continues the Californian giant.
Meta hopes to see the United States and the European Union adopt during the summer a new legal framework for the transfer of personal data, in the wake of an agreement in principle adopted last year.
This is the third fine imposed on Meta since the beginning of the year in the EU, and the fourth in six months.
In January, the DPC had heavily sanctioned the group to pay nearly 400 million euros for offenses on the use of personal data for advertising purposes targeting its Facebook, Instagram and WhatsApp applications, then in March, to 5.5 million euros for violating the GDPR with his WhatsApp message.
Since then, Meta has committed to changing its terms of use in Europe to be able to continue to collect and process the personal data of its European users.
These sanctions come in a context of strengthening controls and judicial procedures in the European Union, but also in the United States, against GAFA (Google, Amazon, Facebook and Apple), and the measures recently taken against the Chinese giant TikTok.
In 2021, Amazon had in particular been fined 746 million euros in Luxembourg for non-compliance with the GDPR.