EU fines Facebook's Parent Company, Meta, $1.3 billion for illegally moving user data from Europe to the US.

For transmitting European user data to the US, the European Union fined Meta a staggering $1.3 billion.

Meta received a $1.3 billion fine from the European Union for transmitting user data to the United States.?Since the European Union (EU) adopted the General Data Protection Regulation (GDPR) on May 25, 2018, this penalty has been the largest.

When there was no legal justification for data transfers, the social media titan Meta previously threatened to shut down all of its offerings for users in Europe.?The company expressed its disappointment with the Irish Data Protection Commission's judgment and claimed that it sets a risky precedent for many businesses that move data between the EU and the US.

"There is no urgent interruption to Facebook in Europe," stated Nick Clegg, Meta's president of worldwide corporate affairs, and Chief Legal Officer Jennifer Newstead in a statement made public by the Associated Press.?"The ruling is incomplete and unjustified and establishes an unsafe example for the numerous other businesses transmitting data between the EU and the U.S."

The conflict began in the past, specifically in 2013, while Max Schrems, a privacy campaigner and founding member of NOYB, complained to Facebook about how it handled his information in the wake of Edward Snowden's allegations about the US government's extensive surveillance operation.

The formal procedure to adopt an adequate decision for the EU-U.S. Data Privacy Framework on December 13, 2022, was started by the European Commission on that date.

The U.S. Department of Commerce and the European Commission created the EU-U.S. Privacy Shield Framework to give businesses on both ends of the Atlantic Ocean a way to adhere to EU data protection laws when moving private information about people from the European Union to the United States in favor of transatlantic trade.

It is obvious that Meta may need to make significant investments, such as redistributing its data to European sites, in order to stop exporting user data to the US.?Out of 25 data centers globally, just 3 are located in the European Union (21 are in the US, and 1 is in Singapore).

Additionally, the European Union has mandated that Meta cease keeping any data that was sent from the EU to the US within a period of six months of the DPC's announcement.

The news made public by DPC states, "The EDPB approved the verdict on April 13, 2023."?According to the DPC's judgment of May 12, 2023,?"Constant with its requirements to issue a final ruling "on the basis of" the EDPB's conclusion, the DPC had exercised the following corrective authorities:

1. An order issued in accordance with Article 58(2)(j) GDPR directing Meta Ireland to halt all future transfers of individual information to the US within 5 months of the date Meta Ireland was informed of the DPC's decision;
2. A €1.2 billion disciplinary fine (indicating the EDPB's conclusion that such a payment should be levied in order to punish the violation that was discovered to have been committed).?Referring to the evaluations and conclusions found in the EDPB's ruling, the DPC calculated the size of the penalty to be imposed; and
3. An order made in accordance with Article 58(2)(d) of the General Data Protection Regulation asking Meta Ireland to comply with Chapter V of the GDPR by stopping the illegal handling, which includes storage, of private information of EU/EEA users transferred in breach of the GDPR, within 6 months of the date the DPC's decision was notified to Meta Ireland.

About The Author:

Yogesh Naager is a content marketer that specializes in the cybersecurity and B2B space.?Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM.?Naager entered the field of content in an unusual way.?He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts.?He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field.?In the bottom line, he frequently writes for Craw Security.