Meta's €1.2 Billion Fine: Violation of GDPR During Data Transfers

Meta: A Major Player in the Social Media Industry

Meta, formerly Facebook Inc, is a huge company in the social media industry, owning popular social media platforms including Facebook, Instagram and WhatsApp.

The company has proved controversial several times, particularly within the area of data security. Within the last 24 hours, it has been announced that another huge fine has been imposed on the company for mishandling data against GDPR.

GDPR in the European Union and the United Kingdom

The handling of data within the European Union and the United Kingdom is subject to mandatory compliance. These regulations aim to give individuals control of their personal data and simplify the regulatory environment for businesses.?

This regulation applies to all organisations that process the data of a person residing within an area the GDPR is effective, regardless of if the company itself is located there or not. The GDPR is considerably stricter than many other data protection acts across the globe and gives the company less freedom to process and retain data than other regulations effective in countries such as the USA.

Meta’s breach of GDPR during data transfers

Meta has been fined € 1.2 billion (roughly ￡ 1 billion) for mishandling people’s data when transferring data between Europe and the USA. This fine was issued by Ireland’s Data Protection Commission (DPC) and is currently the largest fine ever issued under the GDPR.?

This fine was issued by the DPC because they are responsible for the EU operation of Meta in terms of data security due to the Meta EU headquarters being located in Dublin. They were issued a fine for transferring EU users’ data to the United States for processing, despite the ruling in 2020 that the data would be insufficiently protected from US spying agencies by the highest EU court.

Meta has been ordered to halt the practice and has been given at least 5 months to suspend future transfers and six months to stop unlawful processing and storage of data in the US. This affects the Facebook platform only, Instagram and WhatsApp are not subject to the order.

Currently, there are plans to build a safe and legal method for transferring data between the EU and USA to facilitate transfers such as the ones Meta is performing. Whilst this is in progress, Meta will continue to use its current, illegal, method for data transfer. If the transfer was to be banned entirely, it is estimated that it could cost Meta up to 10% of the advertising revenue they make, which is a considerable amount larger than the fine that has been imposed.

Meta has said no service will be affected and that they will appeal the fine as they believe the decision was ‘unjustified’ and ‘unnecessary’.

Protecting Personal Data

It is important to understand where your personal data is stored and your rights to access this data. If you would like to hear more from one of our expert team, please get in touch.?