Meta fined a record $1.3 billion over EU user data transfers to the U.S.
Visitors take photographs in entrance of the Meta signal at its headquarters in Menlo Park, California, December 29, 2022.
Tayfun Coskun | Anadolu Agency | Getty Images
Meta has been fined a record 1.2 billion euros ($1.3 billion) by European privateness regulators over the switch of EU user data to the U.S.
The determination hyperlinks again to a case introduced by Austrian privateness campaigner Max Schrems who argued that the framework for transferring EU citizen data to America didn’t defend Europeans from U.S. surveillance.
Several mechanisms to legally switch private data between the U.S. and the EU have been contested. The newest such iteration, Privacy Shield, was struck down by the European Court of Justice, the EU’s high courtroom, in 2020.
The Irish Data Protection Commission that oversees Meta operations in the EU alleged that the firm infringed the bloc’s General Data Protection Regulation when it continued to ship the private data of European residents to the U.S regardless of the 2020 European courtroom ruling.
GDPR is the EU’s landmark data safety regulation that governs corporations lively in the bloc. It got here into impact in 2018.
Meta used a mechanism referred to as normal contractual clauses to switch private data out and in of the EU. This was not blocked by any courtroom of the EU. The Irish data watchdog stated that the clauses have been adopted by the European Commission, the EU’s govt arm, along side different measures carried out by Meta. However, the regulator stated these preparations “did not address the risks to the fundamental rights and freedoms of data subjects that were identified” by the European Court of Justice.
Ireland’s Data Protection Commission additionally informed Meta to “suspend any future transfer of personal data to the US within the period of five months” from the determination.
The 1.2 billion euro punishment for Meta is the highest any firm has ever been fined for breaching GDPR. The earlier largest nice was a 746 million euro cost for e-commerce large Amazon for violating GDPR in 2021.
Meta plans to attraction
Meta stated it will attraction the determination and the nice.
“We are appealing these decisions and will immediately seek a stay with the courts who can pause the implementation deadlines, given the harm that these orders would cause, including to the millions of people who use Facebook every day,” Nick Clegg, Meta’s president of world affairs, and Jennifer Newstead, chief authorized officer at the firm, stated in a weblog publish Monday.
The Meta case has put focus again on the EU and Washington’s push to get a new data switch mechanism. The U.S. and EU final yr “in principle” agreed to a new framework for cross-border data transfers. However, the contemporary new pact has not but come into impact.
Meta is hoping that this EU-U.S. data privateness settlement is instated earlier than the Irish regulator’s deadlines are available place.
If the new framework “comes into effect before the implementation deadlines expire, our services can continue as they do today without any disruption or impact on users,” Clegg and Newstead stated.
Correction: This story has been up to date to mirror the Austrian nationality of Max Schrems.