Meta Platforms Ireland Limited (Meta IE) has just been issued a 1.2 billion-euro fine following an investigation by the Irish Data Protection Authority (IE DPA) into unlawful data transfers of European users’ personal Facebook data.
As reported in a press release from the European Data Protection Board (EDPB), the fine serves as the largest General Data Protection Regulation (GDPR) fine ever and is being imposed for Meta’s transfer of European users’ personal data to the United States (US) on the basis of standard contractual clauses since July 16, 2020.
The fine is in relation to the EDPB’s binding dispute resolution decision on Meta IE, which was issued last April 13, 2023.
In the decision, the EDPB instructed the IE DPA to amend its draft decision and impose a fine on Meta and order Meta to cease any unlawful transferring or processing within 6 months after being notified of the final decision.
“The EDPB found that Meta IE’s infringement is very serious since it concerns transfers that are systematic, repetitive and continuous. Facebook has millions of users in Europe, so the volume of personal data transferred is massive,” said EDPB Chair Andrea Jelinek.
According to the Data Protection Commission, a GDPR fine or “breach” means “a breach of security leading to the accidental or unlawful. destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”
Personal data here refers to “any information concerning or relating to an identified or. identifiable individual.”