The Facebook group Meta has received a record fine of 1.2 billion euros for violating the European General Data Protection Regulation (GDPR). This was announced by the Irish data protection authority DPC on Monday in Dublin. The case is about Facebook’s involvement in mass surveillance by Anglo-American secret services, which was uncovered ten years ago by US whistleblower Edward Snowden. At the time, the Austrian data protection activist Max Schrems filed a complaint against Facebook.
The fine imposed by the DPC dwarfs the previous record fine of 746 million euros for Amazon.com in Luxembourg. In addition, Meta must stop any further transfer of European personal data to the United States as the company remains subject to US surveillance laws.
Meta did not comment on the record penalty for the time being. However, experts assume that the US group will appeal the decision. However, court proceedings can take years. By then, a new data pact could come into force between the European Union and the USA, which would regulate transatlantic data traffic. Meta had previously threatened to withdraw completely from the EU if transatlantic data transfer was not permanently possible.
No maximum penalty for meta
Schrems explained that the fine imposed could have been much higher: “The maximum fine is over four billion. And Meta has knowingly violated the GDPR for ten years to make a profit.” If US surveillance laws are not changed, Meta will probably have to fundamentally restructure its systems, Schrems explained.
The Irish data protection authority DPC had refused for years to take action against Facebook in this matter. Ultimately, the European Data Protection Board (EDPB) obliged the DPC to impose a fine on the social network. The current decision only relates to Facebook, not to other services from the meta group such as Instagram or WhatsApp. However, Meta had already been fined 390 million euros by the DPC in January because Facebook and Instagram users had been forced to agree to personalized advertising.
So far, fines of four billion euros have been imposed with the new penalty for Meta since the General Data Protection Regulation came into force five years ago. Meta is now represented six times in the list of the ten highest fines, the penalties now total 2.5 billion euros. The fashion chain H&M had to pay the highest fine in Germany of 35 million euros in 2020 because of an insufficient legal basis for the data processing of its online shop. (dpa)