Meta faces a fine of 17 million euros for a data breach
Meta faces a fine of 17 million euros for a data breach

Meta, the parent company of Facebook, has been fined 17 million euros ($18.6 million) by Ireland's Data Protection Commission (DPC) for a series of historical data breaches.

The vulnerability, which affected up to 30 million Facebook users, dates back several years. Facebook shared the information with Irish regulators in 2018.

Facebook's main data protection authority in the European Union, the DPC, launched its security investigation in late 2018.

Previously, between June 2018 and December 2018, the Commission received 12 data breach notifications from the company.

The GDPR requires that personal data breaches be reported immediately to supervisory authorities if the breach may pose a risk to individuals. The most serious violations must be reported within 72 hours.

In a press release announcing its final decision on the Facebook investigation, the DPC wrote: "The investigation has verified the platform's compliance with personal data processing requirements related to the 12 data breach notifications.

"As a result of the investigation, the Data Protection Commission (DPC) concluded that Meta had violated two provisions of the GDPR," she added. DPC found that Meta had failed to take appropriate technical and organizational measures to demonstrate in practice the security measures it had implemented to protect EU user data in 12 data breaches.

Meta risk of fines for GDPR violations

Commenting on the penalties, a company spokesperson attempted to downplay them as mere lenient records.

“The fines are not related to non-compliance with personal data protection, but to record-keeping practices in place since 2018. We have updated them.” We take our obligations under the GDPR very seriously. We are carefully considering this decision as our business continues to grow.

The sanctions mark the first final ruling in Ireland's GDPR investigation against Facebook since the General Data Protection Regulation (GDPR) was introduced nearly four years ago.

The regulator fined WhatsApp 225 million euros last year for violating transparency rules.

Previous Post Next Post