Ireland fines Facebook for EU privacy law breaches

Ireland fines Facebook for EU privacy law breaches

DUBLIN
Ireland fines Facebook for EU privacy law breaches

Ireland on March 15 imposed a fine on Facebook parent company Meta for breaching EU data privacy laws, in the latest action in Europe against the business practices of U.S. tech titans.

The fine against the social media giant, which owns WhatsApp, Instagram and Facebook, amounted to a total of 17 million euros ($18.7 million) following an inquiry into 12 data breaches, said the Data Protection Commission (DPC).

EU member Ireland, which hosts the regional headquarters of a number of leading tech firms including Apple, Google and Twitter, has played a role in policing the bloc’s strict General Data Protection Regulations (GDPR).

The Irish data watchdog said Meta’s platforms had “failed to have in place appropriate technical and organisational measures” in the context of the 12 personal data breaches.

The data breach notifications were received by the DPC over a six-month period between June 7, 2018, and Dec. 4, 2018, it said.

“This fine is about record keeping practices from 2018 that we have since updated, not a failure to protect people’s information,” a Meta spokesperson told AFP.

“We take our obligations under the GDPR seriously, and will carefully consider this decision as our processes continue to evolve.”

Two European supervisory authorities working as part of the GDPR’s decision-making process raised objections to the initial DPC decision, but “consensus was achieved through further engagement between the DPC and the supervisory authorities,” the Irish commission said.

In September last year, Ireland hit WhatsApp with a record 225-million-euro fine following pressure from other European regulators to increase an initial penalty.

In a draft finding submitted to other European regulators for approval, the DPC proposed imposing a fine of between 30 and 50 million euros, but a number of national regulators rejected the figure, triggering the launch of a dispute resolution process.

The GDPR, which came into force in 2018, has been viewed as a powerful weapon for EU members to curb the excesses of big tech companies, giving national watchdogs cross-border powers and the possibility to impose sizeable fines for data misuse.

U.S. big tech companies have faced probes and huge fines in Europe, as well as plans for EU-wide legislation to rein them in.

data leak,