As Meta fined a record 1.2 billion euros ($1.3 billion) for breaking EU data protection standards, the company faces significant consequences.
The fine, released by Ireland’s Data Protection Commission, might be among the most significant since the European Union’s landmark data privacy law, the General Data Protection Regulation, went into effect five years ago. Data carried over the Atlantic was not properly shielded from American espionage agencies, according to regulators, and the European Union’s top court ruled as much in 2020.
The Monday verdict solely affects Facebook, not Instagram or WhatsApp, all of which are owned by Meta. Meta has stated that it would appeal the ruling, and in the meanwhile, users in the European Union should still be able to use Facebook without any problems.
There are still a few more stages until the business is required to isolate European Facebook users‘ data, which may include images, friend connections, direct messages, and data acquired for targeted advertising. Meta will have at least five months to comply with the order. Furthermore, the company’s appeal might initiate a protracted legal battle. EU data privacy rules were violated, and Meta fined for it. Let’s have a closer look at the details.
EU takes action: Meta fined $1.3 Billion
Yet the EU ruling demonstrates how government rules are changing the formerly unrestricted flow of data across national boundaries. Companies are under growing pressure to keep data within the country of collection due to data-protection legislation, national security laws, and other constraints. Previously, data could easily flow to data centers throughout the world.
U.S. rules that allow intelligence services to collect communications from overseas, including digital correspondence, are the basis for the case against Meta. The Privacy Shield agreement between the United States and the European Union that had permitted Facebook and other corporations to transfer data between the two areas was declared unconstitutional in a lawsuit won by an Austrian privacy campaigner named Max Schrems in 2020. The European Court of Justice ruled that potential American surveillance breached the human rights of European internet users.
Mr. Schrems said in a statement on Monday that “unless U.S. surveillance laws get fixed, Meta will have to fundamentally restructure its systems.” He speculated that a “federated social network” would be the answer, in which users’ information would primarily remain within the European Union (EU), with only “necessary” transfers occurring, such as when a user in Europe sends a private message to a user in the USA.
Meta said on Monday that it was being singled out unfairly for data-sharing procedures that are commonplace at thousands of businesses.
Meta’s president of global affairs, Nick Clegg, and chief legal officer, Jennifer Newstead, said in a statement, “Without the ability to transfer data across borders, the internet risks being carved up into national and regional silos, restricting the global economy and leaving citizens in different countries unable to access many of the shared services we have come to rely on.”
Meta’s struggle: How to comply with the EU’s order?
The verdict, a G.D.P.R. fine record, was widely predicted. Meta’s CFO Susan Li told investors last month that advertising served to European Union (EU) Facebook users was for around 10 percent of the company’s total ad income. In 2022, Meta earned almost $117 billion in sales.
Meta and other businesses are banking on a new data deal between the U.S. and the EU to replace the one that will be nullified by European courts in 2020. An idea of an agreement was revealed by President Biden and European Union President Ursula von der Leyen in Brussels last year, but the finer points are still being worked out.
According to Johnny Ryan, a senior fellow at the Irish Council for Civil Liberties, Meta may be forced to destroy massive quantities of data about Facebook users in the European Union. Due to the linked nature of internet service providers, that would raise technical challenges.
“It is hard to imagine how it can comply with this order,” said Mr. Ryan, who has fought for stricter data-protection standards.
The ruling against Meta comes nearly on the precise G.D.P.R. date that would have marked its fifth year. Many civil society organizations and privacy campaigners have said that although being hailed as a model data privacy law, it has not lived up to its potential due to a lack of enforcement.
The section that mandates enforcement of the sweeping privacy legislation by authorities in the nation where a firm has its European Union headquarters has been the focus of most of the criticism. Meta, TikTok, Twitter, Apple, and Microsoft all have regional offices in Ireland, which has been the focus of the greatest criticism.
That’s all you need about Meta fined $1.3 Billion for breaching EU data privacy guidelines. If you want to keep up with Meta and its latest developments, make sure to check out the links below to stay on track.