California, US: The Irish Data Authority fined Facebook’s owner $275 million following a breach that resulted in the details of more than 500 million users being published online. The Data Protection Commission (DPC) claimed Meta had violated two provisions of the EU’s data protection rules after scraping information from global Facebook users’ public profiles in 2018 and 2019.
The data was exposed on a hacking website last year, prompting a prob by the DPC, which regulates Meta across the EU. The watchdog stated that a “substantial” portion of the users was from the EU. The Authority “imposed a reprimand and an order” in addition to the fine, requiring Meta to “bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe”.
We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorised data scraping is unacceptable and against our rules.
Meta cited in a statement.
The punishment brings the total amount of fines imposed on Meta by the DPC to nearly $1 billion since September 2021. One legal professional questioned whether the General Data Protection Regulation (GDPR) of the EU will be enforced strictly enough to have the deterrent impact that it was meant to have.
“By any measure, these are significant fines. GDPR envisaged the imposition of such fines in part to serve as a deterrent to other companies which might consider breaching the law. We are likely to see an increased debate about whether such fines actually influence corporate behaviour or if some companies simply see them as an added cost of doing business,” Mr. David Hackett, head of data protection in the Ireland office of law firm Addleshaw Goddard, remarked.
Due to the fact that Apple, Google, TikTok, and other technology platforms have their EU headquarters in Ireland, the DPC is responsible for regulating them. There are now 40 open investigations into these firms, 13 of which concern Meta.