The European Union on Monday imposed a record $1.3 billion privacy fine on Meta and ordered it to stop moving user data across the Atlantic, a new chapter in a decade-long saga. It started out of concerns about US cyber espionage.
The €1.2 billion fine imposed by Ireland’s Data Protection Commission is the largest since strict EU data privacy rules came into effect five years ago, and exceeds the €746 million claimed from Amazon in 2021 for breaching data protection regulations.
The Irish agency is Meta’s main privacy regulator in the 27-country bloc because the Silicon Valley company has its European headquarters in Dublin.
Meta, which had warned that it could cut off services to its users in Europe, vowed to appeal and ask the courts to suspend the ruling immediately.
there is no interruption
“There is no immediate discontinuation of Facebook in Europe,” the company noted.
“This decision is flawed, unjustified and sets a dangerous precedent for the myriad of other companies transferring data between the EU and the US,” said Nick Clegg, president of global affairs at Meta, and the company’s chief legal officer, Jennifer Newstead. , it’s a statement.
It’s a new twist in a legal battle that began in 2013 when Austrian lawyer and privacy activist Max Schrems filed a lawsuit over how Facebook handled his data, following revelations about US cyber-espionage by former National Security Agency contractor Edward Snowden.
The saga has left on the table the differences between Washington and Brussels due to the strict European position on data privacy and the comparatively lax regulations of the United States, where there is no federal privacy law.
The EU has been at the forefront of the world in limiting the power of big technology companies, with a series of regulations that force them to police their platforms more strictly and protect users’ personal information.
An agreement covering data transfers between the EU and the United States, known as the Privacy Shield, was struck down in 2020 by Europe’s highest court, which concluded it did not do enough to protect citizens from electronic scrutiny by the US government. Monday’s decision confirmed that another tool for regulating data transfers – a category of legal contracts – was also invalid.
Brussels and Washington signed an agreement last year on a new version of the Privacy Agreement that could be used by Meta, but the project is pending European authorities to determine whether it adequately protects data privacy.
Community institutions are reviewing the deal and bloc lawmakers have called for several improvements this month, saying the safeguards are not strong enough.