Facebook’s parent company Meta Platforms has been charged with a record-breaking fine of $1.3 billion (€1.2 billion) by leading privacy regulators in the European Union. Meta’s EU data transfer fine stems from a 2013 case which had revelations about US mass surveillance. EU courts have ordered Meta’s EU-US data transfer fine over concerns of exposing EU citizens to privacy violations.
Meta’s $1.3 billion fine is attributed to its handling of user information in light of the disclosures of the US mass surveillance programs by whistleblower Edward Snowden.
Meta has been granted a period of five months to stop transferring EU users’ data to the United States.
Meta’s privacy fine over EU-US data transfers, imposed by Ireland’s Data Protection Committee (DPC) exceeds the previous record of the EU levying a demurrage of €746 million for privacy violations against Amazon in 2021.
“Meta did not address the risks to the fundamental rights and freedoms of Facebook’s EU users in the current legal framework for data transfers and violated GDPR.”
Meta EU Data Transfer Fine: In A Pickle, Browbeats To Shutdown
Processing multiple streams of personal data from its users is a crucial part of Meta’s vast ad-targeting operations. When the reliable rock of transferring data to the US wobbled, Meta resorted to being pressured to consider shutting down Facebook and Instagram in the EU in 2022. This irked the EU government, which did not take it in good stride.
“Meta cannot just blackmail the EU into giving up its data protection standards. Leaving the EU will be their loss.”
The battle of Meta’s data transfer penalty originated a decade ago from where Facebook stores its data after Austrian privacy appellant Max Schreems spited a legal challenge over the risks of the US snooping as Snowden’s theory resurfaced.
Meta’s EU-US data transfers were protected by a transatlantic pact called the ‘Privacy Shield‘. But the framework was declared void in 2020 in the Schreems-Snowden case after a top EU court found that data was not safe from being scourged on a platter to the US surveillance programs.
Meta’s $1.3 Billion Privacy Violation Fine: Does It Change Anything?
There are a number of caveats that benefit the social media giant even being ordered to stop the EU-US data transfers. The ruling is applicable only to data from Facebook and not other Meta subsidiaries like WhatsApp and Instagram. Furthermore, there’s a five-month grace period – Meta’s EU data transfer fine is awaiting a new pact which facilitates the safe transfer of EU users’ personal data to the US before the suspension occurs in 5 months.
And an unmissable fact is that the EU and US are in negotiations for a new deal to transfer data, which could come into force as early as this summer or as late as October.
Despite the red flags, Meta announced in a statement that it will appeal the ruling and seek a stay of the orders through the courts. It would also appeal the apparent ‘unjustified and unnecessary privacy breach fine’. The social media giant stressed that it was only one of the ‘thousands’ of companies that used similar frameworks to transfer data.
Although some industry experts are triumphant to see a decision come to light after ten years of litigation, a few are wary if it will change anything fundamental to Meta’s privacy practices.
“A billion-euro parking ticket is of minimal consequence to a company that makes those billions by parking illegally.”
Schreems believes the fine should have been much higher considering that the maximum fine is more than $4 billion and Meta has partaken in breaking the laws to make profits at the expense of private data for ten years. He also stated that if Meta thinks any legal appeal will be successful, they stand corrected. The forthcoming EU-US data transfer protocol will not satiate the EU’s privacy regulations in court.
