The European Data Protection Board (EDPB) announced the decision to penalize Meta on May 22. It followed an extensive investigation into the operations of Facebook in the continent. The investigation was launched by the Irish Data Protection Commission (DPC) back in August 2020.
The DPC is in charge of regulating all of Meta's operations within Europe. Its May 22 ruling, however, alleged that the parent company of Facebook and Instagram violated Article 46(1) of the General Data Protection Regulation (GDPR). In particular, the GDPR's Chapter 5 establishes the conditions for the transfer of personal data to countries outside of the EU or to international organizations.
According to the commission, Meta continued to transfer personal data from the EU to the U.S. even after the European Court of Justice ruled the EU-U.S. Privacy Shield agreement invalid in 2020. (Related: Facebook confirmed to be a massive spy machine that records your conversations and violates your privacy.)
Meanwhile, the company helmed by Zuckerberg said it plans to appeal the ruling and the accompanying fine. It has also assured users that there will be "no immediate disruption to Facebook services in Europe." The fine issued by the DPC surpasses the previous record of €746 million ($805.7 million), which had been slapped on e-commerce giant Amazon back in 2021.
Aside from the fine, the DPC also ordered Meta to stop processing the personal data of European users on U.S. servers within the next six months. The personal information encompassed in the order include pictures, friend connections, direct messages and data collected for targeted advertising.
Meta Global Affairs President Nick Clegg and Chief Legal Officer Jennifer Newstead decried the ruling in a joint statement. They wrote: "This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and the United States."
EDPB Chairwoman Andrea Jelinek described Meta's violation as "systemic, repetitive and continuous." She also stressed the severity of the tech giant's violations.
"Facebook has millions of users in Europe, so the volume of personal data transferred is massive. The unprecedented fine sends a powerful message to organizations about the significant repercussions of serious infringements."
Meta meanwhile argued that the issue stems from the "conflict of law" between U.S. rules governing data access and the privacy rights of Europeans. The company expressed optimism that American policymakers and their European counterparts would head to a "clear path" toward resolving the conflict, under a newly-proposed transatlantic Data Privacy Framework.
"Thousands of businesses and organizations rely on the ability to transfer data between the EU and the U.S. to operate and provide everyday services," Meta said. "This is not about one company's privacy practices. There is a fundamental conflict of law between the US government’s rules on access to data and European privacy rights, which policymakers are expected to resolve in the summer."
The company reiterated that it will "appeal the ruling, including the unjustified and unnecessary fine, and seek a stay of the orders through the courts."
Visit BigTech.news for more stories about Meta, the parent company of Facebook and Instagram.
Watch this video to learn how the EARN IT Act, which has been introduced three times in Congress, wants to end privacy.
This video is on the What is Happening channel on Brighteon.com.