A Meta Inc. situated in Ireland has just been dealt a penalty of €265 million (equivalent to ₦122,339,760,000.00) for exposing the information of more than 533 million of its users.
The fine, which was issued yesterday by Ireland’s Data Protection Commission, Meta’s main privacy regulator in the European Union, is punishment for failing to protect users’ date, hence violating sections of the EU’s strict General Data Protection Regulation.
The DPC said it began investigating the incident on the 14th of April 2021, following reports that data on more than 533 million users, including names, Facebook IDs, phone numbers, locations, birth dates, and email addresses for people from more than 100 countries was found on the internet.
“The scope of the inquiry concerned an examination and assessment of Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools in relation to processing carried out by Meta Platforms Ireland Limited (‘MPIL’) during the period between 25 May 2018 and September 2019,” the regulator said in a press release.
In addition to the fine, it “imposed a reprimand and an order” requiring Meta to “bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe”.
In a statement Meta said: “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorised data scraping is unacceptable and against our rules.”
The punishment brings the total amount of fines imposed on Meta by the DPC to nearly €1bn since September last year.
In September, Meta was fined €405m for letting teenagers set up Instagram accounts that publicly displayed their phone numbers and email addresses, while in March of the same year, the watchdog fined Meta €17m for further GDPR breaches and in September last year it fined Meta’s WhatsApp €225m over “severe” and “serious” infringements of GDPR.
An unmentioned legal expert questioned whether strong enforcement of the EU’s General Data Protection Regulation would have the deterrent effect that it intended.
To this, David Hackett, head of data protection in the Ireland office of law firm Addleshaw Goddard, said “By any measure, these are significant fines.”
“GDPR envisaged the imposition of such fines in part to serve as a deterrent to other companies which might consider breaching the law. We are likely to see increased debate about whether such fines actually influence corporate behaviour or if some companies simply see them as an added cost of doing business.”
Apple, Google, TikTok, and other tech platforms are subject to DPC oversight because their EU headquarters are located in Ireland. There are presently 40 such company investigations ongoing, with 13 of them including Meta.
1 Comment
Pingback: Meta fined €390 million for breach of EU data privacy laws - Innovation Village | Technology, Product Reviews, Business