Status: 11/28/2022 5:22 p.m
Because data from Facebook and Instagram users was accessible online on a large scale, the meta group is to pay a fine of 265 million euros in Ireland. The authorities have repeatedly criticized data protection violations.
After the publication of personal data from Facebook and Instagram users, the parent company Meta is to pay a fine of 265 million euros in Ireland. The Irish data protection authority DPC announced today that it has completed its investigation. In April 2021, the names and some other data such as telephone numbers and email addresses of up to 533 million users from more than 100 countries became available online in a hacker forum.
Imported contacts from smartphone
According to the DPC, the data protection authorities of the other EU members have worked together with the Irish authority. Facebook said it is considering the decision. The unauthorized skimming (“scraping”) of data is “unacceptable and a violation of our rules, and we will continue to tackle this challenge together in the industry,” said the group. Facebook’s systems were not hacked.
The Irish penalty relates to a feature that allows users to find friends or acquaintances by importing contacts stored on their smartphone into the Facebook or Instagram app.
According to the EU General Data Protection Regulation (GDPR), which came into effect in May 2018, data protection authorities can impose heavy penalties for violations. Since Meta has its European headquarters in Ireland, the Irish authority is responsible for prosecution.
Altogether already penalties of almost 1 billion euros
With the current case, the penalties for the US group in Ireland have already totaled 910 million euros in the past 14 months. It is the fourth time since September 2021 that the Irish authority has imposed a large fine. At that time, the subsidiary WhatsApp had to pay 225 million euros for violations of data protection rules. In addition, the parent company was fined another 17 million euros in March 2022 – also for data protection violations.
Finally, in September, the DPC imposed a record €405 million fine on Instagram for serious violations of children’s privacy rules. Underage users between the ages of 13 and 17 are said to have been allowed to operate business accounts on the photo and video platform, which would have allowed their telephone number or email address to be published.
Meta has appealed both the Instagram and WhatsApp decisions. Now judges have to decide. A ruling is considered to set a precedent for future investigations into data breaches. International tech companies like Meta are a major employer in Ireland. However, after the US company decided to cut 13 percent of its jobs worldwide, hundreds of jobs there are on the brink.