The Irish Data Protection Commission (DPC) has fined the Irish branch of Facebook Meta a total of $414 million for breaching customers' privacy and data without consent.
According to The Irish Data Protection Commission (DPC), Meta broke a couple of EU's General Data Protection Regulations and was made to pay €390 million ($414 million) as a fine. From what the DPC is saying, Meta must "bring its data processing operations into compliance within a period of 3 months," or they will keep getting fined by the international organization.
The total fine was shared between the two social media platforms Meta owns, Facebook and Instagram. Facebook got a fine of €210 million, while Instagram received a fine of €180 million. Whatsapp is also involved in another case regarding how Meta handled customers' privacy and data. If Meta loses the case, it would mean more fines for the social communications platform WhatsApp.
A few years back, Facebook, now Meta, had legal battles with the European Union and Ireland regarding how they handled customers' privacy and data. The social media giant also faced a lawsuit in San Fransico over tracking allegations.
What is DPC Saying About the Fine?
The Irish Data Protection Commission (DPC) fined Mark Zuckerberg's Meta because it was violating a law that was made in 2018. The General Data Protection Regulation came into operation in 2018, the same day that Meta changed their terms and conditions.
The basis for breaking the regulations is mostly privacy and data. The two counts which The Irish Data Protection Commission (DPC) used in fining Meta were based on Meta breaking customers' privacy and data.
"In breach of its obligations in relation to transparency, information in relation to the legal basis relied on by Meta Ireland was not clearly outlined to users, with the result that users had insufficient clarity as to what processing operations were being carried out on their personal data, for what purpose(s), and by reference to which of the six legal bases identified in Article 6 of the GDPR," DPC said in a blog post.
They also added that Meta broke several data consent regulations." In circumstances where it found that Meta Ireland did not, in fact, rely on users’ consent as providing a lawful basis for its processing of their personal data, the “forced consent” aspect of the complaints could not be sustained," the DPC added.
Meta's Response
Mark Zuckerberg's company has issued a response regarding what they think about the decision taken by The Irish Data Protection Commission (DPC). According to their statement in a blog post, Meta didn't deserve the ruling against them, citing that they obeyed all the rules about data regulations.
From what Facebook Meta said in the blog post, they reassured users that their data wasn't in danger, and were disappointed with the ruling of The Irish Data Protection Commission (DPC).
"We strongly believe our approach respects GDPR, and we're therefore disappointed by these decisions and intend to appeal both the substance of the rulings and the fines. We want to reassure users and businesses that they can continue to benefit from personalized advertising across the EU through Meta's platforms," Facebook Meta said in the blog post.
Right now, Meta will be waiting on the outcome of the ruling on Whatsapp, which could mean more fines, or they could get away with that.