November 22, 2024

MediaBizNet

Complete Australian News World

Meta fined .3 billion for violating EU data privacy rules

Meta fined $1.3 billion for violating EU data privacy rules

Meta on Monday was fined a record 1.2 billion euros ($1.3 billion) and ordered to stop transferring data collected from Facebook users in Europe to the United States, in a major ruling against the social media company for violating EU data protection rules.

The punishment, announced by the Irish Data Protection Commission, is likely one of the most consequential in the five years since the European Union passed a landmark data privacy law known as the General Data Protection Regulation. Regulators said the company failed to comply with a 2020 ruling by the European Union’s highest court that Facebook data shipped across the Atlantic was not adequately protected from US spy agencies.

But it remains unclear if or when Meta will ever need to cordon off the data of Facebook users in Europe. Meta said it will appeal the decision, which could set up a drawn-out legal process.

At the same time, EU and US officials are negotiating a new data-sharing agreement that would provide legal protections for Meta and dozens of other companies to continue transferring information between the US and Europe — an agreement that could undo much of the EU. Guild rule on Monday. An initial deal was announced last year.

The ruling, which comes with a grace period of at least five months before Meta commits, only applies to Facebook and not to Instagram and WhatsApp, which Meta also owns. The company said there would be no immediate disruption to Facebook’s service in the European Union.

However, the EU decision shows how government policies are changing the boundless way data has traditionally moved. As a result of data protection rules, national security laws, and other regulations, companies are increasingly being pushed to store data within the country where it is collected, rather than allowing it to move freely to data centers around the world.

READ  Judge agrees to Activision Blizzard's settlement with EEOC over sexual harassment claim

The case against Meta stems from US policies that give intelligence agencies the ability to intercept communications from abroad, including digital correspondence. In 2020, Austrian privacy activist Max Schrems won a lawsuit to invalidate an agreement between the United States and the European Union, known as the Privacy Shield, that allowed Facebook and other companies to transfer data between the two regions. The European Court of Justice has said that the threat of US snooping violates the fundamental rights of European users.

“Unless US surveillance laws are reformed, Meta will have to fundamentally restructure its systems,” Mr. Shrems said in a statement on Monday. He said the solution is likely to be a “federated social network” where most personal data remains in the EU except for “essential” transfers such as when a European sends a direct message to someone in the US.

On Monday, Meta said it was unfairly singled out for data-sharing practices used by thousands of companies.

“Without the ability to transmit data across borders, the Internet risks fragmentation into national and regional silos, tying up the global economy and leaving citizens across countries unable to access many of the shared services we depend on,” Nick Clegg, Meta Global Affairs President, and Jennifer G. Newsted, the company’s chief legal officer, in a statement.

the to ruleIt can affect, a record fine under the General Data Protection Regulation, or GDPR, data about photos, friend connections, and direct messages stored by Meta. It has the potential to bruise Facebook’s business in Europe, especially if it hurts the company’s ability to target ads. Last month, Susan Lee, Meta’s chief financial officer, told investors that about 10 percent of global ad revenue comes from ads served to Facebook users in EU countries. In 2022, Meta Revenues of approximately $117 billion.

READ  The US engine maker will pay $1.6 billion to settle emissions cheating claims

Meta and other companies are counting on a new US-EU data agreement to replace one that European courts invalidated in 2020. Last year, President Biden and European Commission President Ursula von der Leyen announced the outlines of a deal in Brussels, but details are still being worked out. negotiation.

Without a deal, the ruling against Meta shows the legal risks the companies face in continuing to transfer data between the EU and the US.

Jonny Ryan, a senior fellow at the Irish Council for Civil Liberties, said Meta faces the prospect of having to delete massive amounts of data about Facebook users in the EU. This can present technical difficulties given the interconnected nature of Internet companies.

“It’s hard to imagine how they could comply with that,” said Mr. Ryan, who has pushed for stronger data protection policies.

The decision against Meta was announced around the fifth anniversary of the General Data Protection Regulation (GDPR). Many civil society groups and privacy activists said the data privacy law, initially seen as a model, fell short of its promise due to a lack of enforcement.

Much of the criticism has focused on a provision that would require regulators in the country where the company is headquartered in the European Union to enforce far-reaching privacy law. Ireland, home to the regional headquarters of Meta, TikTok, Twitter, Apple and Microsoft, has faced the most scrutiny.

On Monday, Irish authorities said it had been overruled by a board made up of representatives from European Union countries. The board insisted on imposing a €1.2 billion fine and forcing Meta to process previously collected data about users, which could include deletion.

READ  Apple profits soar as economic gloom affects technology

“The unprecedented fine is a strong signal to organizations that serious breaches have far-reaching consequences,” said Andrea Jelinek, chair of the European Data Protection Council, the European body that imposed the fine.

Meta has been a frequent target of regulators under the General Data Protection Regulation (GDPR) In January, the company was fined €390 million for forcing users to accept personalized ads as a condition of using Facebook. In November, he was fined 265 million euros for leaking data.