The Irish DPC (Data Protection Commission) has fined Facebook's parent company, Meta Platforms for failing to protect personal data. The decision came after an investigation into 12 notifications of data breaches from 2018.
The data infringements under Articles 5(2) and 24(1) of GDPR (General Data Protection Regulation) resulted in a fine of $17 million ($18.7 million).
The DPC considered Meta's usage of supporting papers during the investigation to be one of the best practices. However, the Commission concluded that, in the context of the 12 notifications, the bigh tech company lacked suitable 'technical and organizational measures'. That would allow it to demonstrate the security measures Meta implemented to protect personal data of its users.
This fine, according to Meta in an emailed statement, is for 'record-keeping methods from 2018', which the firm has subsequently corrected. Not for a failure to secure people's personal data.
This isn't the first time Facebook has been penalized for data privacy violations under the GDPR. Recently, the CNIL (Commission nationale de l'informatique et des libertés) has fined Google €150 million and Facebook €60 million. In summary, the tech giants made it difficult for users to opt out of their cookie policies.
Read more Amazon Fined With The Largest GDPR Fine. €746 million for data violations.
Source: https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-announces-decision-meta-facebook-inquiry
Last updated: March 18, 2022