Sponsored Links

Meta fined $18.6 million over 12 GDPR-related data breaches

Ireland's data watchdog received a dozen data breach notifications in 2018.
PARIS, FRANCE - FEBRUARY 03: In this photo illustration, The logos of applications, WhatsApp, Messenger, Instagram and facebook belonging to the company Meta are displayed on the screen of an iPhone in front of a Meta logo on February 03, 2022 in Paris, France. Share prices for Facebook's parent company, Meta, slumped in after-hours trading after the company reported that social network's daily active users declined to 1.929 billion in Q4 of 2021 from 1.930 billion in the previous quarter. Facebook is losing users for the first time in its history, Mark Zuckerberg's company has seen its profits decline, and the transition to the metaverse promises to be chaotic. (Photo illustration by Chesnot/Getty Images)
Chesnot via Getty Images
Kris Holt
Kris Holt|@krisholt|March 15, 2022 1:35 PM

Ireland's Data Protection Commission has fined Meta €17 million ($18.6 million) over 12 data breaches. It said the company violated several articles of the European Union's General Data Protection Regulation (GDPR) by failing "to have in place appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users' data."

The DPC received the data breach notifications from Meta between June and December 2018. Before announcing the fine, it consulted with other European authorities under GDPR guidelines, as the investigation was related to “cross-border” processing.

“This fine is about record keeping practices from 2018 that we have since updated, not a failure to protect people's information," a Meta spokesperson told Engadget. "We take our obligations under the GDPR seriously, and will carefully consider this decision as our processes continue to evolve.”

The fine is a drop in the ocean for Meta, which raked in $32.6 billion in ad revenue last quarter alone. The penalty pales in comparison with a $267 million fine the DPC imposed last year after it determined Meta app WhatsApp failed to comply with GDPR transparency rules. The regulator has investigated Meta over other data-related issues.

Meta fined $18.6 million over 12 GDPR-related data breaches