A heavy punishment for the social network.
The American giant Meta, parent company of Facebook, was fined 265 million euros by the Irish regulator (DPC) on behalf of the European Union, for not having sufficiently protected the data of its users.
Data Protection Commission announces decision in Facebook “Data Scraping” Inquiry: https://t.co/xW9nVqiJ2Y pic.twitter.com/6iDYnyVk5R
— Data Protection Commission Ireland (@DPCIreland) November 28, 2022
“The Data Protection Commission (DPC) announces (…) the conclusion of an investigation into Meta Platforms Ireland Limited”, a subsidiary of Meta and “body which controls the data of the social network Facebook, imposing a fine of 265 million euros on it. euros and a series of corrective measures,” according to a statement on Monday.
The DPC announced in April 2021 the opening of an investigation targeting Facebook on behalf of the EU, after the revelation of a hacking by hackers of the data of more than 530 million users dating back to 2019.
“Corrective” actions imposed
The investigation focused on the “Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer (…) applications between May 25, 2018 and September 2019”, and sought to find out whether Meta had sufficiently protected the data of its users with regard to European regulations.
Facebook has its European headquarters in Ireland and it is therefore up to the Irish regulator to lead the investigation for the European Union (EU).
The decision to impose a fine on Meta and its subsidiaries concerned was taken on Friday following findings of “breaches of European regulations (GDPR)”, details the DPC.
It therefore issued an "order asking MPIL for a series of corrective actions" and an administrative fine.
Meta says cooperate
The hack used a method known as "scraping" or looting Facebook profiles via software that mimics the network's functionality that helps members easily find friends, scraping contact lists.
"Protecting people's personal data is critical to how our business operates," a spokesperson for Meta said.
“That is why we have fully cooperated with the Data Protection Commission on this important matter.
We have made changes to our systems,” he added.
The GDPR, launched in 2018, gives regulators more power to protect consumers from the dominance of Facebook, Google, Apple and Twitter, which, attracted by favorable taxation, have chosen Ireland as their home base.
Read alsoProtection of data for minors in Europe: 405 million euros fine for Instagram
The settlement provides that regulators can impose a fine of up to 4% of the global turnover of these groups.
In the case of Facebook, the hacked data in question was partly published on a hacker forum in early April and is the work of "malicious actors", Facebook explained.
The European Union and certain member countries have multiplied in recent years the disputes with the American digital giants on the protection of personal data but also on taxation, or abuse of a dominant position, among others.