Today, the Irish Data Protection Commission (DPC) announced a fine of €22 million euros against Meta’s Irish subsidiary. The reason is that a 2019 data breach on Facebook exposed the phone numbers, locations and birthdays of 533 millions of Facebook users from 2018 to 2019.
DPC began investigating the matter in April 11, 2021, the dataset has been made public on the Internet following its discovery by media reports. The investigation involved compliance with the “data protection by design and default” obligations in the EU’s GDPR, which Meta was found to have failed to comply with.
The DPC decision was passed last Friday and published today. It notes that Meta violates two provisions of GDPR regulations. The DPC noted that in addition to the aforementioned fine, an order was issued requiring Meta to “bring its data processing into compliance by taking a specified series of remedial measures within a specified time frame”.
The comprehensive investigation process involved cooperation with all other data protection regulators within the EU, which agreed with the DPC’s decision.
Source | By
