LONDON – Meta on Monday was fined a record 1.2 billion euros (S$1.75 billion) and ordered to stop transferring data collected from Facebook users in Europe to the United States, in a major ruling against the social media giant for violating European Union (EU) data protection rules.
The penalty, which eclipses a 746 million euro EU fine previously doled out to Amazon.com, was announced by Ireland’s Data Protection Commission.
It is potentially one of the most consequential in the five years since the EU enacted the landmark data privacy law known as the General Data Protection Regulation. Regulators said the company failed to comply with a 2020 decision by the EU’s highest court that Facebook data shipped across the Atlantic was not sufficiently protected from US spy agencies.
But it remains unclear if or when Meta will ever need to cordon off the data of Facebook users in Europe. Meta said it would appeal the decision, setting up a potentially lengthy legal process. The company also promised to “immediately” seek a suspension of the banning orders, saying they would cause harm to “the millions of people who use Facebook every day.”
At the same time, EU and US officials are negotiating a new data-sharing pact that would provide legal protections for Meta and scores of other companies to continue moving information between the US and Europe – a pact that could nullify much of the EU’s ruling Monday. A preliminary deal was announced last year.
The ruling, which comes with a grace period of at least five months before Meta needs to comply, applies only to Facebook and not Instagram and WhatsApp, which Meta also owns. The company said there would be no immediate disruption to Facebook’s service in the EU.
Still, the EU decision shows how government policies are upending the borderless way data has traditionally moved. As a result of data-protection rules, national security laws and other regulations, companies are increasingly being pushed to store data within the country where it is collected, rather than allowing it to move freely to data centers around the world.
The case against Meta stems from US policies that give intelligence agencies the ability to intercept communications from abroad, including digital correspondence. The European Court of Justice said the risk of US snooping violated the fundamental rights of European users.
On Monday, Meta said it was being unfairly singled out for data-sharing practices used by thousands of companies. NYTIMES, BLOOMBERG