Meta, the parent company of Facebook, was penalized with a €1.2 billion (£1 billion) penalties for improperly managing user data during transfers between Europe and the United States.
The General Data Protection Regulation privacy law’s biggest fine to date was issued by Ireland’s Data Protection Commission. Before utilizing a person’s personal data, a company must obtain that person’s consent under GDPR regulations.
According to Meta, it will challenge the “unjustified and unnecessary” decision. The use of Standard Contractual Clauses to transfer EU data to the US is key to this conclusion. These legal agreements, drafted by the European Commission, provide protections to guarantee that personal data remains secure when transferred outside of Europe.
There are worries, however, that these data flows might still expose Europeans to the laxer privacy regulations of the US and allow US intelligence access to the data. A risky precedent
Most major businesses have intricate webs of data transfers to foreign receivers, many of which rely on SCCs, that can include email addresses, phone numbers, and financial information. Meta asserts that the fee is unjust because of their widespread use.
Facebook president Nick Clegg said, “We are therefore disappointed to have been singled out when using the same legal mechanism as thousands of other companies looking to provide services in Europe.
“This decision is flawed, unjustified, and sets a dangerous precedent for the countless other companies transferring data between the EU and the US.”