The EU has just handed Meta the largest data privacy fine on record, an eye-watering €1.2bn ($1.29bn) penalty, for failing to properly safeguard European Facebook users’ data stored and processed in US data centres.
The decision comes after a decade-long tussle between Meta and European data regulators which was kicked off by the Edward Snowden revelations of US treatment of personal data. According to the EU, Meta failed to adequately protect European users’ Facebook data as set out by the General Data Protection Regulation (GDPR), a controversial piece of legislation now approaching its fifth anniversary. However, the issue is a thorny one, and potentially highly political. The US government has nothing like the same level of data privacy protection regulation; surveillance agencies retain the right to interrogate and store the data for national security purposes.
Wrong tool for the job
Last year, US President Joe Biden and EU President Ursula von der Leyen struck a deal for a new data protection framework that could help resolve the issue, but that framework isn’t scheduled to come into force for some weeks, if not months. In the meantime, Meta – and indeed many digital service providers serving Europeans – have been using stop-gap legal tools called a Standard Contractual Clauses – a tool which the EU’s data privacy board has now found wanting.
For its part, Meta claims the company has been unfairly singled out for a fine and has stated its intention to appeal. However, the fine has sent shockwaves through the Silicon Valley community. It is feared that other large players – such as Google – are next in line for a penalty, and indeed no one is quite clear at this moment how far the EU will go in using this Meta fine as a precedent.
Meta will appeal
For its own part, Meta has stated it will appeal the decision, and will likely attempt to argue an extension of one of the ruling’s key obligations, specifically to quit transferring European Facebook data to US data servers for storage and processing.
However, many regulatory voices would like to see that obligation go further, forcing digital service giants such as Meta to delete European user data within a defined timescale. The argument continues and could have widespread repercussions for the entire digital services community.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData