European and Irish regulators have ordered Facebook owner Meta to pay a fine of 1.2 billion euros for violating the General Data Protection Regulation (GDPR) with transfers of personal data to the United States. It’s the largest GDPR fine ever.
Meta was also ordered to stop storing European Union user data in the US within six months, but it may ultimately not have to take that step if the EU and US agree on a new regulatory framework for international data transfers.
The infringement by Meta’s subsidiary in Ireland “is very serious since it concerns transfers that are systematic, repetitive, and continuous,” European Data Protection Board (EDPB) Chair Andrea Jelinek said in an announcement today. “Facebook has millions of users in Europe, so the volume of personal data transferred is massive. The unprecedented fine is a strong signal to organizations that serious infringements have far-reaching consequences.”