The violation involved the unauthorized transfer of EU Facebook user data to the United States for processing, whereas Meta argues that this is how open internet works.
The decision was issued by the European Data Protection Board (EDPB), which coordinates the efforts of privacy commissions in EU member states. The Irish Data Protection Authority (IE DPA) conducted an investigation into Meta's Facebook service, leading to the decision.
In a statement, the EDPB said that the fine, the largest ever imposed under the General Data Protection Regulation, was a result of Meta's use of standard contractual clauses (SCCs) to transfer personal data to the U.S. since July 16, 2020.
Additionally, the Facebook parent company is required to align its data transfers with the European Union GDPR, known as the world's most stringent privacy and security regulation.
“The EDPB found that Meta IE’s infringement is very serious since it concerns transfers that are systematic, repetitive and continuous,” EDPB Chair, Andrea Jelinek, said.
She reminded that Facebook has millions of users in Europe, implying that the amount of personal data sent is enormous and said that the “unprecedented fine” should be sending a clear message to companies that significant violations have “far-reaching consequences.”
Meta said that it will appeal the decision and seek a stay with the courts to suspend the implementation deadlines due to the harm these orders would cause, particularly to the millions of Facebook users.
According to Meta officials, the fine is not solely about their privacy practices but rather reflects a fundamental conflict of law between the U.S. government's data access rules and European privacy rights. They expect policymakers to resolve this conflict during the summer.
Meta emphasized the importance of cross-border data transfers for the functioning of the global open internet, noting that thousands of businesses and organizations rely on such transfers between the EU and the U.S. to operate and provide essential services.
The company assured that there has been no immediate disruption to Facebook in Europe.
