Ireland's privacy watchdog fines Facebook owner Meta €265m for leaking of users' personal details
This latest fine brings the total penalties levied on Meta over the past 18 months to just over €900m. File photo: Leah Farrell / RollingNews.ie
Facebook parent company Meta has been fined €265m by Ireland’s privacy watchdog after the personal details of 533 million Facebook users were leaked on the internet.
The Data Protection Commission today announced the fine and a series of remedial measures it wants Meta to take following an investigation it began in April of last year. That probe was prompted by reports that a “collated dataset” of user information had been made available on the web.
The vast majority of the leaked records included phone numbers, names, genders, and Facebook IDs. Several prominent public officials were included in the leak, including Didier Reynders, the European Justice Commissioner.
The decision to fine and reprimand Meta Platforms Ireland Limited – the company’s Irish entity - was formally adopted last Friday following consultation with the EU’s various national data protection regulators.
“Those supervisory authorities agreed with the decision of the DPC,” a spokesperson for the Commission said.
This latest fine brings the total penalties levied on Meta over the past 18 months to just over €900m, with those forming the vast bulk of the €1bn mandated by the DPC under GDPR to date.
However, Meta has appealed all but one of the fines levied upon it to date – a €17m charge relating to a series of 12 data breach notifications sent to the DPC between June and December 2018.
In a statement Meta said: "Protecting the privacy and security of people’s data is fundamental to how our business works. That’s why we have co-operated fully with the Irish Data Protection Commission on this important issue. We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers.
"Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge. We are reviewing this decision carefully.” In addition to the new fine, the DPC reprimanded Meta and instructed it to take “a range of specified remedial actions within a particular timeframe”.
Facebook had initially told the DPC that the leaked dataset involved information dating from prior to the EU’s GDPR legislation, which came into effect in May 2018. However, upon further investigation the DPC discovered that much of the leaked information dated from 2019.
Meta faces at least three further investigations into its platforms by the DPC at present – one each into Facebook, Instagram, and Whatsapp. All involve the company’s legal bases for processing user information, and all are likely to conclude before the end of this year, according to sources.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
