The Data Protection Commission of Ireland has slapped Meta with a fine of around €265 million. The $276 million USD-priced penalty came after the data leak of April 2021 that exposed information of 533 million users or more. DPC had initiated the investigation around the leak broke to check if Facebook complied in tune with the General Data Protection Regulation or GDPR European laws.
The leaks and linked fines
The information leaked, as Insider spotted, got posted to some online hacking hubs and included the names, numbers, locations, as well as user birthdates who used Meta between 2018 and 2019. Back then, Meta claimed to have fixed up the vulnerability via which such an incident came to be!
This penalty now marks the third DPC-imposed fine after earlier fines of $18.6 million USD due to poor record-keeping post, a 2018 data breach. Meta had also gotten a $402 million fine back in September after an investigation into teen data handling on Instagram.
Meta paid around $700 million after DPC imposed the same earlier in 2022 and this doesn’t include $267 million penalty that WhatsApp separately incurred. The latter had been proven to have violated European data privacy-related laws in 2021. A spokesperson from Meta said, “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorized data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge.”
Meta hadn’t directly reverted to the latest fine slapping but has from time to time, talked about combating data scraping and how the External Data Misuse team handles detection, blockage, and prevention of such scraping.