On Monday, the Irish Data Protection Commission (DPC) fined Meta €265 million.
The investigation began last April, after Business Insider reported that more than half a billion pieces of information about Facebook users had been published on an underground hacker site. At the time, Facebook said malicious actors had abused its contact import tool to match available phone numbers to Facebook users’ profiles before harvesting additional information from their profiles.
Facebook’s parent company has been sanctioned for not having sufficiently protected its users’ personal data. The regulator believes that the social network has not complied with the General Data Protection Regulation (GDPR). In addition to the fine, the Commission said it also imposed a « series of corrective measures » on Meta, which were not specified.
Long criticized for its lack of responsiveness, the Irish CNIL, which is responsible for monitoring the majority of web giants in the European Union, has since moved up a gear.
The penalty, imposed by the Irish Data Protection Commission, brings the total fines the regulator has imposed on Meta since last year to more than $900 million.
In September, the same regulator fined the company about $400 million for its mishandling of children’s data. In October of last year, Irish authorities fined Meta, which used to be called Facebook, 225 million euros, or about $235 million, for violations related to its WhatsApp messaging service.
It should also be noted that Meta is not the only tech giant facing scrutiny. Last year, Amazon was fined nearly €750 million for its online advertising practices by regulators in Luxembourg, where its European headquarters are located.
In January, Google was fined €150 million by French authorities because users did not have an adequate way to opt out of cookies used by online advertisers to track a person’s Internet browsing history.