The Data Protection Commission (DPC) has sanctioned Facebook’s parent company for its poor protection of European user data.
Lhe Data Protection Commission (DPC) had opened an investigation in April 2021 on behalf of the European Union, following the revelation of the hacking of the data of more than 530 million Facebook users in 2019. The Irish regulator revealed Monday, November 28 the conclusions of its investigation and sanctioned the American giant of social networks Meta, parent company of Facebook, with a fine of 265 million euros, for failure to protect the data of its users.
The Data Protection Commission (DPC) announces […] the conclusion of an investigation into Meta Platforms Ireland Limited”, a subsidiary of Meta and “body which controls the data of the social network Facebook, imposing a fine of 265 million euros on it and a series of corrective measures”, indicates more precisely the communicated.
“Looting by “scraping””
The survey focused on the applications “Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer […] between May 25, 2018 and September 2019”, and wanted to know if Meta had protected the data of its users sufficiently with regard to European regulations.
Facebook has its European headquarters in Ireland and it is therefore up to the Irish regulator to lead the investigation for the European Union (EU). The decision to impose a fine on Meta and its subsidiaries concerned was taken on Friday following findings of “breaches of European regulations (GDPR)”, details the DPC. It therefore issued an “order asking MPIL for a series of corrective actions” and an administrative fine.
READ ALSOYes, social networks are a real danger for our democracies
The hack used a method known as “scraping” or looting Facebook profiles via software that mimics the network’s functionality that helps members easily find friends, scraping contact lists.
“Protecting people’s personal data is critical to how our business operates,” a spokesperson for Meta said. “That is why we have fully cooperated with the Data Protection Commission on this important matter. We have made changes to our systems,” he added.
New dispute between the EU and Gafam
The GDPR, launched in 2018, gives regulators more power to protect consumers from the dominance of Facebook, Google, Apple and Twitter, which, attracted by favorable taxation, have chosen Ireland as their home base. The settlement provides that regulators can impose a fine of up to 4% of the global turnover of these groups.
READ ALSOGood use of metaverses
In the case of Facebook, the hacked data in question was partly published on a hacker forum in early April and is the work of “malicious actors”, Facebook explained.
The European Union and certain member countries have multiplied in recent years the disputes with the American digital giants on the protection of personal data but also on taxation, or abuse of a dominant position, among others.