The Irish Data Protection Commission (DPC) has announced that it will be fining Facebook’s company, Meta, for 17 million euros ($18,647.228) after announcing that the company failed “to protect EU users’ data.”
DPC has been conducting an investigation into Meta’s compliance with the General Data Protection Regulation law during its handling of information in 12 data breach notifications the regulator received between June and December 2018.
As a result, the body found that Meta “failed to have in place appropriate technical and organisational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data.”
The regulator, headquartered in Dublin, has previously fined WhatsApp’s communications service 225 million euros (approximately $247 million) for a similar law violation.
Meta’s representatives replied in an emailed statement that they take the GDPR obligations seriously and that their practices have since been improved.
“This fine is about record keeping practices from 2018 that we have since updated, not a failure to protect people’s information,” the company said in an emailed statement. “We take our obligations under the GDPR seriously, and will carefully consider this decision as our processes continue to evolve.”
This is not the first time Meta faces fines for failing to comply with the European Union’s privacy regulations. Earlier in January, France’s watchdog – Commission Nationale de l’informatique et des Libertés (CNIL) – imposed fines on Google and Meta, jointly worth approximately $250 million. Similarly, in 2017, Meta was fined by the European Union for spreading misleading information about its acquisition of WhatsApp.