Facebook’s parent company, Meta, has been hit with yet another hefty fine of €265 million ($277 million) by the Irish Data Protection Commission (DPC), the tech giant’s lead regulator for the European Union’s General Data Protection Regulation (GDPR).
Meta was penalized for failing to stop the online scraping and dumping of sensitive information of millions of Facebook users.
In September, following a €405 million ($402 million at the time) penalty for mishandling children’s privacy settings on Instagram, the Irish Data Protection Commission fined the tech corporation twice in recent months. In total, Meta has accrued fines of roughly €1 billion in just the last 18 months.
In reaction to the exposure of the personal data of over 530 million Facebook users, including phone numbers, birth dates, email addresses, and other details, the DPC opened this penalty issue.
At the time, Meta attempted to downplay the breach by asserting that the information discovered was outdated and that it was likely obtained by “malicious actors” using a contact importer feature that it had provided up until September 2019 before making changes to prevent data abuse.
It further asserted that the problem that caused the exposure of personal data had been resolved. Even though the company stated it would examine the DPC Ireland decision, the Ireland regulator asserted that it did not adhere to the GBPR data obligation.
This is not the first time the corporation has been fined; over the years, its subsidiary companies have also been penalised.
Last year, the DPC fined Meta’s WhatsApp €225 million ($267 million) for not providing details of how it shares European Union users’ data with Facebook. It was also hit with a €17 million ($18.6 million) fine over 12 separate data breaches.
In total, Meta has accrued fines of roughly €1 billion in the last 18 months.