Edward Snowden revealed
Record fine for Facebook’s involvement in mass surveillance
05/22/2023 11:59 am
Ten years ago, whistleblower Edward Snowden revealed the mass surveillance by Anglo-American secret services, in which Facebook is also involved. The meta group now has to pay a billion fine for this.
The Facebook group Meta has received a record fine of 1.2 billion euros for violating the European General Data Protection Regulation (GDPR). This was announced by the Irish data protection authority DPC. Contrary to an earlier court ruling, the group had transmitted data from European users of its Facebook network to the USA. The case is about Facebook’s involvement in mass surveillance by Anglo-American secret services, which was uncovered ten years ago by US whistleblower Edward Snowden. At the time, the Austrian data protection activist Max Schrems filed a complaint against Facebook.
Meta has its European headquarters in Dublin, so the DPC is responsible for its compliance with EU rules. The fine dwarfs the previous record fine of 746 million euros for Amazon.com in Luxembourg. In addition, Meta must stop any further transfer of European personal data to the United States as the company remains subject to US surveillance laws.
Meta did not comment on the record penalty for the time being. However, experts assume that the US group will appeal the decision. However, court proceedings can take years. By then, a new data pact could come into force between the European Union and the USA, which would regulate transatlantic data traffic. Meta had previously threatened to withdraw completely from the EU if transatlantic data transfer was not permanently possible.
Not the first penalty for meta
Schrems explained that the fine imposed could have been much higher: “The maximum fine is over four billion. And Meta has knowingly violated the GDPR for ten years to make a profit.” If US surveillance laws are not changed, Meta will probably have to fundamentally restructure its systems, Schrems explained.
The Irish data protection authority DPC had refused for years to take action against Facebook in this matter. Ultimately, the European Data Protection Board (EDPB) obliged the DPC to impose a fine on the social network. The current decision only relates to Facebook, not to other services from the meta group such as Instagram or WhatsApp.
However, Meta had already been fined 390 million euros by the DPC in January for forcing Facebook and Instagram users to agree to personalized advertising. So far, fines totaling four billion euros have been imposed with the new penalty for Meta since the General Data Protection Regulation came into force five years ago.
Meta is now represented six times in the list of the ten highest fines, the penalties now total 2.5 billion euros. The fashion chain H&M had to pay the highest fine in Germany of 35 million euros in 2020 because of an insufficient legal basis for the data processing of its online shop.