Meta, Facebook’s parent company, was fined €265m ($277m) by Ireland’s data privacy regulator over a leak that exposed hundreds of millions of user records.
The penalty resulted from an investigation started last year into the discovery of a collated set of personal data that had been scraped from Facebook between May 2018 and September 2019 and posted online.
According to Reuters, the latest penalty brings the total Ireland’s Data Privacy Commissioner (DPC) fined parent group, Meta, to almost 1 billion euros.
The recent fine comes after information on more than 500 million Facebook users - including phone numbers and other data – was put online virtually for free last year.
Recently, data from another Meta-owned platform, WhatsApp, was leaked online, with threat actors selling up-to-date mobile phone numbers of nearly 500 million app users.
Ireland’s authorities fined for the leaked database Meta included personal data of dozens of high-ranking EU officials, Umberto Gambini, Senior Director at Avisa Partners and former Senior advisor at the European Parliament, said.
“Personal data of EU Justice Commissioner Didier Reynders, Luxembourg Prime Minister Xavier Bettel and dozens of EU officials were included in a leak of the 533 million records,” Gambini said in a LinkedIn post.
Meanwhile, Chris McLellan, director of Operations at the non-profit Data Collaboration Alliance, is skeptical if another fine will have any effect on the data collection and storage practices of tech giants such as Meta.
“Sensitive and other information is fragmented into databases, which then get copied at scale through a process known as data integration. This is at complete odds with the global movement towards increased data privacy and data protection,“ McLellan said.
“Sensitive and other information is fragmented into databases, which then get copied at scale through a process known as data integration. This is at complete odds with the global movement towards increased data privacy and data protection.“McLellan explained.
Wave of fines
Meta said it had cooperated fully with the investigation by DPC and made changes to its systems during the time in question, including removing the ability to scrape its features in this way using phone numbers, Reuters claims.
DPC is Meta’s lead privacy regulator within the European Union and has 13 more inquiries into the social media group. In September, the watchdog hit its Instagram subsidiary with a record fine of 405 million euros, which Meta plans to appeal.
The regulator has the power to impose fines of up to 4% of a company’s global revenue under the EU’s General Data Protection Regulation’s (GDPR) “One Stop Shop” regime introduced in 2018.
“We’ll keep going until the behavior does change,” Ireland’s Data Privacy Commissioner (DPC) Helen Dixon told Irish national broadcaster RTE on Monday.
More from Cybernews:
Subscribe to our newsletter