Meta fined $277m for leak of half a billion users
Meta Platforms was fined with EUR265m ($277m) fine for failing to prevent the leak of the personal data of more than half a billion users of its Facebook service.
The Irish Data Protection Commission, the main privacy watchdog for Meta in the European Union, levied the fine following a probe that found the social-media company had failed to apply strict safeguards required under the bloc’s sweeping General Data Protection Regulation.
On top of the fine – the third-biggest under GDPR – the watchdog ordered Meta’s Irish unit to make sure its processing complies with the law, according to an emailed statement on Monday.
The Irish authority is the lead watchdog for some of Silicon Valley’s biggest tech firms that have set up an EU base in the country, including Meta. It opened its probe following revelations that “a collated dataset of Facebook personal data” had been published on the internet. Personal information on 533 million Facebook users worldwide reemerged on a hacker website last year, including their phone numbers and email addresses.
The investigation looked into “Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools in relation to the processing carried out by Meta” between May 2018 and September 2019, the data protection commission said.
Meta said in a statement on Monday that “protecting the privacy and security of people’s data is fundamental to how our business works” and that it had cooperated fully with regulators. “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers,” the company said. “Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge. We are reviewing this decision carefully.”
