Meta in Ireland fined €265M for failing to protect user data

On Monday, November 28, the Irish Data Protection Commission (DPC) fined Meta Corporation (recognized as extremist and banned in the Russian Federation) for €265 million. The fine was imposed because the corporation did not sufficiently protect confidential data, as a result of which such data of hundreds of millions of users ended up on the Internet.

The DPC launched an investigation in April last year. Then it became known that in 2019, personal data of 533 million Facebook and Instagram users appeared on hacker forums, including names, email addresses, location data. It turned out that hackers managed to gain access to this information due to a vulnerability in one of the functions of social networks, which allows them to import contacts from the phone’s address book to search for friends and acquaintances. Meta later fixed this vulnerability.

DPC regularly conducts investigations against Meta, as Ireland is the company’s European headquarters. After the current decision of the regulator, the total amount of fines imposed by him on the corporation exceeded €1 billion: in September DPC fined her for €405 million for violations of the storage of personal data of children on Instagram, and in 2021 – for €225 million for “extremely serious” violations of the privacy regulations in her WhatsApp messenger.

Yana Rozhdestvenskaya