Reasons for Violating the European Union's General Data Protection Regulation (GDPR)
Fourth Instance Since the Invalidation of the 'Privacy Shield' in July 2020
Meta CEO Mark Zuckerberg and the Meta logo, the company behind services such as Facebook, Instagram, and WhatsApp. Photo by Yonhap News
[Asia Economy Reporter Kim Sung-wook] The Irish Data Protection Commission (DPC) has imposed another fine on Meta (formerly Facebook). This marks the fourth time in the past two years that the Irish regulator has fined Meta.
According to the New York Times (NYT) and others on the 28th (local time), the DPC fined Meta 275 million euros (approximately 384.4 billion KRW) for violating the European Union's (EU) General Data Protection Regulation (GDPR). This was due to the revelation last year that personal information of about 530 million Facebook users from over 100 countries worldwide was posted on an online hacker site. The data scraped included users' names, phone numbers, locations, birthdays, email addresses, and other personal information. Meta explained, "Unauthorized data scraping is unacceptable and violates our rules," adding, "The issue was rectified in August 2019." However, it is not known whether Meta will appeal the fine.
The Irish authorities' fines against Meta date back to 2020. In July 2020, the European Court of Justice (ECJ) ruled that the 'Privacy Shield,' the basis for data transfers between the EU and the United States, did not adequately protect European citizens' personal data, invalidating the agreement. This was due to concerns that U.S. intelligence agencies collect vast amounts of personal data, meaning that data transferred to the U.S. via Meta could be accessed by authorities.
Following this ruling, EU authorities have been preparing new data protection regulations. In particular, in Ireland, the conflict with Meta intensified when the DPC issued a preliminary order immediately after the ruling, instructing Meta to "stop transferring EU user data to the U.S." Earlier this year, Meta indicated its intention to withdraw from the market by including a statement in its annual financial report that it might suspend Facebook and Instagram services in Europe. However, it later reversed its position, stating that there are no plans to exit Europe.
Meanwhile, the DPC's regulation of Meta is ongoing. In September last year, the DPC ordered Meta to amend the privacy policy of its mobile messenger service WhatsApp and imposed a fine of 225 million euros (approximately 309 billion KRW). This was the largest fine ever imposed in Ireland based on GDPR violations. At the time, the DPC explained the reason for the fine, stating, "WhatsApp has not properly informed European users about how their personal data is collected and used," and "It did not disclose information sharing with Facebook to users."
Additionally, in September, Meta was fined 405 million euros (approximately 551.8 billion KRW) for failing to properly manage the personal data of teenage users on Instagram. In March, Meta was fined 17 million euros (approximately 23.1 billion KRW) due to issues with its notification of personal data breaches. Ireland is home to the EU headquarters of global big tech companies such as Meta, Google, and Twitter, playing a crucial role in monitoring compliance with the EU's GDPR.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
