$275M Fine for Meta After Facebook Data Scrape
Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default."
Following the discovery of a data set of Facebook user personal data available on the Internet, the European Union's Data Protection Commission (DPC) has found Meta Platforms Ireland Ltd. (MPIL) in violation of General Data Protection Regulation rules, fining the platform $275 million (€265 million), and requiring the company to make cybersecurity changes.
The breached personal data was first discovered in April 2021, and followed by the launch of a DPC investigation, the regulator explained in an announcement of its findings. DPC reported that Facebook was out of compliance with the GDPR regulation to provide "data protection by design and default." As a result a threat actor was able to use "data scraping" to exfiltrate massive amounts of collated personal user data, the DPC said.
"The decision imposed a reprimand and an order requiring MPIL to bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe," the DPC ruled. "In addition, the decision has imposed administrative fines totaling €265 million on MPIL."
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024