The European Union slapped Meta with a record USD 1.3 billion privacy fine on Monday and ordered it to stop transferring user data across the Atlantic by October, the latest salvo in a decade-long case sparked by US cybersnooping fears. The penalty of 1.2 billion euros is the biggest since the EU’s strict data privacy regime took effect five years ago, surpassing Amazon’s 746 million euro fine in 2021 for data protection violations.Meta, which had previously warned that services for its users in Europe could be cut off, vowed to appeal and ask courts to immediately put the decision on hold.
“There is no immediate disruption to Facebook in Europe,” the company said.
“This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and US,” Nick Clegg, Meta’s president of global and affairs, and Chief Legal Officer Jennifer Newstead said in a statement.
It’s yet another twist in a legal battle that began in 2013 when Austrian lawyer and privacy activist Max Schrems filed a complaint about Facebook’s handling of his data following former National Security Agency contractor Edward Snowden’s revelations of electronic surveillance by US security agencies.
That included the disclosure that Facebook gave the agencies access to the personal data of Europeans.The saga has highlighted the clash between Washington and Brussels over the differences between Europe’s strict view on data privacy and the comparatively lax regime in the US, which lacks a federal privacy law.
The EU has been a global leader in reining in the power of Big Tech with a series of regulations forcing them police their platforms more strictly and protect users’ personal information.An agreement covering EU-US data transfers known as the Privacy Shield was struck down in 2020 by the EU’s top court, which said it didn’t do enough to protect residents from the US government’s electronic prying.Monday’s decision confirmed that another tool to govern data transfers — stock legal contracts — was also invalid.