The privacy breaches impacted around 30 million Facebook users
© Getty Images / Jakub Porzycki
The Irish Data Protection Commission (DPC) has imposed a fine of $18.7 million (€17 million) on Facebook’s parent company Meta after an investigation into 12 separate data breach notifications revealed the company had prolifically violated EU privacy rules.
Meta failed to impose “appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data,” the regulator said on Tuesday.
The breaches in question, which were reported to the DPC during the period between June and December 2018, allegedly affected 30 million Facebook users. Under the EU’s GDPR privacy law, platforms are required to quickly disclose personal data breaches if they are likely to put individual users at risk – with a reporting deadline of 72 hours for the most serious breaches.