The European Union (EU) has asked Meta to pay $1.3 billion in fines for violating its privacy laws, the largest ever fine imposed on a U.S. tech company by a European regulator.
The fine is based on an investigation led by Ireland’s Data Protection Commission (DPC), which found that Meta continued to transfer data of EU residents to the U.S. even though it was prohibited from doing so in 2021.
In addition to paying the fine, DPC has asked Meta to stop data transfers between the two continents and make all of its EU data stored in the U.S. compliant with the regulations in the next six months.
DPC’s chair Andrea Jelinek noted that the unprecedented penalty is aimed at sending a signal to organizations that serious infringements are likely to have far-reaching consequences.
Meta said it plans to file an appeal and stop the case from moving to the courts.
“This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and U.S.,” President of Global Affairs Nick Clegg and Chief Legal Officer Jennifer Newstead said.
The feud between DPC and Meta began when an Austrian privacy activist won a decade-long lawsuit invalidating a U.S.-EU data-moving agreement called Privacy Shield.
That said, the two governments are currently negotiating a new agreement called the Data Privacy Framework. Meta said that if it is signed before DPC’s deadline, then Meta can continue to use the services as they do today without any disruptions.