The Irish Data Protection Commission (DPC) assessed Meta, the company that owns Facebook, Instagram, and WhatsApp, a fine of €265 million (£228 million).
A data breach that resulted in the public disclosure of personal information for hundreds of millions of Facebook users is the reason for the fine.
An online hacking forum contained the email addresses and phone numbers of up to 533 million users.
In April 2021, the DPC started an investigation.
At the time, Facebook stated that the information, some of which had been available online for some time, was “scraped,” but not hacked, by malicious actors prior to September 2019.
Automated software is used to extract public information from the internet and “scrape” it for use in online forums.
“Considerable risks” Nonetheless, the DPC discovered that Meta violated the General Data Protection Regulation (GDPR)’s Article 25.
Data Protection Commissioner Helen Dixon stated, “Because this data set was so large because there had been previous instances of scraping on the platform, where the issues could have been identified in a more timely manner, we ultimately imposed a significant sanction.”
“We imposed a fine of €265 million in total because the risks are significant for individuals in terms of scamming, spamming, smishing, phishing, and loss of control over their personal data.”
In addition to the fine, Meta has been issued a reprimand and an order requiring it to take a variety of specified corrective actions within a predetermined time frame to bring its processing into compliance.
According to a company spokesperson: Our company’s operations are fundamentally based on ensuring the privacy and security of individual data. In light of this crucial issue, we have fully collaborated with the Irish Data Protection Commission.
“During the time in question, we made changes to our systems, including removing the capability to scrape our features using phone numbers in this manner.
“We will continue working with our peers on this industry challenge. Unauthorized data scraping is unacceptable and against our rules. We are carefully considering this decision.”
Meta filed an appeal with the High Court in September against Instagram’s record-breaking €405 million DPC fine.
It was the biggest fine at any point given over by the Irish information guard dog and was given for breaks connected with the handling of kids’ information.