The Irish Data Protection Commission has fined Meta €265 million for a data scraping leak that exposed the personal information of EU Justice Commissioner Didier Reynders, Luxembourg Prime Minister Xavier Bettel, and dozens of other EU officials.
As a result of Meta’s inadequate data security, Ireland’s privacy authorities stated Monday that it will fine the company €265 million and take other corrective measures against it.
The penalty relates to a data breach found in 2021. A 533 million record leak that surfaced on a public forum and spread widely online included the personal information of EU Justice Commissioner Didier Reynders, Luxembourg Prime Minister Xavier Bettel, and dozens of other EU officials. This leak also included phone numbers, Facebook IDs, full names, and birthdates.
The Irish Data Protection Commission, which regulates Meta because it has its European headquarters there, claimed the American tech giant had violated the General Data Protection Regulation’s requirement to ensure privacy “by design and default” by designing its products in a way that allowed for the leaking of personal information.
The authority also assessed a reprimand and an order, according to the DPC, to “bring [Meta’s] processing into compliance by taking a range of specified remedial actions within a particular timeframe.”
Subscribe to GreatGameIndia
A spokesperson for Meta said the company had “made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorized data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge.”
Facebook may still contest the ruling in Irish courts. It stated that it was “carefully reviewing this decision.”
The Irish Data Protection Commission informed POLITICO last month that it will soon also be announcing three other decisions against Meta companies.