1.2 billion euro fine for Facebook as a result of EDPB binding decision

24 may 2023

Following the EDPB’s binding dispute resolution decision of 13 April 2023, Meta Platforms Ireland Limited (Meta IE) was issued a 1.2 billion euro fine following an inquiry into its Facebook service, by the Irish Data Protection Authority (IE DPA). This fine, which is the largest GDPR fine ever, was imposed for Meta’s transfers of personal data to the U.S. on the basis of standard contractual clauses (SCCs) since 16 July 2020. Furthermore, Meta has been ordered to bring its data transfers into compliance with the GDPR.

In its binding decision of 13 April 2023, the EDPB instructed the IE DPA to amend its draft decision and to impose a fine on Meta IE. Given the seriousness of the infringement, the EDPB found that the starting point for calculation of the fine should be between 20% and 100% of the applicable legal maximum. The EDPB also instructed the IE DPA to order Meta IE to bring processing operations into compliance with Chapter V GDPR, by ceasing the unlawful processing, including storage, in the U.S. of personal data of European users transferred in violation of the GDPR, within 6 months after notification of the IE SA’s final decision.

The IE DPA's final decision incorporates the legal assessment expressed by the EDPB in its binding decision, adopted on the basis of Art. 65(1)(a) GDPR after the IE DPA, as lead supervisory authority (LSA), had triggered a dispute resolution procedure concerning the objections raised by several concerned supervisory authorities (CSAs). Among others, CSAs issued objections aiming to include an administrative fine and/or an additional order to bring processing into compliance*.

The final decision taken by the IE DPA is available in the Register for Decisions taken by supervisory authorities and courts on issues handled in the consistency mechanism.

News archive

 

Firm news

feb6

06/02/2024

Documento di indirizzo “Programmi e servizi informatici di gestione della posta elettronica nel contesto lavorativo e trattamento dei metadati

Con il Documento di indirizzo “Programmi e servizi informatici di gestione della posta elettronica nel contesto lavorativo e trattamento dei metadati, il Garante  privacy chiede ai datori

feb5

05/02/2024

Tutela del Patrimonio Culturale

La tutela delle opere d’arte tra diritto d’autore e tutela del patrimonio culturale: il caso “David di Michelangelo” Cugia Cuomo & Associati Studio Legale   di Tiziana

feb5

05/02/2024

Copyright

The protection of works of art between copyright and protection of cultural heritage: the "David di Michelangelo" case settembre 2023   Cugia Cuomo & Associati Studio Legale   di Tiziana

Lawyer News

feb23

23/02/2024

Equa riparazione: non può essere negata sulla base di intercettazioni inutilizzabili

L’inutilizzabilità delle intercettazioni,

feb23

23/02/2024

Le postille postume

Cosa prevede la legge notarile e quali