The decision follows an investigation by the Irish Data Protection Commission (DPC) "into a series of twelve data breach notifications received between 7 June and 4 December 2018".
It concluded that Meta, the parent company of Facebook, WhatsApp and Instagram, had failed to put in place measures to protect the data of its users in the European Union, explains the press release.
The DPC clarifies that its decision also represents the opinion of other regulators across the EU.
Ireland, a member of the EU where many multinational technology companies such as Apple or Google have their European headquarters, in particular because of advantageous taxation, has played a leading role in the application of European regulations on the protection of personal data (RGPD, or GDPR in English).
“This fine sanctions practices from 2018 that we have since updated, and not a failure to protect people's information,” reacted a spokesperson for Meta, questioned by AFP.
“We take our obligations under the GDPR seriously,” he adds.
The GDPR gives regulators wide latitude to sanction companies that do not sufficiently protect their users' data.
© 2022 AFP