The Irish Data Protection Commission (DPC) has announced the conclusion of its 2021 investigation into Facebook following the data scraping breach in which the personal data of 533 million users ended up for sale online. The DPC has issued Meta Platforms Ireland a €265 million fine and has imposed a reprimand and an order requiring the technology company to bring its processing into compliance within a set timeframe. The DPC confirmed the issues identified during its investigation revealed questions surrounding compliance with the obligation for Data Protection by Design and Default and concluded the platform violated Articles 25(1) and 25(2) of the EU General Data Protection Regulation (GDPR). Additional reporting by TechCrunch reveals DPC deputy commissioner Graham Doyle confirmed the corrective measures applied to Meta must be completed within three months from the date of the final decision.
The DPC submitted its preliminary decision to members of the European Data Protection Board (EDPB) under Article 60 of the GDPR in October.
UPDATE: 011222 - the EDPB published a summary of the Facebook Data Scraping inquiry decision.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 5,750 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.