Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations
The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.
Stay informed on the latest in information security trends, breaches, and best practices with our expertly curated content on cyber safety.
Search across headline titles and summaries.
Background for this topic.
A fine is a monetary penalty imposed by a competent authority or court for violating a law, regulation, or legally binding requirement. In information security and privacy, it may follow inadequate safeguards for personal data, unlawful processing, failure to meet required reporting or record-keeping duties, or non-compliance with sector-specific controls. The legal basis, maximum amount, and factors such as severity, duration, negligence, cooperation, and remediation vary by jurisdiction; a fine is generally punitive rather than compensation for affected parties.
For security practitioners, a fine signals that controls and security decisions may be examined as evidence of compliance. Maintain documented risk assessments, access reviews, patching decisions, supplier oversight, logging, and retention practices, especially where they protect regulated data. During an incident, preserve relevant records and establish an accurate timeline for containment, notification, and remediation. Privacy requirements such as data minimization and retention limits can therefore be security controls as well as legal obligations. A fine does not by itself establish that a particular attack or breach occurred.
The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S
The Irish Data Protection Commission (DPC) has announced a $1.3 billion fine on Facebook after claiming that the company violated Article 46(1) of the GDPR (General Data Protection Regulation). [...]
Also, more OEM Android malware, Google's bug reports (mostly) ditch CVEs, and this week's critical vulns in brief Google has settled another location tracking lawsuit, yet again being fined a relative pittance.…
The record-breaking amount of the fine is the least important part of the story, privacy experts argued