Ireland

Meta Platforms Ireland Limited

265,000,000 €

GDPR enforcement action by Data Protection Authority of Ireland on 2022-11-25.

Rank · Sector

of 366 in Media, Telecoms and Broadcasting

Rank · Ireland

of 36

Rank · All fines

of 3,039

Case details

Authority: Data Protection Authority of Ireland
Date: 2022-11-25
Controller / Processor: Meta Platforms Ireland Limited
Sector: Media, Telecoms and Broadcasting
Quoted Articles: Art. 25 (1), (2) GDPR
Type of violation: Insufficient technical and organisational measures to ensure information security

Summary

The Irish DPA has fined Meta Platforms Ireland Limited EUR 265 million. The DPA had launched an investigation against Meta in 2021 after media reports indicated that a dataset containing personal data from Facebook had been made available on a hacking platform. The data leak affected up to 533 million users with their data such as phone numbers and email addresses.
As part of the investigation, the DPA reviewed and assessed the Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools. The DPA primarily reviewed the implementation of technical and organizational measures to protect personal data and found a breach of Art. 25 GDPR

Open original source Links to the regulator's original publication or another source.