Irish Data Protection Commission expected to impose record privacy fine on Meta for data transfers to US
On 17 May 2023, Politico reported that the Irish Data Protection Commission (DPC) is set to issue a record privacy fine to Meta on Monday 22 May. As reported by Politico, the DPC is expected to make a finding that Meta, the parent company of Facebook, mishandled users' data during its transfer to the United States.
The exact amount of the fine has not been confirmed, but it is expected to exceed the €746 million penalty imposed on Amazon in 2021 for similar violations of the European Union's privacy standards.
In addition to the fine, the Irish DPC's ruling, which will be published on Monday, is anticipated to include a direction for Facebook to cease reliance on Standard Contractual Clauses to legitimise transfers of EU data to the US. This ruling reflects the level of attention being given to the regulation of EU-US transfers under the EU’s GDPR, particularly in the aftermath of the Schrems II decision handed down by the European Court of Justice.
You can find the relevant Politico article here.
Our latest blog post regarding this matter can be found here.