European Union Regulators Impose Record Fine on Facebook Parent Company Meta for Violating Privacy Laws
Facebook's parent company, Meta, has been fined €1.2 billion ($1.3 billion) by European Union regulators for violating EU privacy laws by transferring the personal data of Facebook users to servers in the United States.
The fine is the largest ever imposed on a single company and reflects ongoing tensions between Europe and the United States over data privacy, government surveillance, and regulation of internet platforms.
The case has significant implications for businesses that rely on processing EU data in the United States and highlights Europe's deep mistrust of US surveillance powers.
The origins of the fine trace back to a 2020 ruling by Europe's top court, which struck down a transatlantic framework that companies had been relying on to legally move EU user data to US servers.
The European Court of Justice's invalidation of the Privacy Shield framework in 2020 and its concerns about the level of protection for EU citizens' personal information in the US, as required by the GDPR, has created uncertainty for businesses that rely on transatlantic data flows.
The US government and the US Chamber of Commerce estimate that transatlantic data transfers account for a significant portion of data transfers in both the US and EU.
The US government is working on a successor to Privacy Shield that includes changes to US surveillance practices, but it is unclear if these changes will be accepted by the EU or if the new framework can avoid its own court challenge.
The US government has also faced criticism for its own surveillance practices, including the FBI's improper access to a foreign intelligence database, which has inflamed domestic critics and given ammunition to EU critics.
This raises questions about the US's ability to criticize China's surveillance practices while facing its own challenges with surveillance law and mistrust of broad surveillance authority.