Meta has been hit by a record-breaking fine of 1.2 billion euros ($1.3 billion) by the European Union, for breaking digital privacy rules by transferring the data of EU citizens to U.S. servers.
Stemming from a case created by Austrian privacy campaigner Max Schrems, Ireland’s Data Protection Commission alleged that the legal framework for transferring data to the U.S. were a violation of GDPR, data protection law covering Europe.
The ruling, performed by the Data Protection Commission of Ireland, alleges the existing legal framework for data transfers from the EU to the U.S. “did not address the risks to the fundamental rights and freedoms” of Facebook users in Europe.
Previously, the European Court of Justice struck down a previous mechanism for transferring data legally, referred to as Privacy Shield, in 2020. The DPC says Meta is continuing to send the data despite the ruling’s occurrence.
The fine of 1.2 billion euros is also accompanied by an order by the DPC to suspend “any future transfer of personal data to the US within a period of five months.”
Meta’s fine is also the largest related to GDPR breaches, far exceeding a 746 million euro fine against Amazon in 2021.
Meta President of Global Affairs Nick Cleg and Chief Legal Officer Jennifer Newstead said in a statement the company plans to appeal.