EU regulators fine Facebook $1.3 billion over user data transfers to the US

Facebook owner Meta has been fined a record $1.3 billion by European Union regulators for mishandling user data when transferring it between Europe and the United States, marking the largest fine imposed under the EU’s General Data Protection Regulation (GDPR) privacy law.

Ireland’s Data Protection Commission (DPC) initiated the ruling after it claims that Facebook failed to follow GDPR protocol when transferring user user data outside of the EU.

Meta, who says it will appeal against the “unjustified and unnecessary” ruling, is under the spotlight as data flows from the EU expose European Facebook users to the US’s weaker privacy laws, in which US intelligence could access data from EU citizens.

As part of the ruling, Ireland’s Data Protection Commission has ordered Meta to suspend any future data transfers of EU citizen data to the US within the next five months. It will also have to work to bring its operations “into compliance” with the GDPR, including any processing of EU citizens’ data on US servers, within the next six months.