Meta Faces $101.6 Million Penalty from EU Over GDPR Violations

EU Imposes Heavy Fine on Meta

The European Union's privacy regulator has levied a €91 million ($101.6 million) fine against social media giant Meta due to a serious data breach involving the storage of users' passwords in plain text. This investigation dates back five years, initiated by information provided by Meta itself to Ireland's Data Protection Commission (DPC), revealing the lack of encryption for certain user passwords.

Significance of GDPR Compliance

Meta's breach highlights grave security oversights recognized as substantial risks that could allow unauthorized access to sensitive user information. As emphasized by Graham Doyle, Deputy Commissioner of the Irish DPC, the storing of passwords in plaintext is alarmingly negligent. Meta has taken corrective actions since the discovery during a security audit in 2019. Fortunately, there’s no available evidence suggesting any passwords were accessed or misused.

Ongoing Challenges for Tech Giants

• Meta has cooperated fully with the DPC during the inquiry process.
• The €2.5 billion in total fines against Meta reflect ongoing scrutiny under the GDPR.
• In 2023, a record fine of €1.2 billion is currently being appealed by Meta.

Industry Concerns Over Data Regulations

Several notable technology companies, including Meta, have unveiled their apprehensions regarding the EU's GDPR. In an open letter, these tech leaders voiced concerns over how stringent regulations are impeding the pace of technological advancement in Europe, potentially risking the region's competitiveness in the global tech landscape.