The Irish Data Protection Commission has today fined Meta €390m after finding its Facebook and Instagram services breached EU privacy rules.
The privacy regulator concluded that the company’s advertising and data handling practices were in breach of EU privacy laws.
In a statement the Data Protection Commission said that Meta should be ordered to pay two fines — one a €210m fine over violations of the European Union’s General Data Protection Regulation, or GDPR, and the second, a €180m fine related to breaches of the same law by Instagram. Combined, the penalties amount to €390m.
The Data Protection Commission said it has directed Meta to “bring its data processing operations into compliance within a period of 3 months,” for what is effectively known as ‘data slurping‘ by insiders.
The fines mark the conclusion of two lengthy investigations into Meta by the Irish regulator, which had been criticized over delays in the process.
The DPC began investigating the company on May 25, 2018, the day the EU’s GDPR came into effect.
GDPR places strict requirements on firms with regard to the processing of people’s information.