Data Security, Privacy

Irish regulator fines Meta $19M for 2018 data breaches

The Meta data center in Clonee, Ireland. (Meta)

The Data Protection Commission in Ireland announced Tuesday that it’s fining Meta Platforms, formerly Facebook Ireland Limited, €17 million (U.S. $18.8 million) for a dozen data breach notifications in 2018. 

The General Data Protection Regulation (GDPR) is a data protection and privacy law for the European Union that went into effect in 2018. The DPC found that Meta failed to have in place appropriate technical and organizational measures showing it protected user data in the 12 breach cases, according to the DPC news release.

It’s the second such fine against Meta under the GDPR regulations since 2021, when Meta — then known as Facebook — and its WhatsApp was issued an estimated $267 million fine, the largest-ever by the DPC.

Thomas Stoesser, director and cybersecurity expert with data security specialist Conforte, said companies need to realize that GDPR is “a data privacy regulation that has teeth” and that organizations will continue to be fined if they fail to take data privacy seriously.

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.