Irish regulators slapped Facebook parent Meta with a 265 million-euro ($277 million) fine Monday, the company’s latest punishment for breaching strict European Union data privacy rules.
The Data Protection Commission said Meta Platforms infringed sections of the EU rules, known as the General Data Protection Regulation, that require technical and organizational measures aimed at protecting user data.
The watchdog opened an investigation last year into news reports that data on more 533 million users was found dumped online. The data was found on a website for hackers and included names, Facebook IDs, phone numbers, locations, birthdates and email addresses for people from more than 100 countries, according to the reports.
Meta said the data had been “scraped” from Facebook using tools designed to help people find their friends through phone numbers using search and contact import features. The watchdog said it investigated the automated scraping carried out between May 2018 and September 2019.
The company said it had “cooperated fully” with the Irish watchdog.
“We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers,” Meta said in a statement. “Unauthorized data scraping is unacceptable and against our rules.”
Along with the fine, the commission said it also imposed on Meta a “range of corrective measures,” which weren’t specified.
When asked if Meta would appeal, a spokesman said, “We are still reviewing this decision carefully.”
It’s the latest in a series of punishments that the Irish watchdog has levied against Meta over the past two years.
The company, based in Menlo Park, California, has its European headquarters in Dublin, which makes the Irish authority its lead privacy regulator under the EU’s General Data Protection Regulation, in a system known as “one-stop shop.”
The Irish watchdog fined Meta-owned Instagram 405 million euros in September after it found that the platform mishandled teenagers’ personal information. Meta was fined 17 million euros in March for its handling of a dozen data breach notifications.
Last year, the watchdog fined Meta’s chat service WhatsApp 225 million euros for violating rules on sharing people’s data with other Meta companies.