Meta, the tech company previously known as Facebook, has been fined $18.6 million for a dozen violations of the European Union’s data protection and privacy law.
In a statement on Tuesday, Ireland’s Data Protection Commission (DPC) accused Meta of violating numerous aspects of the General Data Protection Regulation (GDPR).
“The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data, in the context of the twelve personal data breaches,” the commision said.
The fine followed an inquiry by the DPC after it was informed about the 12 data breaches during a six-month period from June to December of 2018.
In a statement to Engadget, a Meta spokesperson alleged that the issue was not related to its users’ personal information.
“This fine is about record-keeping practices from 2018 that we have since updated, not a failure to protect people’s information,” the spokesperson said. “We take our obligations under the GDPR seriously, and will carefully consider this decision as our processes continue to evolve.”
Given that Meta brings in tens of billions of dollars every year, it remains unclear whether such fines will have a significant effect.
The fine is not the first issued by the GDPR to a major tech company and is unlikely to be the last. The DPC just last year issued a $267 million fine to the popular messaging tool WhatsApp, which is owned by Meta, for violations of the GDPR as well.