CISO comments as Meta receives €1.2bn data fine

Ireland’s Data Protection Commission (DPC) has issued technology giant, Meta, with a €1.2bn fine for mishandling personal data being transferred between Europe and the US.

This is the largest fine imposed under the EU’s General Data Protection Regulation privacy law.

Though Meta will appeal against what Facebook president Nick Clegg considers to be an “unjustified and unnecessary” ruling, many privacy groups have welcomed the precedent.

Caitlin Fennessy of the International Association of Privacy Professionals said that the “size of this record breaking fine is matched by the significance of the signal it sends.”

“[The] decision signals that companies have a whole lot of risk on the table,” Fennessy added.

According to the BBC, the decision does not impact Facebook in the UK.

Deryck Mitchelson, Field CISO EMEA, Check Point Software said: “Large tech firms have entered into a contract with consumers on handling and processing our data.

“This is the tenet of trust that they should be held accountable to. It is not enough to say they are processing data securely, it needs to be processed in line with data protection and privacy regulations.

“While it has been argued that the data being transferred across international borders is secure, we cannot ignore the discrepancies in the level of privacy upheld in the US when compared to EU standards.

“This is another reminder of how ambiguity around data handling and protection leads to poor management and fines of this scale. I am certain this will not be the last time we hear of companies getting it wrong.”