Thursday, April 17, 2025
HomeCyber Security NewsFacebook Hit With record-breaking $1.3 Billion Fine Over Data Rules

Facebook Hit With record-breaking $1.3 Billion Fine Over Data Rules

Published on

SIEM as a Service

Follow Us on Google News

Facebook (now Meta) has faced many allegations and litigations in the past 10 years. Most are related to privacy, data protection, and surveillance in other countries. However, a case that was filed against Facebook in 2013 was given a verdict. 

The case involves US mass surveillance against European Personal data and transferring of EU data to US data centers. According to the US Surveillance Law (FISA 702), Meta has been subject to the transfer of a large number of data over the past 10 years.

As per the European Court of Justice (CJEU), Meta will now have to pay a record fine of €1.2 billion and also return all the personal data to its EU data centers.

- Advertisement - Google News

The whistle Blew in 2013

Edward Snowden blew the whistle about US surveillance in 2013, which created huge havoc against the NSA’s mass surveillance apparatus. Meta has been aware of the case that was filed against them in 2013 but did not take any precautions in the past 10 years.

The verdict also stated the reauthorization of the US Surveillance Law (FISA 702). Many Cloud providers like Microsoft, Google, and Amazon might face a similar fine if they do not comply with the European Data Protection Board  (EDPB). 

Other countries like Austria, France, and Italy have also felt the US services were unlawful but did not proceed with a major fine.

Irish DPC’s Protection Against Meta

It took nearly 10 years, 3 court proceedings, and 10 million euros to end up with the verdict while the Irish DPC was trying to protect Meta by all means. Initially, they rejected this case as “frivolous,” which had Mr. Schrems (the Austrian Activist) to get back to the CJEU. 

The DPC also tried to frame that Meta had used the “Standard Contractual Clause” henceforth, they cannot take any action against them. However, the claim was rejected by the CJEU, which made DPC provide the final shield to Meta by arguing to stop a fine and go with the deletion of data that was already transferred. The EDPB overturned it.

These court proceedings and the verdict have a shaky situation between the previous EU-US data deals (“Privacy Shield” and “Safe Harbor”), which had faced a lot of criticism.

Mr. Schrems stated, “Meta will appeal this decision, but there is no real chance to have this decision materially overturned. Past violations cannot be overcome by a new EU-US deal. Meta can, at best delay the payment of the fine for a bit. Meta plans to rely on the new deal for transfers going forward, but this is likely not a permanent fix. In my view, the new deal has maybe a ten percent chance of not being killed by the CJEU. Unless US surveillance laws gets fixed, Meta will likely have to keep EU data in the EU.”

Privacy must always be an option when it comes to sharing of a user’s data. The current generation depends entirely on “data,” which must be protected at all costs.

Shut Down Phishing Attacks with Device Posture Security – Download Free E-Book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Managing Burnout in the SOC – What CISOs Can Do

The Security Operations Center (SOC) is the nerve center of modern cybersecurity, responsible for...

The Future of Cybersecurity Talent – Trends and Opportunities

The cybersecurity landscape is transforming rapidly, driven by evolving threats, technological advancements, and a...

Mobile Security – Emerging Risks in the BYOD Era

The rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling...

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

The Future of Cybersecurity Talent – Trends and Opportunities

The cybersecurity landscape is transforming rapidly, driven by evolving threats, technological advancements, and a...

Mobile Security – Emerging Risks in the BYOD Era

The rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling...

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard...