Monday, June 24, 2024

Facebook Hit With record-breaking $1.3 Billion Fine Over Data Rules

Facebook (now Meta) has faced many allegations and litigations in the past 10 years. Most are related to privacy, data protection, and surveillance in other countries. However, a case that was filed against Facebook in 2013 was given a verdict. 

The case involves US mass surveillance against European Personal data and transferring of EU data to US data centers. According to the US Surveillance Law (FISA 702), Meta has been subject to the transfer of a large number of data over the past 10 years.

As per the European Court of Justice (CJEU), Meta will now have to pay a record fine of €1.2 billion and also return all the personal data to its EU data centers.

The whistle Blew in 2013

Edward Snowden blew the whistle about US surveillance in 2013, which created huge havoc against the NSA’s mass surveillance apparatus. Meta has been aware of the case that was filed against them in 2013 but did not take any precautions in the past 10 years.

The verdict also stated the reauthorization of the US Surveillance Law (FISA 702). Many Cloud providers like Microsoft, Google, and Amazon might face a similar fine if they do not comply with the European Data Protection Board  (EDPB). 

Other countries like Austria, France, and Italy have also felt the US services were unlawful but did not proceed with a major fine.

Irish DPC’s Protection Against Meta

It took nearly 10 years, 3 court proceedings, and 10 million euros to end up with the verdict while the Irish DPC was trying to protect Meta by all means. Initially, they rejected this case as “frivolous,” which had Mr. Schrems (the Austrian Activist) to get back to the CJEU. 

The DPC also tried to frame that Meta had used the “Standard Contractual Clause” henceforth, they cannot take any action against them. However, the claim was rejected by the CJEU, which made DPC provide the final shield to Meta by arguing to stop a fine and go with the deletion of data that was already transferred. The EDPB overturned it.

These court proceedings and the verdict have a shaky situation between the previous EU-US data deals (“Privacy Shield” and “Safe Harbor”), which had faced a lot of criticism.

Mr. Schrems stated, “Meta will appeal this decision, but there is no real chance to have this decision materially overturned. Past violations cannot be overcome by a new EU-US deal. Meta can, at best delay the payment of the fine for a bit. Meta plans to rely on the new deal for transfers going forward, but this is likely not a permanent fix. In my view, the new deal has maybe a ten percent chance of not being killed by the CJEU. Unless US surveillance laws gets fixed, Meta will likely have to keep EU data in the EU.”

Privacy must always be an option when it comes to sharing of a user’s data. The current generation depends entirely on “data,” which must be protected at all costs.

Shut Down Phishing Attacks with Device Posture Security – Download Free E-Book


Latest articles

Threat Actor Claiming a 0-day in Linux LPE Via GRUB bootloader

A new threat actor has emerged, claiming a zero-day vulnerability in the Linux GRUB...

LockBit Ransomware Group Claims Hack of US Federal Reserve

The notorious LockBit ransomware group has claimed responsibility for hacking the U.S. Federal Reserve,...

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying...

Consulting Companies to Pay $11 Million Failing Cybersecurity Requirements

Two consulting companies, Guidehouse Inc. and Nan McKay and Associates, have agreed to pay...

New RAT Malware SneakyChef & SugarGhost Attack Windows Systems

Talos Intelligence has uncovered a sophisticated cyber campaign attributed to the threat actor SneakyChef....

Chinese Winnti Group Intensifies Financially Motivated Attacks

Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential...

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from for...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles