Since the fall of 2021, Ireland’s DPC has slapped Meta with 912 million euros in fines, going after the social media titan and its other subsidiaries, Instagram and WhatsApp, for alleged violations of Europe’s signature data privacy law, known as the General Data Protection Regulation (GDPR).
In a statement Monday, a Meta spokesperson said it was reviewing the DPC’s decision “carefully” and that it had cooperated fully with the agency’s investigation.
“Protecting the privacy and security of people’s data is fundamental to how our business works,” Meta said in Monday’s statement. “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge.”
The Irish DPC’s decision comes amid broad criticism by privacy advocates that regulators have moved slowly and hesitantly to enforce GDPR, which went into effect in 2018.