Meta fined R4.7bn over data leak of half a billion Facebook users

accreditation
0:00
play article
Subscribers can listen to this article
Chesnot/Getty Images
Chesnot/Getty Images


Meta Platforms was slapped with a €265 million (R4.7 biillion) fine for failing to prevent the leak of the personal data of more than half a billion users of its Facebook service.

The Irish Data Protection Commission, the main privacy watchdog for Meta in the European Union, levied the fine following a probe that found the social-media company had failed to apply strict safeguards required under the bloc’s sweeping General Data Protection Regulation. 

On top of the fine — the third-biggest under GDPR — the watchdog ordered Meta’s Irish unit to make sure its processing complies with the law, according to an emailed statement on Monday. 

The Irish authority is the lead watchdog for some of Silicon Valley’s biggest tech firms that have set up an EU base in the country, including Meta. It opened its probe following revelations that "a collated dataset of Facebook personal data" had been published on the internet. Personal information on 533 million Facebook users worldwide reemerged on a hacker website last year, including their phone numbers and email addresses. 

The investigation looked into "Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools in relation to processing carried out by Meta" between May 2018 and September 2019, the data protection commission said. 

The social network has previously said the data is old and that the problem had been found and fixed in 2019.

Meta said in a statement on Monday that "protecting the privacy and security of people’s data is fundamental to how our business works" and that it had cooperated fully with regulators.

"We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers," the company said. "Unauthorised data scraping is unacceptable and against our rules, and we will continue working with our peers on this industry challenge. We are reviewing this decision carefully."

Data watchdogs in Europe saw their powers increased overnight in May 2018, when the GDPR took effect and gave them the power to levy fines of as much as 4% of a company’s annual sales.

The biggest penalties under GDPR so far are a record €746 million fine for Amazon.com by its lead privacy watchdog in Luxembourg, followed by a €405 million fine for Meta’s Instagram, and a €225 million fine for Meta’s WhatsApp unit, both by the Irish authority.


We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
17.36
+0.3%
Rand - Pound
21.38
+0.3%
Rand - Euro
18.90
+0.1%
Rand - Aus dollar
12.28
+0.0%
Rand - Yen
0.13
+0.1%
Platinum
1,002.52
-1.0%
Palladium
1,638.67
-0.6%
Gold
1,924.99
-0.2%
Silver
23.47
-1.1%
Brent Crude
85.46
+1.1%
Top 40
73,856
+0.6%
All Share
79,941
+0.6%
Resource 10
75,300
-0.7%
Industrial 25
102,958
+0.7%
Financial 15
16,462
+2.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders