Facebook’s Repeated GDPR Violations

In recent years, Facebook, now owned by Meta, has faced several accusations of violating the EU’s General Data Protection Regulation (GDPR). The most significant of these led to a record-breaking fine of €1.2bn ($1.3bn) imposed by Ireland’s Data Protection Commission (DPC) in relation to a legal battle initiated by Austrian privacy activist Max Schrems.

Previous Contraventions and Penalties

This was not Meta’s first violation. The company was penalized €265m ($277m) by the DPC in November 2022 for breaching European data protection laws. In January 2023, it faced another penalty, this time from the European Data Protection Board (EDPB), exceeding $400m for compelling users to accept targeted ads.

Impacts and Implications

The recurrent infringements have caused more than financial loss to Meta. The company’s reputation has taken a significant hit, with trust from users and the public waning. These developments underline the importance of companies prioritizing data protection and privacy, strictly adhering to GDPR rules to evade the severe penalties that come with violations.

Return to case study