The Irish Data Protection Commission announced Wednesday that it would fine Meta Ireland a total of $413 million for breaches of the EU’s GDPR (General Data Protection Regulation) related to the company’s handling of personal information on Facebook and Instagram.
Under the GDPR, companies looking to process users’ personal information must do so under one of six identified legal bases, which include the consent of the user, necessity to the performance of a contract, and necessity to comply with a legal obligation. Meta, in response to the original user complaints filed under the GPDR in 2018, stated that it would rely on the “contract” justification, rather than the “consent” prong, as it had previously done.
