Irish DPC fines Meta $102M over GDPR violation linked to improper storage of passwords
By 
Jeff Dale2024-09-27T22:30:00
The Irish Data Protection Commission (DPC) fined Meta Ireland 91 million euros (U.S. $102 million) for multiple violations of the European Union’s General Data Protection Regulation (GDPR) related to the inadvertent storage of user passwords without encryption.
In 2019, Meta Platforms Ireland Limited (MPIL) notified regulator and customers that “millions” of passwords were stored in “plaintext” on its internal systems, the Irish DPC announced in a press release Friday.
In June, a draft decision was handed down by other supervisory authorities, as required under Article 60 of the GDPR. On Wednesday, the Irish DPC notified MPIL of its decision to fine the social media giant over violations of Articles 5, 32, and 33 of the GDPR.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumMeta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
-
News BriefFCC teams up with CPPA to enforce privacy rules
In an effort to streamline the enforcement of California’s stringent privacy rules, the Federal Communications Commission has signed a memorandum of understanding (MOU) with the California Privacy Protection Agency.
-
News BriefMeta reaches $1.4B settlement over Texas biometric data privacy lawsuit
Meta agreed to pay $1.4 billion to the state of Texas to settle allegations regarding the unauthorized capture and use of personal biometric data of state residents.
More from Regulatory Enforcement
-
ArticleTeledyne fined $1.5M for supplying obsolete parts to Navy
Teledyne will pay more than $1.5 million to settle allegations it supplied electronic parts to the Navy that deviated from specifications, a violation of the False Claims Act (FCA). But its cooperation with prosecutors earned it a credit, according to the U.S. Department of Justice (DOJ).
-
ArticleTungston rod importer pays $54.4M to settle DOJ tariff fraud allegations
An industrial products distributor has agreed to pay $54.4 million to settle allegations, first made by a whistleblower, that it evaded tariffs and violated the federal False Claims Act.
-
ArticleTariff evasion enforcement: The new FCPA
Companies that import goods into the United States will face heightened enforcement scrutiny for attempted acts of customs fraud, including tariff evasion, under the Trump administration. Thus, chief compliance officers and in-house counsel face a new kind of pressure to ensure they are mitigating risk in this area.