Skip to main content
Skip to navigation

Regulatory Enforcement

Irish DPC fines Meta $102M over GDPR violation linked to improper storage of passwords

By Jeff Dale2024-09-27T22:30:00

The Irish Data Protection Commission (DPC) fined Meta Ireland 91 million euros (U.S. $102 million) for multiple violations of the European Union’s General Data Protection Regulation (GDPR) related to the inadvertent storage of user passwords without encryption.

In 2019, Meta Platforms Ireland Limited (MPIL) notified regulator and customers that “millions” of passwords were stored in “plaintext” on its internal systems, the Irish DPC announced in a press release Friday.

In June, a draft decision was handed down by other supervisory authorities, as required under Article 60 of the GDPR. On Wednesday, the Irish DPC notified MPIL of its decision to fine the social media giant over violations of Articles 5, 32, and 33 of the GDPR.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Premium
Meta-backed EU appeals body facing conflicts of interest concerns

2024-11-01T19:00:00Z By Neil Hodge

Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
News Brief
FCC teams up with CPPA to enforce privacy rules

2024-10-30T13:55:00Z By Adrianne Appel

In an effort to streamline the enforcement of California’s stringent privacy rules, the Federal Communications Commission has signed a memorandum of understanding (MOU) with the California Privacy Protection Agency.
News Brief
Meta reaches $1.4B settlement over Texas biometric data privacy lawsuit

2024-07-31T17:14:00Z By Aaron Nicodemus

Meta agreed to pay $1.4 billion to the state of Texas to settle allegations regarding the unauthorized capture and use of personal biometric data of state residents.

More from Regulatory Enforcement

News Brief
SEC’s Uyeda: ‘Enforcement is the wrong way’ to handle off-channel communications

2026-03-19T21:08:00Z By Aaron Nicodemus

The U.S. Securities and Exchange Commission’s Mark Uyeda told an audience of investment advisers that the SEC will no longer prioritize stand-alone enforcement actions for violations of the SEC’s rules on off-channel communications.
News Brief
Adobe agrees to $150M settlement over alleged cancellation fee violations

2026-03-17T21:22:00Z By Oscar Gonzalez

Adobe agreed to a $150 million settlement with the U.S. Department of Justice over accusations that it concealed software termination fees and made it difficult for customers to cancel.
Article
U.K. competition regulator ‘very likely’ to use new enforcement powers despite government’s pro-growth agenda

2026-03-13T21:06:00Z By Neil Hodge

New powers granted to the U.K.’s main competition watchdog will result in greater scrutiny, tougher enforcement, and a stark warning for companies to review their sales and marketing promotions—especially since some practices have been pushed firmly into the spotlight thanks to legislation that came into effect last year.