Facebook parent company Meta Ireland has been fined a total of 390 million euros (413 million U.S. dollars) for breaches of European Union (EU) data protection rules, the Irish Data Protection Commission (DPC) said on Wednesday.
The DPC handed out two fines to Meta Platforms Ireland Limited. The first, of 210 million euros, is imposed on its Facebook service, while the company’s Instagram service is subject to a 180 million euro fine.
Meta Ireland has also been ordered to bring its data processing operations into compliance with EU law within a period of three months.
The fines follow two inquiries into Meta Ireland after complaints from Facebook and Instagram users in May 2018 that they were unable to continue using the services without agreeing to the relevant “Terms of Service.”
The complainants said that this constituted “forced consent,” and was in violation of the General Data Protection Regulation (GDPR), an EU data protection law that came into force on May 25, 2018.
They also said that the nature and extent of the data processing carried out under the Terms of Service was not transparent, and therefore also in violation of the GDPR.
However, according to Irish broadcaster RTE, Meta has said that it will appeal the substance of the rulings and the fines handed down by the DPC.
Over the last two years, the DPC has fined Meta over 1.2 billion euros.
In September 2021, Meta-owned WhatsApp was hit with a 225 million euro fine for breaches of data protection rules.
Next, in September 2022, Meta appealed against a record fine of 405 million euros, imposed on its Instagram service by the DPC for breaches relating to the processing of children’s data.
Meanwhile, in November 2022 Meta was fined 265 million euros by the DPC following a data breach which saw the personal details of hundreds of millions of Facebook users published online. (1 euro=1.06 U.S. dollar)