Ireland fines Meta for bad record-keeping

In 2018, Ireland’s Data Protection Commission (DPC) was alarmed when Facebook notified the commission, between June and December, of 12 separate data breaches that affected up to 30 million users, TechCrunch reports. The DPC began to investigate and now Meta, Facebook’s parent company, has been fined 17 million euros ($18.6 million USD).

…

In a statement to TechCrunch, a Meta spokesperson objected to any characterization of this fine being related to the breaches themselves:

This fine is about record keeping practices from 2018 that we have since updated, not a failure to protect people’s information. We take our obligations under the GDPR seriously, and will carefully consider this decision as our processes continue to evolve.

…

Meta is quick to point out this is related to record-keeping practices, but that’s not a minor problem. In fact, adequate record-keeping kind of feels like a consistent problem for the company. Last year, Facebook was at the center of a data leak that affected 533 million accounts that affected users from 106 countries. Sometime after that, Facebook noted that those affected wouldn’t be notified, saying they weren’t confident about which users to notify and not much could be done about their data being online.

Read more: The Verge, 16 March 2022