The European Union’s leading privacy watchdog has imposed a €91 million ($101.5 million) fine on Meta (META.O) for inadvertently storing some users’ passwords in an unencrypted format. According to a Reuters report, the fine was levied by Ireland’s Data Protection Commission (DPC), marking the latest in a series of penalties against the social media giant under the EU’s stringent privacy laws.
The investigation was launched five years ago after Meta disclosed to the DPC that it had mistakenly stored user passwords in “plaintext,” a highly vulnerable format that leaves data exposed to potential misuse. While Meta publicly admitted to the error at the time, the DPC confirmed that the exposed passwords were not accessible to any external parties.
“It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data,” Deputy Commissioner Graham Doyle of the Irish DPC said in a statement, per a Reuters report.
Meta responded by stressing that the company took swift action to rectify the issue when it was identified during a 2019 security review. A spokesperson for the company assured that no evidence suggests the passwords were improperly accessed or misused, adding that Meta has cooperated fully with the DPC throughout the investigation.
Related: Meta Holds Off on EU AI Pact, Focuses on Meeting AI Act Rules
The Irish DPC oversees most of the top U.S. tech firms in Europe, given that many have based their EU operations in Ireland. This latest fine brings the total amount Meta has been penalized by the DPC to €2.5 billion for breaches under the EU’s General Data Protection Regulation (GDPR). The regulation, introduced in 2018, has led to significant fines for privacy violations.
Among Meta’s penalties, a record €1.2 billion fine imposed in May 2023 remains under appeal. This most recent fine further underscores the EU’s ongoing efforts to hold tech giants accountable for data protection practices.
Source: Reuters
Featured News
Brazil’s Supreme Court Orders Platform X to Pay $5 Million in Fines Before Service Can Resume
Sep 29, 2024 by
CPI
Oasis Ticket Price Surge Sparks Urgent Calls for Dynamic Pricing Reform
Sep 29, 2024 by
CPI
Grocers, Small Businesses Demand Fair Competition in Letters to Trump, Harris
Sep 29, 2024 by
CPI
Flipkart Sellers Sue Indian Antitrust Watchdog Over Competition Law Violation Findings
Sep 29, 2024 by
CPI
Meta Fined by EU for Data Protection Breach
Sep 29, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Refusal to Deal
Sep 27, 2024 by
CPI
Antitrust’s Refusal-to-Deal Doctrine: The Emperor Has No Clothes
Sep 27, 2024 by
Erik Hovenkamp
Why All Antitrust Claims are Refusal to Deal Claims and What that Means for Policy
Sep 27, 2024 by
Ramsi Woodcock
The Aspen Misadventure
Sep 27, 2024 by
Roger Blair & Holly P. Stidham
Refusal to Deal in Antitrust Law: Evolving Jurisprudence and Business Justifications in the Align Technology Case
Sep 27, 2024 by
Timothy Hsieh