The European Union’s leading privacy watchdog has imposed a €91 million ($101.5 million) fine on Meta (META.O) for inadvertently storing some users’ passwords in an unencrypted format. According to a Reuters report, the fine was levied by Ireland’s Data Protection Commission (DPC), marking the latest in a series of penalties against the social media giant under the EU’s stringent privacy laws.
The investigation was launched five years ago after Meta disclosed to the DPC that it had mistakenly stored user passwords in “plaintext,” a highly vulnerable format that leaves data exposed to potential misuse. While Meta publicly admitted to the error at the time, the DPC confirmed that the exposed passwords were not accessible to any external parties.
“It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data,” Deputy Commissioner Graham Doyle of the Irish DPC said in a statement, per a Reuters report.
Meta responded by stressing that the company took swift action to rectify the issue when it was identified during a 2019 security review. A spokesperson for the company assured that no evidence suggests the passwords were improperly accessed or misused, adding that Meta has cooperated fully with the DPC throughout the investigation.
Related: Meta Holds Off on EU AI Pact, Focuses on Meeting AI Act Rules
The Irish DPC oversees most of the top U.S. tech firms in Europe, given that many have based their EU operations in Ireland. This latest fine brings the total amount Meta has been penalized by the DPC to €2.5 billion for breaches under the EU’s General Data Protection Regulation (GDPR). The regulation, introduced in 2018, has led to significant fines for privacy violations.
Among Meta’s penalties, a record €1.2 billion fine imposed in May 2023 remains under appeal. This most recent fine further underscores the EU’s ongoing efforts to hold tech giants accountable for data protection practices.
Source: Reuters
Featured News
Big Tech Braces for Potential Changes Under a Second Trump Presidency
Nov 6, 2024 by
CPI
Trump’s Potential Shift in US Antitrust Policy Raises Questions for Big Tech and Mergers
Nov 6, 2024 by
CPI
EU Set to Fine Apple in First Major Enforcement of Digital Markets Act
Nov 5, 2024 by
CPI
Six Indicted in Federal Bid-Rigging Schemes Involving Government IT Contracts
Nov 5, 2024 by
CPI
Ireland Secures First €3 Billion Apple Tax Payment, Boosting Exchequer Funds
Nov 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Remedies Revisited
Oct 30, 2024 by
CPI
Fixing the Fix: Updating Policy on Merger Remedies
Oct 30, 2024 by
CPI
Methodology Matters: The 2017 FTC Remedies Study
Oct 30, 2024 by
CPI
U.S. v. AT&T: Five Lessons for Vertical Merger Enforcement
Oct 30, 2024 by
CPI
The Search for Antitrust Remedies in Tech Leads Beyond Antitrust
Oct 30, 2024 by
CPI