Die irische Datenschutzbehörde erklärt in einer aktuellen Pressemitteilung, eine DSGVO-Geldbuße iHv. 17 Mio. EUR gegen den Anbieter Meta (ehemals Facebook) wegen Datenschutzverstößen verhängt zu haben.
Grund der Beanstandungen sind zwölf Meldungen zu Datenschutzverletzungen aus dem Jahr 2018. Es geht dort um die Nichteinhaltung der technischen und organisatorischen Maßnahmen aufgrund des grenzüberschreitenden Transfers:
"As a result of its inquiry, the DPC found that Meta Platforms infringed Articles 5(2) and 24(1) GDPR. The DPC found that Meta Platforms failed to have in place appropriate technical and organisational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data, in the context of the twelve personal data breaches.
Given that the processing under examination constituted “cross-border” processing, the DPC’s decision was subject to the co-decision-making process outlined in Article 60 GDPR and all of the other European supervisory authorities were engaged as co-decision-makers. While objections to the DPC’s draft decision were raised by two of the European supervisory authorities, consensus was achieved through further engagement between the DPC and the supervisory authorities concerned. Accordingly, the DPC’s decision represents the collective views of both the DPC and its counterpart supervisory authorities throughout the EU."
Vor einem halben Jahr hatte die Datenschutzbehörde gegen die WhatsApp Ireland Ltd. ein Bußgeld iHv. 225 Mio. EUR verhängt, vgl. unsere Kanzlei-News v. 03.09.2021.