Senior Associate Simon Ridding comments in Compliance Week on the hefty fine handed out to Meta last week for its illegal data transfers that fell foul of GDPR.
Simon’s comments were published in Compliance Week, 26 May 2023, and can be found here.
Simon commented: “The fine is a stark reminder to large multi-national organisations of their duties under European data protection law. Meta is a high profile example of a multinational corporation engaging in large-scale, ongoing transfers of European personal data internationally – its protestations that it has been ‘singled out’ are probably accurate.
“Meta is being made an example of, with the hefty fine signalling to other large corporations to put their own houses in order or face crippling penalties. Companies are likely to start pressuring the European Commission to speed up its proposed new framework for transatlantic data transfers, and this will happen in conjunction with scrambling to ensure their data practices will hold up to the scrutiny of a European data regulator.
“Consumers are entitled to expect that any personal data transferred across the pond receives the same level of protection that it does under GDPR. It is difficult to say how companies engaged in this practice will amend their activities to protect themselves (and consumers), though I strongly suspect there will be a few frantic board meetings taking place right now.
“In terms of Meta, they have stated they will appeal, and we will have to wait and see how that pans out. In the meantime, I expect them to be putting in extra safeguards to demonstrate enhanced protection for any transfers to the US.”