The Irish Data Protection Commission (DPC) has proposed, according to a draft decision published by the complainant, that Facebook be fined up to 36 million euros (around 310 billion rupees) in one of more than a dozen investigations against the social media giant. According to the data protection regulations of the European Union 2018, the DPC must now forward the preliminary ruling to all EU supervisory authorities concerned and take their views into account before it can make a final judgment.
The Irish Commission is the lead regulator of Facebook and many of the world’s largest tech companies under the bloc’s “one stop shop” data regime because of the location of its EU headquarters in Ireland.
The DPC proposed a fine of 28 million euros (about 245 billion rupees) to 36 million euros (about 310 billion rupees) because Facebook did not provide sufficient information, according to the draft decision made by Schrems -Group for digital rights NOYB was published.
The draft decision described the violations as serious and criticized Facebook for a lack of transparency.
Facebook was not immediately available for comment.
Schrems criticized the results, saying it amounts to Facebook giving the green light to circumventing EU GDPR data protection regulations by including consent clauses on areas such as advertising and online tracking in its terms and conditions.
A DPC spokesman said the draft decision had been sent to the other regulators and had no further comments as the process was ongoing.
Facebook’s WhatsApp subsidiary was fined a record € 225 million (around Rs.1965 billion) by the Irish regulator last month after the EU Data Protection Authority pressured the DPC to increase the fine following criticism from other regulators.
The DPC also increased a much smaller fine of EUR 450,000 (approximately Rs.3.9 billion) on Twitter – its first sanction under GDPR rules – following similar interventions by other regulators.
© Thomson Reuters 2021