Ireland’s data privacy regulator imposed a $277 million fine on social media giant Facebook on Monday, bringing the total it has fined parent group Meta to about $1.04 billion.
The penalty resulted from an investigation, started last year into the discovery of a collated set of personal data that had been scraped from Facebook between May 2018 and September 2019, and made available online.
Facebook was also ordered to make a range of corrective measures.
Meta said it had cooperated fully with the investigation by Ireland’s Data Privacy Commissioner and made changes to its systems during the time in question, including removing the ability to scrape its features in this way using phone numbers.
Monday’s fine is the fourth the DPC has levied against one of Meta’s companies. It is Meta’s lead privacy regulator within the European Union, and has 13 more inquiries into the social media group.
In September, the watchdog hit its Instagram subsidiary with a record fine of $420 million, which Meta plans to appeal. Meta added in its statement on Monday that it was reviewing the decision related to the latest fine.
The DPC regulates Apple, Google, Twitter, Tiktok and other technology giants due to the location of their EU headquarters in Ireland. It currently has 40 inquiries open into such firms.
The regulator has the power to impose fines of up to 4% of a company’s global revenue under the EU’s General Data Protection Regulation’s “One Stop Shop” regime introduced in 2018.
The DPC said mitigating factors in Monday’s decision – which had been approved by all other relevant EU regulators – included the actions Facebook had taken.
“We’ll keep going until the behavior does change,” Ireland’s Data Privacy Commissioner Helen Dixon told Irish national broadcaster RTE on Monday.
Meta shares were down nearly 2% on Monday.