Ireland's DPC fines Meta Ireland €91 million



The Data Protection Commission’s (DPC) inquiry, which commenced in April 2019, assessed Meta Platforms Ireland Ltd’s (MPIL) compliance with the GDPR. The specific issues were whether MPIL implemented measures to ensure a level of security appropriate to the risks associated with the processing of passwords, and whether MPIL complied with its obligations to document, and notify the DPC of data breaches.

This DPC decision, issued on 27 September, was made by the Commissioners for Data Protection Dr. Des Hogan and Dale Sunderland, and includes a reprimand and a fine of €91million.

The DPC says that data controllers should evaluate inherent risk when storing user passwords and implement measures to mitigate those risks.

The DPC will publish the full decision and further related information in due course.

See:

PL&B is organising, together with law firm, McCann FitzGerald, an event Data Opportunities in Ireland. Commissioner for Data Protection, Dr Des Hogan, will be speaking at the event.
Date: 6 February 2025
Location: Dublin, Ireland