Big tech's history of fines for privacy breaches

Silicon Valley has paid out billions in penalties to US and European regulators in recent years

US tech giants have been forced to pay out billions of dollars to regulators over privacy breaches. AFP
Powered by automated translation

Meta has been fined €1.2 billion ($1.3 billion) by regulators in Ireland, one of the biggest sanctions for breaches of user privacy.

The decision means that Mark Zuckerberg's company and its subsidiaries have now been ordered to pay billions of dollars for data transgressions, particularly since the EU's introduced general data protection regulation in 2018.

Here are the biggest penalties handed out by global regulators in the last decade:

Facebook – fined $5 billion in 2019

The social networking firm was fined by the US Federal Trade Commission in 2019 after allowing companies such as Cambridge Analytica to harvest personal information of more than 80 millions users.

The $5 billion penalty against Facebook was the largest imposed on any company by US regulators for violating consumers’ privacy.

The settlement also ordered Facebook to restructure its approach to privacy from the corporate board-level down, and established mechanisms to ensure executives were accountable for privacy decisions.

Meta Platforms – fined $1.3 billion in 2023

Meta's latest fine of €1.2 billion ($1.3 billion) was for transferring EU user data to the US in breach of a previous court ruling.

The penalty, which is the biggest in GDPR history, was levied by Ireland’s Data Protection Commission (DPC) on behalf of EU regulators after a three-year probe into the social media giant.

Facebook owner Meta said it would appeal against the “unjustified and unnecessary” fine.

Didi Global – fined $1.19 billion in 2021

Chinese regulators issued a billion dollar penalty against the ride-hailing app, Didi Global, in 2021.

The company was fined 8 billion yuan ($1.2 billion) on charges it mishandled customer information.

It came after the ruling party moved against private sector Chinese tech success stories by launching anti-monopoly and data security investigations.

Amazon – fined $790 million in 2021

Amazon was ordered to pay a $790 million penalty after a court in Luxembourg ruled that the tech giant had engaged in “non-compliance with general data processing principles”.

The country refused to give details of its decision at the time, only providing a brief statement after Amazon revealed the fine in its regulatory filings.

The online retail giant had been sued by a European consumer group claiming personal data was collected for advertisement targeting without permission.

However, Amazon denied any breach and promised to appeal. It is unclear whether the fine has been paid.

Instagram – fined $429 million September 2022

Ireland’s Data Protection Commissioner ruled that Instagram had violated the privacy of children and ordered the company to pay €405 million ($429 million).

The complaint stated that some children upgraded to business accounts to access analytics tools such as profile visits, without realising this made more of their data public.

Following the decision, Meta said it planned to appeal.

The DPC, along with the European Data Protection Board, also fined WhatsApp €225 million in 2021 after finding it didn’t properly inform EU citizens about how it collected and used their data, and how that data was shared with Meta.

Updated: May 22, 2023, 1:58 PM