Meta Platforms Ireland Ltd, formerly Facebook Ireland, is seeking a High Court case to overturn a record €405 million fine for breaching children’s privacy on its Instagram service.
Last September, the Data Protection Commission (DPC) fined GDPR violations for automatically publishing mobile phone numbers and email addresses of teenage Instagram users under the default settings of the app’s “business account” service. This default setting has since been changed by Instagram.
Meta, which also owns WhatsApp, claims the DPC decision violates the EU Charter of Fundamental Rights and is therefore invalid.
It is asking for a range of explanations from the High Court, including that certain parts of the Data Protection Act 2018, under which the fines were imposed, are invalid under the Constitution and incompatible with the European Convention on Human Rights.
It is also calling for the hearing of its High Court case to be held “other than in public”.
Meta says it intends to ask the EU’s Court of Justice to overturn a decision by the European Data Protection Board (EDPB) which had instructed the Irish DPC to ensure the fines imposed were “effective, proportionate and dissuasive”. The DPC is the lead regulator in the EU, as Meta has its European headquarters in Dublin, while the EDPB coordinates the work of national and regional data regulators in the EU and a handful of countries outside the Union.
The case against the DPC, Ireland and the Attorney General was mentioned just before Justice Charles Meenan on Monday by Declan McGrath SC, who is representing Meta in a one-sided motion.
The judge held Mr. McGrath’s motion for leave of absence open to ensure that it was filed within the judicial review time limits. He adjourned the request to January.
In its lawsuit, Meta says the DPC’s decision was unlawful, flawed in law and/or outside of its powers due to the fact that its original decision was amended based on the EDPB decision. It is said that the DPC erred in treating “non-binding views” of the EDPB as binding.
The DPC also took into account irrelevant considerations, namely the views expressed by other European data regulators, which Meta says “were not expressed through relevant and reasoned objections”.
According to Meta, there was also a breach of due process by the DPC and EDPB, including both bodies’ failure to consider expert evidence presented by the social media company.
The DPC also did not adequately justify the decision, says Meta.
She further alleges there was a manifest error of judgment in her “misinterpretation and misapplication” of certain articles of the GDPR regulations.
Meta confirmed last week that it will cut 11,000 jobs across its 87,000-strong global operation, with around 350 jobs eliminated in Ireland.
The company – formerly Facebook Inc. – said it would cut 13 per cent of its global workforce but has not yet publicly announced how many jobs will be cut in Ireland.
However, sources say 350 jobs are to be cut from 3,000 Irish staff.
https://www.independent.ie/business/technology/news/meta-appeals-400m-instagram-fine-from-irish-regulator-for-breaching-childrens-privacy-42143611.html Meta files €400m appeal against Instagram with the Irish regulator for infringing on children’s privacy