Meta Platforms Ireland Limited – €265,000,000 Fine (Ireland, 2022)

€265,000,000Data Protection Commission25 November 2022Ireland
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Meta Platforms Ireland Limited was fined EUR 265 million after a massive data leak exposed personal information of up to 533 million Facebook users. This case is significant because it shows the need for strong data protection measures to prevent such breaches. Companies should ensure their tools and systems are secure to protect user data.

What happened

Meta Platforms Ireland Limited experienced a data leak affecting up to 533 million users due to inadequate data protection measures.

Who was affected

Facebook users whose personal data, such as phone numbers and email addresses, were exposed in the data leak.

What the authority found

The Irish DPA found that Meta violated GDPR by failing to implement sufficient technical and organizational measures to protect personal data.

Why this matters

This ruling emphasizes the necessity for tech companies to prioritize data security and privacy. It serves as a warning to businesses to rigorously assess and improve their data protection practices to avoid similar breaches.

GDPR Articles Cited

AI-verified

Art. 25(1) GDPR
View original scraped data
Art. 25(1) GDPR
(2) GDPR

Original data from scraper before AI verification against source document.

Source verified 4 March 2026
date discrepancy
Ireland enforcementData Protection Commission actionsAll Meta Platforms Ireland Limited actions
Full Legal Summary
Detailed

The Irish DPA has fined Meta Platforms Ireland Limited EUR 265 million. The DPA had launched an investigation against Meta in 2021 after media reports indicated that a dataset containing personal data from Facebook had been made available on a hacking platform. The data leak affected up to 533 million users with their data such as phone numbers and email addresses. As part of the investigation, the DPA reviewed and assessed the Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer tools. The DPA primarily reviewed the implementation of technical and organizational measures to protect personal data and found a breach of Art. 25 GDPR

Related Enforcement Actions (5)

Other enforcement actions involving Meta Platforms Ireland Limited in IE

Fine
Mar 2022· Data Protection Commission

The Irish DPA (DPC) has imposed a fine of EUR 17 million on Meta Platforms Ireland Limited (former Facebook Ireland Limited). The decision is based on...

€17.0M
Current
Nov 2022

Fine

€265.0M

Fine
Jan 2023· Data Protection Commission

The Irish DPA (DPC) has fined Meta Platforms Ireland Limited EUR 390 million. The DPA has imposed a fine of EUR 210 million for violations related to ...

€390.0M
Fine
May 2023· Data Protection Commission

The Irish DPA (DPC) has fined Meta Platforms Ireland Limited EUR 1.2 billion. This is the highest fine imposed to date under the GDPR. In its decision...

€1.2B
Fine
Sept 2024· Data Protection Commission

This decision is the final result of an inquiry launched in April 2019 after Meta Platforms Ireland Limited (MPIL) notified the DPC of the personal da...

€91.0M
Fine
Dec 2024· Data Protection Commission

The Irish Data Protection Commission (DPC) has fined Meta Platforms Ireland Limited EUR 251 million. The fine was imposed for data protection violatio...

€251.0M

Details

Fine Date

25 November 2022

Authority

Data Protection Commission

Fine Amount

€265,000,000

Enforcement Tracker ID

ETid-1502

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Meta Platforms Ireland Limited - Ireland (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: