Facebook owner Meta has been fined a record €1.2 billion by Irish authorities for exporting European users' data to the US where security services can access them.
The Irish Data Protection Commission (IDPC) announced the penalty for breaching the European Union (EU) General Data Protection Regulation (GDPR) on Monday. The regulator said the social media giant's data policy failed to take account of "the risks to the fundamental rights and freedoms" of its users.
The IDPC also gave Meta a five-month deadline to "suspend any future transfer of personal data to the US" and ordered it to end "the unlawful processing, including storage, in the US" within six months.
Meta has its main European centre in Dublin, taking advantage of Ireland's low corporation tax rate. But it has previously threatened to move the office elsewhere in response to tighter privacy regulations.
The previous highest GDPR fine was levied against online retailer Amazon for the sum of €746 million in 2021.
US law, including the 2001 Patriot Act passed in the wake of the 9/11 terrorist attacks, allow agencies such as the FBI and National Security Agency to snoop on users' interactions without a legal warrant authorised by a judge.
Meta, founded by college drop-out Mark Zuckerberg, also owns photo-sharing social media site Instagram and mobile device messenger WhatsApp.
* Meta and Facebook are banned in Russia over extremist activities.