(Bloomberg) --Meta Platforms Inc. could face a hefty fine as a probe by a key European Union privacy watchdog into the leak of the personal data of more than half a billion users last year draws to a close.
The Irish Data Protection Commission submitted its draft decision in the investigation for approval to its EU counterparts, it said in a statement on Monday. Meta is among a number of big US tech companies that have set up an EU hub in Ireland, making the watchdog there its main supervisor for possible data protection violations.
The probe was opened in 2021 “after media reports highlighted that a collated dataset of Facebook user personal data had been made available on the internet,” the watchdog said. Personal information on 533 million Facebook users worldwide reemerged on a hacker website in April 2021, including their phone numbers and email addresses.
Several companies, including Marriott International Inc. and Uber Technologies Inc., have faced fines from European data regulators in cases where user data was compromised. EU data protection rules introduced in 2018 gave the bloc’s privacy enforcers for the first time the power to levy fines of as much as 4% of a company’s annual sales.
Meta has said the data was old and was already reported back in 2019.
“Unauthorized data scraping is unacceptable and against our rules,” Meta said in an emailed statement. “We have engaged closely with the Irish Data Protection Commission on this important issue and continue to invest in our systems to prevent scraping on our platform.”
Meta said it “will continue to work with our peers on this industry challenge and await the final report.”