Norway reportedly wants to fine Meta for illegal data transfers:
A month after the Irish data watchdog submitted a draft ruling to EU regulators, Norway has weighed in on the legal quagmire around EU-US data transfers.
Norway's data protection authority wants Facebook's parent company to be fined for continuing to transfer EU data to the US in violation of EU law, according to a document seen by Politico.
While Norway is not a member of the EU, it is part of the European Economic Area which has incorporated GDPR.
The proposal was a response to a draft ruling issued by the Irish Data Protection Commission (DPC) to other EU regulators last month, following an investigation into whether Meta's transatlantic data-sharing practices comply with EU rules.
[...] Datatilsynet said that while limitations and bans can ensure future processing of personal data is in line with GDPR, sanctions such as administrative fines "are directed towards violations in the past and carry a punitive element".
[...] In March, Meta was fined €17m by the Irish DPC for not complying with GDPR requirements and having in place "appropriate technical and organisational measures" to protect user data in the context of a dozen data breaches.
But Meta could be waiting some time for a ruling from the DPC on the US-EU data transfers case. Politico reported earlier this month that the Irish watchdog has received objections from several other EU regulators to its draft order, delaying a final decision.
€17M is punitive? Zuckerberg's annual haircut budget is probably larger than that.
(Score: 3, Touché) by Gaaark on Sunday August 28 2022, @07:05PM (1 child)
They need a new leader so when they have to apologize again and say the won't do it again, it might seem plausible.
Zucchiniberg has don't that WAY too many times.
My vote goes to Andy Kaufman: https://www.dailymotion.com/video/xi2h1n [dailymotion.com]
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Sunday August 28 2022, @08:43PM
How dare you call him names? Suckerberg is my friend!
(Score: 1) by Runaway1956 on Sunday August 28 2022, @07:47PM
Make the fine billions, or even tens of billions. Make it hurt!
(Score: 2) by PiMuNu on Sunday August 28 2022, @09:51PM
I note that Ireland has big contracts for data centres with some of the big IT crowd. Could there be a conflict of interest at stake here?
(Score: 2) by Username on Sunday August 28 2022, @10:15PM (5 children)
The entire purpose of the internet is to transfer data from one place to another. Are we to segment the internet? I cannot view my EU friend's wall on facebook?
If I were the zuck I'd just block all traffic from Norway, and be like, "well, there you go."
(Score: 2) by stormwyrm on Monday August 29 2022, @04:01AM (3 children)
Numquam ponenda est pluralitas sine necessitate.
(Score: 2) by Username on Monday August 29 2022, @11:57AM (2 children)
A few flaws.
- Nobody outside of Norway speaks Norwegian or cares too.
- If it's illegal to export Norwegian data, how exactly do I interact with users on website located in Norway while I am outside of Norway? I just look at redacted photos, usernames and posts?
(Score: 2) by captain normal on Monday August 29 2022, @03:56PM
https://en.wikipedia.org/wiki/Languages_of_Norway [wikipedia.org]
Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--
(Score: 1, Informative) by Anonymous Coward on Monday August 29 2022, @06:06PM
I'd actually had to study a bit about the GDPR since its provisions affect some aspects of what the company I work for does, so I have some basic familiarity with it. GDPR Recital 18 [gdpr-info.eu] states: "This Regulation does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity." Furthermore, the GDPR also states that the data subject (e.g. an SNS user) can give consent to the processing of their personal data to some end, e.g. displaying one's personal profile to groups of people they give permission to see it. So an ordinary person anywhere in the world accessing someone's SNS profile is not a violation of the GDPR's data export provisions. Chapter V [gdpr-info.eu] of the GDPR though forbids the transfer of personal data of EU data subjects outside of the European Economic Area unless the third country's data protection legislation is considered adequate by the European Commission (most notably the United States does not fall into this category) or appropriate safeguards are imposed, such as binding and enforceable legal commitments by the data processors in the third country sufficient to satisfy the law. Presumably Facebook did not take the necessary legal steps when it did this.
I have a few friends in Norway even though I speak not a word of their language, and presumably there are even more Norwegians who have friends in the neighbouring countries of Scandinavia. If Facebook is actually arrogant enough to shut out one country, then someone else will build a system to service them and their friends, who may be far afield indeed. People were using MySpace and Facebook concurrently for a time, until gradually people stopped using MySpace to the benefit of Facebook. The same thing could happen again, at any time. As much as I dislike Zuckerberg and all his works, I am not going to accuse him of being stupid enough not to realise the kind of existential risk this exposes his enterprise to.
(Score: 1) by pTamok on Monday August 29 2022, @06:54AM
I guess that would mean blocking all VPN and proxy traffic as well. Otherwise VPNs and proxies to access Facebook will suddenly become popular and monetizable.
(Score: 2, Touché) by toki on Monday August 29 2022, @04:53AM (1 child)
He's not getting his money's worth.
(Score: 3, Funny) by Username on Monday August 29 2022, @10:47AM
Well, you also have to figure in all the blue hair dye he purchases for his employees.