Stories
Slash Boxes
Comments

SoylentNews is people

Norway Reportedly Wants to Fine Meta for Illegal Data Transfers

posted by hubie on Sunday August 28 2022, @06:50PM   Printer-friendly
from the we're-really-really-sorry-(again) dept.

upstart writes:

Norway reportedly wants to fine Meta for illegal data transfers:

A month after the Irish data watchdog submitted a draft ruling to EU regulators, Norway has weighed in on the legal quagmire around EU-US data transfers.

Norway's data protection authority wants Facebook's parent company to be fined for continuing to transfer EU data to the US in violation of EU law, according to a document seen by Politico.

While Norway is not a member of the EU, it is part of the European Economic Area which has incorporated GDPR.

The proposal was a response to a draft ruling issued by the Irish Data Protection Commission (DPC) to other EU regulators last month, following an investigation into whether Meta's transatlantic data-sharing practices comply with EU rules.

[...] Datatilsynet said that while limitations and bans can ensure future processing of personal data is in line with GDPR, sanctions such as administrative fines "are directed towards violations in the past and carry a punitive element".

[...] In March, Meta was fined €17m by the Irish DPC for not complying with GDPR requirements and having in place "appropriate technical and organisational measures" to protect user data in the context of a dozen data breaches.

But Meta could be waiting some time for a ruling from the DPC on the US-EU data transfers case. Politico reported earlier this month that the Irish watchdog has received objections from several other EU regulators to its draft order, delaying a final decision.

€17M is punitive? Zuckerberg's annual haircut budget is probably larger than that.

Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Norway Reportedly Wants to Fine Meta for Illegal Data Transfers | Log In/Create an Account | Top | 12 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by stormwyrm on Monday August 29 2022, @04:01AM (3 children)

    by stormwyrm (717) on Monday August 29 2022, @04:01AM (#1268943) Journal
    I double dare him to do that. Sure, block out Norway. And so the Norwegians will develop their own home-grown social networking services, and those Norwegians have friends all over the world, and they'll start making accounts there too. Facebook risks becoming an also-ran has-been just like MySpace before them if they allow something like that to happen. They cannot so lightly tell a part of the world to fuck off. Facebook is not so essential that it can't be easily replaced by a similar service.
    --
    Numquam ponenda est pluralitas sine necessitate.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by Username on Monday August 29 2022, @11:57AM (2 children)

    by Username (4557) on Monday August 29 2022, @11:57AM (#1268983)

    A few flaws.

      - Nobody outside of Norway speaks Norwegian or cares too.
      - If it's illegal to export Norwegian data, how exactly do I interact with users on website located in Norway while I am outside of Norway? I just look at redacted photos, usernames and posts?

    • (Score: 2) by captain normal on Monday August 29 2022, @03:56PM

      by captain normal (2205) on Monday August 29 2022, @03:56PM (#1269029)

      https://en.wikipedia.org/wiki/Languages_of_Norway [wikipedia.org]

      --
      "It is easier to fool someone than it is to convince them that they have been fooled" Mark Twain

    • (Score: 1, Informative) by Anonymous Coward on Monday August 29 2022, @06:06PM

      by Anonymous Coward on Monday August 29 2022, @06:06PM (#1269062)

      I'd actually had to study a bit about the GDPR since its provisions affect some aspects of what the company I work for does, so I have some basic familiarity with it. GDPR Recital 18 [gdpr-info.eu] states: "This Regulation does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity." Furthermore, the GDPR also states that the data subject (e.g. an SNS user) can give consent to the processing of their personal data to some end, e.g. displaying one's personal profile to groups of people they give permission to see it. So an ordinary person anywhere in the world accessing someone's SNS profile is not a violation of the GDPR's data export provisions. Chapter V [gdpr-info.eu] of the GDPR though forbids the transfer of personal data of EU data subjects outside of the European Economic Area unless the third country's data protection legislation is considered adequate by the European Commission (most notably the United States does not fall into this category) or appropriate safeguards are imposed, such as binding and enforceable legal commitments by the data processors in the third country sufficient to satisfy the law. Presumably Facebook did not take the necessary legal steps when it did this.

      I have a few friends in Norway even though I speak not a word of their language, and presumably there are even more Norwegians who have friends in the neighbouring countries of Scandinavia. If Facebook is actually arrogant enough to shut out one country, then someone else will build a system to service them and their friends, who may be far afield indeed. People were using MySpace and Facebook concurrently for a time, until gradually people stopped using MySpace to the benefit of Facebook. The same thing could happen again, at any time. As much as I dislike Zuckerberg and all his works, I am not going to accuse him of being stupid enough not to realise the kind of existential risk this exposes his enterprise to.