GDPR Hits Meta with Record €2.4 Billion Fine for Illegal Data Transfers to US
The Irish Data Protection Commission has imposed a record €2.4 billion GDPR fine on Meta for illegally transferring European user data to US servers, the largest privacy penalty in history.
Aditya Raj
July 17, 2026
Meta fined record €2.4 billion by Irish DPC for illegal EU-US data transfers under GDPR. Cumulative Meta GDPR fines now exceed €5 billion. Company must delete illegally transferred data within 6 months. Meta to appeal, citing conflicting US surveillance laws and EU privacy requirements.
Meta has announced it will appeal, arguing that the fine is disproportionate and that the company has been caught in a legal no-man's-land between conflicting US surveillance requirements and EU privacy law. The company has been lobbying heavily for a new EU-US Data Privacy Framework."Meta has treated European data protection laws as a cost of doing business rather than a legal obligation. This record fine sends an unmistakable message: GDPR compliance is not optional, and the cost of non-compliance will continue to rise until behavior changes."
— Irish Data Protection Commissioner
Advertisement
Key Takeaways
- 1Record €2.4 billion GDPR fine on Meta — largest privacy penalty in global history
- 2Fine for illegal EU-to-US data transfers using Standard Contractual Clauses
- 3Cumulative Meta GDPR fines now exceed €5 billion across multiple cases
- 4Meta has 6 months to delete illegally transferred data and achieve compliance
Frequently Asked Questions
Why was Meta fined?
For continuing to transfer European users' data to US servers after EU courts ruled US surveillance laws don't provide adequate protection.
How much has Meta paid in total GDPR fines?
Over €5 billion cumulatively across multiple cases since GDPR enforcement began in 2018.
Sources
Loading comments...
