The €1.2bn fine on Meta this week is the biggest ever imposed under EU data protection rules. The Facebook owner hardly has a blameless record, and has been fined before over lax privacy protections, including $5bn by US regulators in 2019 over the Cambridge Analytica scandal. Yet in this case Meta — like scores of other companies — is caught in a mismatch between EU and US law. The decision against it signals in effect that there is no functioning legal basis for Meta to do what it has been doing: transferring EU user data to the US. Unless a new attempt to create a framework to bridge the legal gap succeeds, the implications for tech firms, consumers and the internet are far-reaching.
Meta本週被罰款12億歐元,這是歐盟依照數據保護規定開出的最大一筆罰單。這家Facebook的母公司過往的記錄遠非純潔無瑕,之前也曾因保護用戶私隱不力被處以過罰款,包括2019年因涉及劍橋分析公司(Cambridge Analytica)醜聞而被美國監管機構罰款50億美元。然而,在這次的案件中,是歐盟與美國的法律不一致讓Meta——以及其他許多公司——遭了殃。對它的處罰實際上表明,Meta一直在做的事情,即把歐盟用戶數據傳輸到美國,是缺乏有效法律作支撐的。除非可以成功建立一個框架來填補法律空白,否則科技公司、消費者和網路將承受重大後果。