The investigation into Facebook’s compliance with EU data privacy regulations is expected to be concluded by December 2019. The Data Protection Commission (DPC) in Ireland, which is the lead EU supervisory authority for most major tech companies, is heading the inquiries into Facebook and other multinational technology companies headquartered in Dublin. The body is charged with overseeing their compliance with the European Union’s tough data privacy rules.
In May, Data Protection Commissioner Helen Dixon told the US Senate that 8 of the 17 investigations into multinational technology companies headquartered in Ireland involve Facebook. The social media giant could face a fine of up to 4% of its annual global turnover, or about €2 billion. However, Dale Sunderland, the Deputy Commissioner at the DPC who is leading the investigation, hasn’t given away any detail about the nature of the decision, the size of a potential fine or what concerns might be addressed by the findings of the investigation. The DPC will have to share its findings with other European data protection authorities who will provide feedback on the decisions and consider whether the measures are sufficient in addressing any breaches of the regulations.
The DPC has come under scrutiny from campaigners and EU data protection agencies for not acting swiftly on data breaches: Ireland has not yet issued a GDPR-related fine. However, since July 2018 the agency has opened 20 investigations which are currently ongoing. Sunderland defended the lengthy procedures pointing to a need to make sure the decisions would be upheld in court.