Filing with the U.S. Securities and Exchange Commission, Meta has revealed that it is bracing itself for a potential disruption to its EU-U.S. data flows and an imposing GDPR fine from Ireland’s Data Protection Commission. The company’s Q1 2023 Form Q-10 and earnings report divulged the possible consequences of the DPC’s impending definitive stance on their cross-border transfers.
Should an adequacy decision not be granted via the proposed EU-U.S. Data Privacy Framework, a mandate could be issued to suspend its operations in the EU. Furthermore, documents illustrate the likelihood of a formidable financial penalty and restorative steps being mandated by the European Data Protection Board. In particular, the filing mentions that the fine may be “substantial”.
During an investor call discussing the same filing, Chief Financial Officer Susan Li was candid when discussing the yet unknown components related to the DPC’s order – including its duration – which will significantly influence the company’s trajectory.