META (Facebook, Instagram, WhatsApp) É MULTADA EM € 1,2 BILHÃO POR TRANSFERIR DADOS PESSOAIS

A Comissão de Proteção de Dados (DPC, sigla em inglês), responsável pela regulação de privacidade do bloco europeu de nações, aplicou à Meta, empresa dona do Facebook, Instagram e WhatsApp, multa de mais de € 1,2 bilhão — ou R$ 6,5 bilhões na cotação atual — por violação das normas de proteção de dados da União Europeia. A punição foi anunciada nesta segunda-feira, 22.

De acordo com a comissão, a Meta tem armazenado e transferido dados pessoais de usuários europeus para computadores (servidores) dos Estados Unidos, o que é considerado proibido pela regulação europeia.

A DPC utiliza uma "base legal" para justificar o processamento de dados pessoais e delinear os direitos que os "titulares" individuais têm e como eles podem exercê-los. Ela também estabelece as regras básicas sobre marketing direto eletrônico, bem como o uso de cookies e outras tecnologias semelhantes. Esta orientação deve auxiliar tanto os titulares de dados quanto os controladores de dados, principalmente quando lida antes de enviar uma solicitação a um controlador de dados ou uma consulta à DPC.

A seguir, os direitos individuais contidos em sua base legal - General Data Protection Regulation (GDPR):

Data protection is a fundamental right set out in Article 8 of the EU Charter of Fundamental Rights, which states;

1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned, or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority.

This means that every individual is entitled to have their personal information protected, used in a fair and legal way, and made available to them when they ask for a copy. If an individual feels that their personal information is wrong, they are entitled to ask for that information to be corrected.

In order to process personal data, organisations must have a lawful reason. The lawful reasons for processing personal data are set out in Article 6 of the GDPR. The six lawful reasons for processing personal data are:

1. Consent.
2. To carry out a contract.
3. In order for an organisation to meet a legal obligation.
4. Where processing the personal data is necessary to protect the vital interests of a person.
5. Where processing the personal data is necessary for the performance of a task carried out in the public interest.
6. In the legitimate interests of a company/organisation (except where those interests contradict or harm the interests or rights and freedoms of the individual).

Any one of the six reasons given above can provide a legal reason for processing personal data.

The tabs at the side of this page will take you to more detailed information about:

• your individual rights under data protection;
• how to exercise those rights for yourself; and
• how to raise a concern with the Data Protection Commission in cases where you feel your rights are not being respected.

It is important to remember that most organisations take data protection very seriously, and the majority of issues are resolved without ever needing to be lodged as a complaint with the DPC. The information on the following pages is designed to help you to exercise your individual rights and secure a speedy and satisfactory solution, while also explaining how to lodge a complaint in cases where that has been unsuccessful.

A resposta da Meta também divulgada hoje. Neste link.