Meta has been fined a record 1.2 billion euro ($1.3 billion) by European privacy regulators over the transfer of EU user data to the U.S.

The decision links back to a case brought by Australian privacy campaigner Max Schrems who argued that the framework for transferring EU citizen data to America did not protect Europeans from U.S. surveillance.

Several mechanisms to legally transfer personal data between the U.S. and the EU have been contested. The latest such iteration, Privacy Shield, was struck down by the European Court of Justice, the EU’s top court, in 2020.

The U.S and EU last year “in principle” agreed to a new framework for cross-border data transfers. However, the new pact has not yet come into effect.

The Irish Data Protection Commission that overseas Meta operations in the EU alleged that the company infringed the bloc’s General Data Protection Regulation (GDPR) when it continued to send the personal data of European citizens to the U.S.

GDPR is the EU’s landmark data protection regulation that governs firms active in the bloc. It came into effect in 2018.

The 1.2 billion euro penalty for Meta is the highest sum that any company has been fined for breaching GDPR. The previous largest fine was a 746 million euros charge for e-commerce giant Amazon for breaching GDPR in 2021.

This is a breaking news story. Please check back for more.