Meta has been fined a record 1.2 billion euro ($1.3 billion) by European privacy regulators over the transfer of European Union user data to the U.S.

The decision links back to a case brought by Australian privacy campaigner Max Schrems who alleged that the framework for transferring E.U. citizen data to America did not protect Europeans from U.S. surveillance.

Several mechanisms to legally transfer personal data between the U.S. and the E.U. have been contested. The latest such iteration, Privacy Shield, was struck down by the European Court of Justice, the E.U.’s top court, in 2020.

The U.S and E.U. last year “in principle” agreed to a new framework for cross-border data transfers. However, the new pact has not yet come into effect.

The Irish Data Protection Commission that overseas Meta operations in the E.U. alleged that the company infringed the bloc’s General Data Protection Regulation (GDPR) when it continued to send the personal data of European citizens to the U.S.

GDPR is the E.U.’s landmark data protection regulation that governs firms active in the bloc. It came into effect in 2018.

The 1.2 billion euro penalty for Meta is the highest sum that any company has been fined for breaching GDPR. The previous largest fine was a 746 million euros charge for e-commerce giant Amazon for breaching GDPR in 2021.