This Christmas will be expensive for US tech giant Meta.

The big tech firm will soon face a huge regulatory bill for its three social networks Facebook, WhatsApp and Instagram. Europe’s privacy regulator, the European Data Protection Board, is expected to issue rulings aimed at the three platforms on Monday, after which Meta’s main regulator in Ireland will issue a final decision within a month.

The details of the financial fine and its possible value will remain confidential until then, but the threefold amount of the fine will amount to more than 2 billion euros, Meta’s financial statements show – setting a new record for the lowest fine. European Union. The Data Protection Regulation (GDPR) that a company receives simultaneously.

According to documents filed in Ireland, Meta has earmarked €3 billion for EU privacy fines in 2022 and 2023. Its Instagram platform has already been fined €405 million for violating children’s privacy, and Facebook has collected €282 so far. Millions in data breach fines and €60 million from the French. This leaves more than €2 billion set aside by the company for regulatory measures.

It’s a blow to Meta, which last month announced it was laying off 11,000 employees worldwide amid declining sales and steep costs related to the company’s pivot to Metaverse.

In addition to hitting Meta’s pockets, the three fines, expected within weeks, will leave a bombshell under its broader business model. The decisions stemmed from a complaint by Austrian activist Max Schrems, who alleged that the company did not have a valid legal basis for processing the data of millions of Europeans. If the final rulings invalidate Meta’s contention that it processes data pursuant to a contract with users, the company must seek another legal basis for its data-driven ad targeting model.

The cases also exposed deep rifts between European data watchdogs.

The Irish Data Protection Commission, in its year-old draft decision, broadly backed Meta’s argument that it could claim the data was necessary to fulfill a ‘contract’ with users to serve personalized ads. But this reasoning has long made Ireland a minority among its peers. Norway’s data protection authority said the Irish interpretation would make EU data protection law “redundant,” according to a document obtained by POLITICO last year. The Irish regulator was the only Irish regulator to vote against EU proposals that would have banned companies from using the legal basis of contract to use data to target ads.

All three decisions are likely to be consistent with the Irish regulator’s initial stance, and more worryingly for Meta, it increases pressure on the company to find new legal ways to collect and process data.

Meta still faces an ongoing, high-profile investigation into the transfer of Europeans’ data to the United States.

Meta declined to comment. It can still appeal fines resulting from future decisions.