Ireland's Data Protection Commission submitted a preliminary decision on Facebook's April 2021 data breach to members of the European Data Protection Board under Article 60 of the EU General Data Protection Regulation. The DPC began an immediate investigation following the breach involving more than 533 million individuals worldwide and 1.5 million Irish users. The decision concerns alleged violations of principles for data protection by design and default under Articles 25(1) and 25(2) of the GDPR.