Following the concerns over mass US government snooping, the transatlantic Safe Harbour pact was ruled illegal in October 2015. As a result, the EU data protection authorities announced that the tech firms had 3 months to set up alternative legal arrangements for transferring data. Now those 3 months are over, which means that regulators can start taking legal action against firms still relying on the pact to approve data movement. The French CNIL did exactly that in relation to Facebook.
In the meantime, Facebook has previously claimed that it does not use Safe Harbour as a means of transferring data to the United States and has already arranged alternative legal structures to continue its transfers in line with the local law. The problem is that the US and the EU indeed agreed on a new pact to replace Safe Harbour, but it is not yet operational. As a result, the EU data protection authorities have said they require more time to decide if transatlantic data transfers should be restricted.
Now, if Facebook fails to comply within 3 months, it could be fined.