The UK’s data watchdog has just issues the maximum possible fine against Facebook for its failure to protect personal information of their users in regards to the Cambridge Analytica scandal that broke out a few months ago, here in Cambridge.
The fine is a mere £500,000, a small fee for a company that announced $13.2 billion in revenue in the last quarter alone but nonetheless, a step towards demonstrating that such behaviour in the future will not be tolerated. The figure is so low simply because it was calculated using the UK’s outdated 1998 Data Protection Act, and regulators say it would have been “significantly higher” under the EU’s new GDPR regulations, which came into force in the UK in May.
The Information Commissioner’s Office (ICO) said Facebook had let a “serious breach” of the law take place and had given app developers access to people’s data “without clear consent” or any proper checks on those using its platform. It added that a company “of its size and expertise should have known better and done better”.
Confirming the fine, it said in a statement: “Between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had.
“Facebook also failed to keep the personal information secure because it failed to make suitable checks on apps and developers using its platform.”
Facebook, which has the right to appeal the verdict, said: “We are currently reviewing the ICO’s decision. While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015. We are grateful that the ICO has acknowledged our full cooperation throughout their investigation, and have also confirmed they have found no evidence to suggest UK Facebook users’ data was in fact shared with Cambridge Analytica.”
The company is already facing an investigation by the Irish data regulator over an unconnected data breach discovered last month, which could result in a record fine.
I’d love to hear your view so do not hesitate to contact me, subscribe to this blog for free, click here to arrange a FREE Consultancy meeting, send me an email at Nick@CFMGroup.co.uk or Follow me below on Facebook, Twitter, LinkedIn and Instagram