Facebook has been slammed with a fine of £500,000 ($664,000) in the UK for breaking Data Protection laws. The fine was imposed after UK’s data regulator performed a wide ranging investigation into the Cambridge Analytica scandal and found Facebook guilty of non – compliance of GDPR (General Data Protection Regulation) as:
Cambridge Analytica is a London-based company that helps business and political groups to muster up data on voters during electoral processes. This data is then analyzed to conduct strategic communication and to create effective slogans and campaign messages. The company was started in 2013 as an offshoot of SCL (Strategic Communication Laboratories) group.
Social media platforms like Facebook are used as a source to collect data.
Cambridge Analytica has been subjected to numerous accusations related to data breach over past several months, and has also been vilified for several illegal activities.
Cambridge is accused of inappropriately gaining access to data of over 87 million Facebook users in the US. The motive behind this malevolent act was to gather user data to help get their client Donuld Trump elected.
The alleged breach came to light when Christopher Wylie, Cambridge Analytica whistle-blower revealed that they exploited Facebook profiles of millions of people. Facebook has been under scrutiny since then.
According to the social media giant, a Cambridge psychology professor, Aleksandr Kogan built an app called “thisisyourdigitallife” in 2015.
The app took a detailed online personality test that asked users to provide information about themselves. The test answers helped the culprits to gather personal information about the user.
Furthermore, to take the test users had to login to their Facebook accounts. The act of logging into Facebook gave the malicious Quiz app access to following information from Facebook Users’ account:
Moreover the quiz app also requested permissions from the test seekers to access following information about their Facebook friends:
Only 270,000 Facebook users actually signed up to take the personality test. However, the app also stealthily harvested the data of the user’s Facebook friends. This led to the total of approximately 87 million people’s data to be compromised and framed Facebook guilty.
Kogan alleges to have shared the information obtained from the app with Cambridge Analytica.
Facebook was aware of the data harvesting in 2015 and repeatedly asked companies holding the data to delete it. However there was no evidence to make sure if this was done.
This dodgy data harvesting violates Facebook’s own data policy. Allegations of misuse of Facebook user data is an unacceptable violation of citizens’ privacy rights.
However, the final decision on the £500,000 fine is yet to be made and Facebook still has a chance to respond to the UK’s ICO’s (Information Commissioner’s office) Notice of Intent before that.
New data protection regulation, GDPR threatens to slap companies with bigger fines ahead:
Considering the year of the scandal, the ICO fine has been imposed under old UK law. However the law has been replaced by the new EU’s General Data Protection Regulation.
ICO’s fine of £500,000 is small for a company that made $11.97 billion in revenues in the first quarter of 2018 alone. However this amount is maximum as per UK’s Data Protection Act 1998, and equals to what Facebook earns every 8 minutes.
As per new data protection regulation GDPR, however, the fine for such a crime would be up to 4 percent of global annual turnover or 20 million euros ($23.5 million) — whichever amount is larger
Facebook, along with Google, is also facing legal complaints from privacy activist Max Schrems that could also lead to billions in fines. Facebook and the Facebook-owned platforms WhatsApp and Instagram are accused of forcing user to grant access to their data, a practice which again violates GDPR
Hits: 102
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.