British data watchdog, Information Commissioner’s Office (ICO) has reportedly fined Facebook £500,000 (~RM2.6 million) for “serious breaches of the data protection law”. This is the maximum fine that the ICO can impose on violators.
The watchdog concluded its investigation on Facebook ranging from 2007 to 2014, when Facebook was found to allow application developers access to users’ data and information without sufficient and clear informed consent. They also found that Facebook allowed access to user’s information even if they were just “friends” with those who had downloaded the third-party app.
Earlier in 2018, Facebook was embroiled in data breaches involving UK company Cambridge Analytica, where up to 87 million users’ profiles were used without consent.
Elizabeth Denham, Information Commissioner, said they consider the contraventions of data protection laws “so serious” that they imposed “the maximum penalty under the previous legislation.”
The ICO made the judgement that Facebook did not do enough after 2015, when the breaches were detected to safeguard its user’s data from third-party app developers who had unprecedented access to sensitive information. They ruled that a company of such size and expertise as Facebook should have known and done better.
It has long been an issue that social media sites where users give up personal information freely have been sitting on a gold mine of data. Data that if leaked, would expose thousands and even millions of users to malicious intent. There have been reports of data being used in political campaigns, to sway users towards one side or to gerrymander an election for one party.
We certainly hope that more watchdogs and government agencies take a serious look at how data is handled. The European Union’s General Data Protection Regulation (GDPR) was a regional effort to ensure data privacy is upheld and was considered by many an excellent move forward.