Facebook has been fined with £500K in the UK after the British data protection agency concluded that the data-leaking scandal violated the law, becoming the first fine for the social network for the Cambridge Analytica scandal.
As reported by information security and secure data destruction experts, the fine is the maximum cipher allowed by the UK Data Protection Act, promulgated in 1998, and is equivalent to the revenues that Facebook generates each 8 minutes.
Since the beginning of this year Facebook has been under scrutiny, from the revelation that personal data of 87 million users were improperly stored and used by the political consultancy Cambridge Analytica, who allegedly helped Donald Trump to win the US presidential run in 2016.
According to the social media titan, a professor at Cambridge University called Aleksandr Kogan collected users’ data legitimately through an app but then violated Facebook’s terms by sharing the data with Cambridge Analytica, which was later hired by Trump’s presidential campaign.
The Information Commissioner’s Office (ICO) said that Facebook did not implement any measure to prevent the users’ data fall into the hands of the consultant company.
ICO also found that the company was not clear enough about how its users’ personal information was being exploited by third-parties, violating UK data protection law.
“An important finding of the Commissioner’s investigation is the conclusion that Facebook has not been transparent enough to allow users to understand how and why they might be targeted by a political party or campaign”, the ICO statement said.
Facebook still has a chance to respond to the ICO’s notice of intent before a final decision on the fine is made.
Due to the time context in which the scandal was presented, ICO’s fine was imposed under an old United Kingdom Act, which has now been replaced by the new General Data Protection Regulation of the European Union.
According to secure data destruction specialists, the General Data Protection Regulation stipulates that a company could face a maximum fine of 20M Euros or 4% of its annual global revenues, whichever is greater, because of a violation of data privacy.
Facebook spokespersons claimed that the company will soon respond to the ICO’s notification.
According to secure data destruction experts, ICO is also considering initiating investigation against the former Cambridge Analytica parent company, SCL elections, and initiating a legal process against former Cambridge Analytica CEO, Alexander Nix.
Besides ICO’s research, Facebook also faces an investigation by the U.S. Federal Trade Commission (FTC), which could also result in a substantial fine.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.