UK fines Facebook £500,000 for failing to protect user data
Facebook was fined £500,000 by the UK’s Information Commissioner’s Office (ICO) for its role in the Cambridge Analytica data scandal which allowed unauthorized access of 87 million user information without sufficient consent.
The fine forced by the ICO was calculated using the UK’s old Data Protection Act 1998 which can impose a maximum penalty of £500,000 which represents a small fee for a company that brought in $40.7bn (£31.5bn) in global revenue in 2017. The penalty could have been much larger had it fallen under EU’s General Data Protection Regulation (GDPR), where a company could face a maximum fine of 20 million euros or 4% of its annual global revenue, whichever is higher, for such a privacy breach.
The investigation found that Facebook failed to keep the personal information of its users secure by failing to make suitable checks on developers using its platform.
Equifax recently faced a similar fine of £500,000 from its massive data breach that exposed personal and financial data of hundreds of millions of its customers.