Facebook slapped with maximum fine for data breaches
The Information Commissioner’s Office (ICO) has issued a notice of intent to fine Facebook £500,000, the maximum amount possible under the Data Protection Act, for failing to protect its users’ data and not being transparent about how data was harvested by third parties.
The Facebook scandal emerged after a whistleblower alleged that the controversial data consulting firm Cambridge Analytica had clandestinely harvested personal data from over 87 million Facebook accounts.
So, the cat is officially out of the bag. Tomorrow’s ICO’s report on FT front page. Maximum possible fine for Facebook. Criminal enforcement against Cambridge Analytica. Huge investigation ongoing into MULTIPLE crimes potentially committed in referendum. The ICO is bringing it.. pic.twitter.com/MJJne5k39y
— Carole Cadwalladr (@carolecadwalla) July 10, 2018
"There are other things the ICO could be doing. But I don’t think they have the stomach or political will to do it." Twynham suggested that an enforcement notice is the right way forward for the ICO.
"If the ICO feels that Facebook is still sharing information in ways people wouldn’t fully expect or that this is an ongoing thing - which most people think is the case - they could tell them ‘stop’. They could actually tell them what they want to happen, and that’s even the case under the Data Protection Act, not just GDPR. That could have a huge impact on the Facebook business model."
But Twynham said, "I get this impression that this is so politically charged and Facebook is so huge, they’re not brave enough to do something out of the box."