Facebook fined £500K for 'serious breaches' of data protection law
Facebook has been fined half a million pounds by the UK's data watchdog, the Information Commissioner's Office. The ICO fined Facebook £500,000 ($645,175) for "serious breaches of the data protection law," per the penalty notice.
The figure — which is the maximum fine that the ICO is able to impose — is still rather paltry compared to Facebook's net worth of £445bn.
An investigation by the ICO revealed that between 2007 and 2014, Facebook "processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent." Facebook also allowed "access even if users had not downloaded the app but were simply 'friends' with people who had."
Earlier this year, an investigation revealed that UK firm Cambridge Analytica harvested data from 87 million Facebook profiles without user consent.
"Facebook also failed to keep the personal information secure because it failed to make suitable checks on apps and developers using its platform," states an ICO statement.
"A company of its size and expertise should have known better."
"These failings meant one developer, Dr Aleksandr Kogan and his company GSR, harvested the Facebook data of up to 87 million people worldwide, without their knowledge."
Per the investigation, a "subset of this data" was shared with other organisations and SCL, Cambridge Analytica's parent company, which was involved in "political campaigning in the U.S."
The ICO also ruled that Facebook "did not do enough" after the data breach was discovered in 2015.
"Even after the misuse of the data was discovered in December 2015, Facebook did not do enough to ensure those who continued to hold it had taken adequate and timely remedial action, including deletion," the statement reads. "In the case of SCL Group, Facebook did not suspend the company from its platform until 2018."
Elizabeth Denham, Information Commissioner, said they consider the contraventions of data protection laws "so serious" that they imposed "the maximum penalty under the previous legislation."
"Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data," Denham continued. "A company of its size and expertise should have known better and it should have done better."
Topics Facebook
Rachel Thompson is the Features Editor at Mashable. Rachel's second non-fiction book The Love Fix: Reclaiming Intimacy in a Disconnected World is out now, published by Penguin Random House in Jan. 2025. The Love Fix explores why dating feels so hard right now, why we experience difficult emotions in the realm of love, and how we can change our dating culture for the better.
A leading sex and dating writer in the UK, Rachel has written for GQ, The Guardian, The Sunday Times Style, The Telegraph, Cosmopolitan, Glamour, Stylist, ELLE, The i Paper, Refinery29, and many more.
Rachel's first book Rough: How Violence Has Found Its Way Into the Bedroom And What We Can Do About It, a non-fiction investigation into sexual violence was published by Penguin Random House in 2021.
