Many regulators have stepped up in the wake of the Cambridge Analytica scandal to probe and potentially punish Facebook for allowing the data of 87 million users to fall into the wrong hands. The UK’s Information Commissioner’s Office (ICO) has now completed its review of the situation, issuing the maximum fine of £500,000.
The ICO’s investigation into Facebook’s dealings with Cambridge Analyica have been going on since March, with the regulator finding the social media network guilty of breaking British data protection laws through lack of proper safeguarding. Unfortunately, the ICO’s fine has been capped at £500,000 thanks to the Data Protection Act 1998, costing Facebook less than 30 minutes’ worth of profit.
“Facebook has failed to provide the kind of protections they are required to under the Data Protection Act,” explains the information commissioner, Elizabeth Denham. “Fines and prosecutions punish the bad actors, but my real goal is to effect change and restore trust and confidence in our democratic system.”
Although the breach goes against the new General Data Protection Regulation (GDPR) rules, capping fines at a whopping €20m (£17m) or 4 per cent of global turnover, Facebook managed to escape the potential £1.4bn fine due to the Cambridge Analytica scandal pre-dating the introduction of the new policies.
The ICO’s ruling is preliminary, with Facebook’s chief privacy officer Erin Egan admitting that the social media giant has been “working closely with the ICO in their investigation of Cambridge Analytica,” alongside officials over in the US. “We’re reviewing the report and will respond to the ICO soon. As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015.”
The Cambridge Analytica scandal has called into question other social media sites, as the ICO continues to investigate a total of 30 companies and their part in the EU referendum. SCL Elections, the now-defunct parent company to similarly discontinued Cambridge Analytica, is facing criminal prosecution as a result of its hand in the breach.
“Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes,” continues Denham. “New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters. But this cannot be at the expense of transparency, fairness and compliance with the law.”
KitGuru Says: Although it’s not the best punishment for a company the size of Facebook, at least the social media site is facing some kind of reprimand. What do you think of Facebook’s penalties regarding its hand in Cambridge Analytica so far?