Facebook will be fined £500,000 ($662,900) in the U.K. after the country’s privacy watchdog said its data sharing scandal broke the law.
The Information Commissioner’s Office (ICO) is hitting the social network with the maximum possible fine it can impose, for two breaches of the U.K.’s Data Protection Act.
Facebook failed to safeguard people’s information, the ICO said, and was not transparent about the way in which user data was harvested by others.
“Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes,” Information Commissioner Elizabeth Denham said in a statement on Wednesday.
Denham added: “New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters.
But this cannot be at the expense of transparency, fairness and compliance with the law.” She said that fines and prosecutions “punish the bad actors” but that her true aim was to “effect change and restore trust and confidence in our democratic system.”
The ICO said it will send out warning letters and audit notices to 11 political parties, and will seek a criminal prosecution for SCL, the parent company of the now-defunct controversial political data analytics firm Cambridge Analytica.
The fine on Facebook
was unveiled as part of the ICO’s report investigating whether personal data had been misused by political campaigns during the 2016 referendum on the U.K.’s membership of the European Union.
“As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015,” Erin Egan, chief privacy officer at Facebook, said in an emailed statement.
“We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries.
We’re reviewing the report and will respond to the ICO soon.”
Bigger fines ahead?
Facebook was embroiled in scandal earlier this year after reports emerged claiming the company allowed the data of 50 million users to be shared improperly with Cambridge Analytica. The company has since admitted that 87 million users were affected.
The reports further highlighted concerns that the platform could have been used as a means for targeting voters during the 2016 U.S. presidential election. Facebook CEO Mark Zuckerberg
subsequently apologized and promised the company would “do better.”
Though the ICO’s fine is small for a company that made $11.97 billion in revenues in the first quarter of 2018 alone, it could serve as a precursor to further charges from other regulators.
The EU’s new data protection law GDPR, for instance, threatens to slap companies with fines of up to 4 percent of global annual turnover or 20 million euros ($23.5 million) — whichever amount is larger.
Facebook, along with Google, is facing legal complaints from privacy activist Max Schrems that could lead to billions in fines.
Schrems accused Facebook and the Facebook-owned platforms WhatsApp and Instagram of forcing consent from users to obtain the right to use their data, a practice which would breach GDPR. There are also concerns that the U.S. Federal Trade Commission could impose a record fine on Facebook over the Cambridge Analytica scandal.