The U.K. ’s
Information Commissioner’s Office has fined Facebook £500,000 ($640,463) for
“serious breaches of data protection law.”
The ICO is
the UK ’s
independent regulator for data protection and information rights law.
The fine is
the maximum allowable under the laws that applied at the time the incidents
occurred.
The ICO’s
investigation found that between 2007 and 2014, Facebook processed the personal
information of users unfairly by allowing application developers access to
their information without sufficiently clear and informed consent, and allowing
access even if users had not downloaded the app, but were simply “friends” with
people who had, according to the ICO.
Facebook
also failed to keep the personal information secure because it failed to make
suitable checks on apps and developers using its platform, the ICO says. These
failings meant one developer, Aleksandr Kogan and his company GSR, harvested
the Facebook data of up to 87 million people globally, without their knowledge,
ICO says. According to ICO, a subset of this data was later shared with other
organizations, including SCL Group, the parent company of Cambridge Analytica,
who were involved in political campaigning in the U.S.
Even after
the misuse of the data was discovered in December 2015, Facebook didn’t do
enough to ensure those who continued to hold it had taken adequate remedial
action, including erasing the data, the ICO claims.
The ICO
found that the personal information of at least one million U.K. users was
among the harvested data.
No comments:
Post a Comment