Facebook will be fined $5 billion for Cambridge Analytica Scandal

Facebook will be fined $5 billion for Cambridge Analytica Scandal

The US data regulator, the Federal Trade Commission (FTC), has announced that it intends to fine Facebook $5 billion for its part in the Cambridge Analytica Scandal.

The fine that Facebook received from the UK’s ICO , coming pre-GDPR, was a mere £500,000 – but despite this being a huge amount more, many feel that it’s inadequate.

Here’s what Dave Lee, the BBC North America technology reporter had to say about it:


Facebook had been expecting this. It told investors back in April that it had put aside most of the money, which means the firm won’t feel much added financial strain from this penalty.


What we don’t yet know is what additional measures may be placed on the company, such as increased privacy oversight, or if there will be any personal repercussions for the company’s chief executive, Mark Zuckerberg.


The settlement, which amounts to around one quarter of the company’s yearly profit, will reignite criticism from those who say this amounts to little more than a slap on the wrist.

You can read the full news report here: https://www.bbc.co.uk/news/world-us-canada-48972327

It’s notable that the fine was only just passed by the FTC by 3 votes to 2, with those voting against it stating that it was insufficient, even though it would be the biggest ever brought by the FTC against a tech company.

Perhaps the most shocking thing is that Facebook shares actually rose 1.8% at the news, with investors receiving the news positively.

The debate will go on, but many will continue to think that Facebook got off lightly with just a $5 billion fine. If this had come under GDPR, it would likely have been in a great deal of trouble.

As it is, a mere £500,000 from the ICO – a record at the time, until the recent British Airways fine of £183 million – seems hardly worth mentioning.

Private messages for sale from 81,000 hacked Facebook accounts

Private messages for sale from 81,000 hacked Facebook accounts

News has broken that 81,000 hacked Facebook accounts have had their private messages stolen. The hackers are now attempting to sell this data on, at the price of 10 cents (8p) per account, and are also claiming that they have obtained details from even more accounts – 120 million – although this has not been verified.

hacked facebook accounts hackerFacebook has already faced huge problems regarding data protection. It was fined £500,000 earlier this year for its role in the Cambridge Analytica scandal, and it now looks like it will be facing further penalties from the Information Commissioner’s Office (ICO). Regardless of the scale of this latest breach, things are looking bad for the social media giant.

Whatever happens next, a new fine will tell us something useful. The Cambridge Analytica scandal took place before GDPR came into effect in May, so the fine against Facebook was brought according to the pre-existing data laws. Specifically, it came under the Data Protection Act 1998. A new fine relating to this latest breach, however, will fall under GDPR.

It’s important to note that Facebook have not been able to hide behind being a US company. And as it turns out, they may have been fortunate that the Cambridge Analytica scandal was exposed before May 25th; it’s impossible to say what the fine would have been under GDPR, but it may well have been considerably greater than £500,000.

No matter what, though, the single biggest issue here is the ongoing risk to users. Facebook is a built around people’s personal data, but has so far been unable to provide adequate protection for that data. If the trend continues, there could be even more trouble ahead for the company.

You can find out more about this latest data breach of hacked Facebook accounts here.

And if you want to ensure that your company is GDPR compliant, make us of our GDPR Gap Analysis to make sure that you avoid heavy fines.

Facebook Reveal New Data Privacy Policy

Facebook Reveal New Data Privacy Policy

After the huge data scandal involving Cambridge Analytica, Facebook has updated its Data Privacy Policy in preparation for the new GDPR regulations.

When you next login to Facebook you should be redirected to two or three new pages informing you about their new privacy policy. Facebook has acted quickly after the data breach scandal and is now going all-in with data protection and GDPR.

The most welcome thing you’ll see from Facebook’s new policy is how much more control you’ll have as a user. A big positive coming from GDPR is that users have so much more control over their personal data, and it’s a welcome sight seeing Facebook comply here.

While the Cambridge Analytica scandal has really hurt Facebook’s credibility, the company has acted very quickly and efficiently to become more GDPR compliant.

It’s still not too late to become fully compliant with GDPR before the May 25th deadline – but you’ll need to act fast, and with professional consultants helping you on the way. That’s where we come in. Check out our services and get in touch with us for a quote now…

Read more on Facebook’s new policy here: http://tradearabia.com/news/MEDIA_339327.html

Facebook Reveal New Data Privacy Policy

How the Facebook Privacy Policy Could be Improved

The Facebook privacy policy is undergoing some development amidst the recent scandal involving the social media giants and Cambridge Analytica. Facebook will hope that this re-design of their privacy policy and infrastructure will better secure individuals’ data.

The main issue that arose from Cambridge Analytica taking 50 million user data was that it was obtained without consent. How is this possible? Well, unless an individual user has put their privacy settings to the highest level, pretty much anyone can view your information.

So how can Facebook adapt and give their user the power to control what they consent to and what they share?

Friends and Mutual Friends

One way Facebook can allow users to share their data – thereby consenting to share their data – is by adding a friend. Once you confirm a new friend this can essentially be considered as an individual providing consent to share their personal data with another individual – who is equally consenting to share their data.

The issue is that many users will most likely not have the privacy settings set to completely private. Which means people you may not even know can see your personal data (organisation such as Cambridge Analytica, for example). The option for you to hide your personal data from anyone who isn’t a friend should be in place from the get-go. It would then be on the individual to consensually adjust their settings to allow for more public sharing of data.

The really big issue is that isn’t easily fixable and would only really be an option for new Facebook users – and after this farce, that’s fairly unlikely. The best thing Facebook could do could be to just notify their users that they are setting EVERYONE’S Privacy Settings to the highest privacy option – I.E. that no-one can view your profile. That would then give the individual the power to set their profile to whatever privacy setting they like – thereby consenting to share their data with a select number of people that they choose.

This is just one example of what Facebook could do, but it also illustrates the massive task Facebook have on their hands. Would forcing their users to set their own privacy settings go down well? How would they go about obtaining consent to process individuals’ data? Can they just encrypt all the data they currently hold and ask for users to re-consent? Again, these are just a few of the many, many questions Facebook need to be asking themselves.

Facebook Reveal New Data Privacy Policy

Facebook Data Breach and what it means for GDPR

In the wake of the recent Facebook data breach, we take a brief look at how the social media giants could become the poster company for how NOT to be in the new age of GDPR.

In 2014, the company Cambridge Analytica ran a survey that collected the data of over 200, 000 Facebook users – those users willingly gave their consent to the company to use their data. They were actively taking part in the survey. However, Facebook has various functions in place that can allow you to view the profile, and hence personal data, of friends of one specific user – and potentially even friends of friends, and so on. Those users did NOT provide their consent to be used in the survey, yet it still was.

The number of users’ that did not provide their consent that has been floating around is 50 million. But, looking at the average number of Facebook friends (as noted here: http://bigthink.com/praxis/do-you-have-too-many-facebook-friends) that number could be significantly higher.

So, take those 200,000 friends and the average 338 friends per user, a potential 67.6 million could have been obtained without express consent. (Even looking at the median number of Facebook friends (200) that number would still reach 40 million, so that 50 million seems to be a middle ground number).

Facebook has come under a lot of scrutiny for this breach of data, but it doesn’t just end there for them. Other issues they have with data privacy include: not providing users with suitable privacy control (i.e. there are only a few privacy settings to even choose from), the amount of data they hold can alone be problematic with DSARs such as the right to be forgotten or the right to suspend processing. Mark Zuckerberg has even been called into UK Parliament to address various data protection concerns and misleading information.

One good thing that has come of this is that users are taking action with a campaign to delete Facebook. Ironically this campaign is happening on social media platforms such as Twitter, which is also likely to be collecting personal data of users without consent.

This campaign does represent the power users and individuals will get over their personal data when GDPR comes into place. #DeleteFacebook won’t just be an idle threat, but if you request for your account, and personal data, to be deleted, the company must abide by your request, or face further consequences.

Read more on the story here: http://www.bbc.co.uk/news/technology-43465968