The Italian data protection watchdog, the DPA (“Garante per la protezione dei dati personali”), fined Facebook for one million euros ($1.1 million) for violating privacy laws over the Cambridge Analytica privacy scandal.
“The Italian DPA (Garante per la protezione dei dati personali) fined Facebook 1 million Euro on account of breaches committed within the framework of the ‘Cambridge Analytica’ case – the latter being the company that had accessed data on 87 million users via a psychological testing app and had used such data to try and influence the US presidential elections in 2016.” reads the press release published by the Italian DPA.
Political consultancy firm Cambridge Analytica improperly collected data of 87 million Facebook users and misused it.
The fine was for “illegal actions committed in the ‘Cambridge Analytica’ case, the company that gained access to the data of 87 million users through an app for psychological tests,” DPA said in a statement.
According to the Garante, 57 Italians had downloaded the Thisisyourdigitallife app via Facebook’s login function. The app allowed Cambridge Analytica to gather data related to additional 214,077 Italian users who had not downloaded the same app and that had not been informed of the sharing of their data and had not given their consent to for its sharing.
“Accordingly, the Garante had found that Facebook had disclosed the data to the Thisisyourdigitallife app in breach of privacy legislation. However, the data had not been transmitted to Cambridge Analytica.” continues the press release.
“We’re are strongly committed to protecting privacy, and we have invested in resources, technology and partnerships, as well as hiring over 20,000 people to work on security in the last year alone,” Facebook said.
It Italy privacy advocated and security experts criticized the Garante because the fine it very small, even if committed before Europe’s new data protection law GDPR was adopted.
In January, the French data protection watchdog CNIL announced a fine of 50 million euros ($57 million) for US search giant Google under GDPR.
In December, The Italy’s Competition Authority fined Facebook 10 million euros for selling users’ data without consent.
“However, the infringements concerning non-compliance with information and consent requirements had been committed in respect of an especially large, important database, in which case no reduced amount fine may be allowed.” concludes the press release. “This is why the 1 million Euro fine was also imposed today by the
Cambridge Analytica was involved also in the campaign for the UK’s Brexit referendum of 2016 and on Donald Trump’s election campaign.