Facebook has been fined £500,000 in the U.K., the maximum fine allowed by the UK’s Data Protection Act 1998, for failing to protect users’ personal information.
In April 2018, Facebook revealed that 87 million users have been affected by the Cambridge Analytica case, much more than 50 million users initially thought.
“Today’s progress report gives details of some of the organisations and individuals under investigation, as well as enforcement actions so far.
This includes the ICO’s intention to fine Facebook a maximum £500,000 for two breaches of the Data Protection Act 1998.” reads the announcement published in July by the UK Information Commissioner’s Office.
“Facebook, with Cambridge Analytica, has been the focus of the investigation since February when evidence emerged that an app had been used to harvest the data of 50 million Facebook users across the world. This is now estimated at 87 million.
The ICO’s investigation concluded that Facebook contravened the law by failing to safeguard people’s information. It also found that the company failed to be transparent about how people’s data was harvested by others.”
Even if the company has agreed to pay a fine, the company pointed out that the UK ICO was not able to demonstrate that the data had actually been transferred to Cambridge Analytica.
After the disclosure of the privacy scandal, the social network implemented several major changes to protect the privacy of its users and prevent abuse.
“Facebook associate general counsel Harry Kinmonth says the company has “made major changes” to the platform since that time and that it is “significantly restricting the information which app developers could access.”” reported the Associated Press.
In June 2019, the United States Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook over the Cambridge Analytica scandal.
(SecurityAffairs – social network, Cambridge Analytica)