© Provided by The Telegraph Facebook handed maximum data breach fine for role in Cambridge Analytica scandal |
By Margi Murphy, The Telegraph
Facebook has been slapped with a £500,000 fine for the role it played in the Cambridge Analytica scandal, in which the data of 87m users was harvested for political purposes.
The data regulator found that the social network failed to safeguard users’ information and allowed people’s personal data to be harvested by others, constituting a breach of the Data Protection Act 1998. Had the breach occurred after May this year, Facebook may have faced a far greater fine under the new data protection law, a maximum of 4pc of global turnover or €20m (£18m), whichever was highest.
The penalty could be just the first in what might become several fines for Mark Zuckerberg as the Information Commissioner’s Office continues to investigate other aspects of Facebook’s data sharing such as an advertising service that combined third party data with the likes of credit check giant Experian, among others. Facebook said it has suspended the service in the EU as a result.
The ICO's probe went beyond how Facebook allowed Dr Aleksandr Kogan, the data scientist who created an app to harvest the personal information of 87m Facebook users and Cambridge Analytica, the now-defunct political campaigning company that the Facebook data was passed on to.
[post_ads_2]
Facebook has been slapped with a £500,000 fine for the role it played in the Cambridge Analytica scandal, in which the data of 87m users was harvested for political purposes.
The data regulator found that the social network failed to safeguard users’ information and allowed people’s personal data to be harvested by others, constituting a breach of the Data Protection Act 1998. Had the breach occurred after May this year, Facebook may have faced a far greater fine under the new data protection law, a maximum of 4pc of global turnover or €20m (£18m), whichever was highest.
The penalty could be just the first in what might become several fines for Mark Zuckerberg as the Information Commissioner’s Office continues to investigate other aspects of Facebook’s data sharing such as an advertising service that combined third party data with the likes of credit check giant Experian, among others. Facebook said it has suspended the service in the EU as a result.
The ICO's probe went beyond how Facebook allowed Dr Aleksandr Kogan, the data scientist who created an app to harvest the personal information of 87m Facebook users and Cambridge Analytica, the now-defunct political campaigning company that the Facebook data was passed on to.
[post_ads_2]
© Getty Cambridge Analytica's former CEO Alexander Nix arrives to give evidence to Parliament's Digital, Culture, Media and Sport (DCMS) Committee at Portcullis House in central London on June 6, 2018. - Cambridge Analytica suspended chief executive Alexander Nix on March 20 after recordings emerged of him boasting that the firm played an expansive role in the Trump campaign, doing all of its research, analytics as well as digital and television campaigns. (Photo by Tolga AKMEN / AFP) (Photo credit should read TOLGA AKMEN/AFP/Getty Images) |
It also determined links between Dr Kogan and Canadian-headquartered data analytics company, Aggregate IQ, which still holds UK citizen data, allegedly passed on by the Leave EU campaign group. Leave EU has denied allegations of wrongdoing.
The regulator said it was difficult to ascertain whether Facebook data had played a role in manipulating the outcome of the European Referendum, however, it had grown concerned about the scale of political parties using software to target or manipulate voters, including software tools that could predict someone’s ethnicity.
It is sending warning letters suggesting all Britain's political parties give themselves up for a data audit or face their own investigation after it found a large “supply of personal data” to political parties. One data broker called Emma’s Diary had caused “significant concern” after it supplied information about mothers in hospital and has been served an enforcement notice as a result.
The ICO will also open a probe into Cambridge University and its data science department over concerns about how easy it was for Dr Kogan and his peers to undertake commercial research, while operating under the umbrella of a respected institution. The university's psychometric unit is said to be cooperating with the audit, but the ICO is concerned that other institutions may have similarly put people’s privacy at risk. Cambridge University did not respond to requests for comment.
The regulator said it was difficult to ascertain whether Facebook data had played a role in manipulating the outcome of the European Referendum, however, it had grown concerned about the scale of political parties using software to target or manipulate voters, including software tools that could predict someone’s ethnicity.
It is sending warning letters suggesting all Britain's political parties give themselves up for a data audit or face their own investigation after it found a large “supply of personal data” to political parties. One data broker called Emma’s Diary had caused “significant concern” after it supplied information about mothers in hospital and has been served an enforcement notice as a result.
The ICO will also open a probe into Cambridge University and its data science department over concerns about how easy it was for Dr Kogan and his peers to undertake commercial research, while operating under the umbrella of a respected institution. The university's psychometric unit is said to be cooperating with the audit, but the ICO is concerned that other institutions may have similarly put people’s privacy at risk. Cambridge University did not respond to requests for comment.
© Getty Global activists of Avaaz, set up cardboard cutouts of Facebook chief Mark Zuckerberg, on which is written 'Fix Fakebook', in front of the European Union headquarters in Brussels, on May 22, 2018, as they call attention to what the groups says are hundreds of millions of fake accounts still spreading disinformation on Facebook. - Advocacy group Avaaz is calling attention to what the groups says are hundreds of millions of fake accounts still spreading disinformation on Facebook. Facebook chief will say sorry to the European Parliament on May 22, 2018, pledging that the social media giant has learned hard lessons from a massive breach of users' personal data. Facebook admitted that up to 87 million users may have had their data hijacked by British consultancy Cambridge Analytica, which worked for US President Donald Trump during his 2016 campaign. (Photo by JOHN THYS / AFP) (Photo credit should read JOHN THYS/AFP/Getty Images) |
Information Commissioner Elizabeth Denham told The Daily Telegraph: “We are concerned about data negligence, the lack of boundaries and the lack of due diligence around data research.”
Ms Denham said that the early results of the investigation shone a light on what had become a wild west in recent years.
She said: “Very few people had an awareness of how they can be personally micro targeted or nudged in a democratic campaign like an election or referendum, and this is the time when people are sitting up and saying ‘we need a pause here and we need to be comfortable with how data is used in our democratic processes’."
Specialist forensics will continue to sift through the “hundreds of terabytes” of Dr Kogan’s Facebook data to identify which nationalities where caught up, which will then be passed on to official representatives.
[post_ads_2]
Ms Denham said that the early results of the investigation shone a light on what had become a wild west in recent years.
She said: “Very few people had an awareness of how they can be personally micro targeted or nudged in a democratic campaign like an election or referendum, and this is the time when people are sitting up and saying ‘we need a pause here and we need to be comfortable with how data is used in our democratic processes’."
Specialist forensics will continue to sift through the “hundreds of terabytes” of Dr Kogan’s Facebook data to identify which nationalities where caught up, which will then be passed on to official representatives.
[post_ads_2]
© Reuters Christopher Wylie, former Cambridge Analytica research director, testifies before a Senate Judiciary Committee hearing titled, "Cambridge Analytica and the Future of Data Privacy" on Capitol Hill in Washington, U.S., May 16, 2018. REUTERS/Al Drago |
Facebook executives recently appeared in front of European parliament, where they claimed they did not believe European data had been caught up in the data harvesting scandal. “That is in dispute,” Ms Denham said.
Erin Egan, chief privacy officer at Facebook said: “As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015.
"We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries. We're reviewing the report and will respond to the ICO soon.” Facebook has been set a deadline to respond and appeal to the claims made in the report.
Erin Egan, chief privacy officer at Facebook said: “As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015.
"We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries. We're reviewing the report and will respond to the ICO soon.” Facebook has been set a deadline to respond and appeal to the claims made in the report.