
Britain鈥檚 data watchdog intends to fine聽贵补肠别产辞辞办听拢500,000 for breaches of the Data Protection Act.
The Information Commissioner鈥檚 Office said the social media firm broke the law by failing to safeguard people鈥檚 information and failing to be transparent about how people鈥檚 data was harvested by others.聽Facebook has a chance to respond to the Commissioner鈥檚 Notice of Intent, after which a final decision will be made.
The ICO also announced it proposes to bring criminal action against SCL Elections, the parent company of Cambridge Analytica. SCL Elections has allegedly failed to deal with a request from academic David Carroll to see the data the company holds about him, even after the ICO issued an enforcement notice compelling it to do so.
Advertisement
贵补肠别产辞辞办听and Cambridge Analytica聽have been the focus of the ICO鈥檚 investigation since February when evidence emerged that an app had been used to harvest the data of 50 million聽贵补肠别产辞辞办听users around the world. The total is now estimated at 87 million.
In March 2017, the ICO began looking into whether personal data had been misused by campaigns on both sides of the UK鈥檚 2016 EU referendum. It later launched an investigation that included political parties, data analytics companies and major social media platforms. The gives details of some of the organisations and individuals under investigation, as well as enforcement actions so far.
Micro-targetting voters
Other regulatory action set out in the report includes warning letters to 11 political parties and notices compelling them to agree to audits of their data protection practices. 鈥淭rust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes,鈥 said Information Commissioner,聽Elizabeth Denham.
鈥淣ew technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters,鈥 she said. 鈥淏ut this cannot be at the expense of transparency, fairness and compliance with the law.鈥
The interim progress report has been produced to inform the Department for Digital, Culture, Media and Sport鈥檚 inquiry into fake news. 鈥淕iven that the ICO is saying that聽贵补肠别产辞辞办听broke the law, it is essential that we now know which other apps that ran on their platform may have scraped data in a similar way,鈥 said聽Damian Collins, chair of the DCMS committee.聽鈥淚f other developers broke the law we have a right to know, and the users whose data may have been compromised in this way should be informed.鈥
鈥淎s we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015,鈥 said Erin Egan, chief privacy officer at聽Facebook.鈥漌e鈥檙e reviewing the report and will respond to the ICO soon.鈥
Campaigners expressed disappointment at the size of the fine proposed by the watchdog, which was limited to 拢500,000 due to laws governing the 2013-2014 period when the breaches occurred. 鈥淯nder new GDPR (general data protection regulation) laws, the ICO could fine聽贵补肠别产辞辞办听for 拢479 million,鈥 says Kyle Taylor at Fair Vote UK.聽鈥淯nfortunately, because they had to follow old data protection laws, they were only able to fine them the maximum of 拢500,000. This is unacceptable.鈥