Meta fined €251m by Data Protection Commission over Facebook data breach
The Data Protection Commission (DPC) has fined Facebook owner Meta Platforms €251 million for leaking personal data on Facebook in 2018.
The categories of personal data affected included: user’s full name; email address; phone number; location; place of work; date of birth; religion; gender; posts on timelines; groups of which a user was a member; and children’s personal data.
The breach arose from the exploitation by unauthorised third parties of user tokens on the Facebook platform. The breach was remedied by MPIL and its US parent company shortly after its discovery.
DPC Deputy Commissioner Graham Doyle said: “This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals. Facebook profiles can, and often do, contain information about matters such as religious or political beliefs, sexual life or orientation, and similar matters that a user may wish to disclose only in particular circumstances. By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”
The full decision will be published by the DPC “in due course”.
Meta also reached a settlement in Australia over the Cambridge Analytica scandal. This British company had exploited Facebook to harvest millions of profiles to influence voters for Donald Trump’s 2016 campaign and the Pro-Brexit campaign. Meta is allocating AUS$50 million to compensate injured parties.
Emerce
Subscribers 0
Fans 0
Followers 0
Followers