It’s no secret that Facebook has faced a rough year and whilst the dust seems to generally be settling on their data scandal they’re not out of the woods yet.
Now the UK data protection watchdog have signalled that they intend to fine Facebook £500,000 for their data breaches – the maximum allowed.
The Information Commissioner’s Office said Facebook had failed to ensure Cambridge Analytica had deleted users’ data.
The ICO also intend to bring a criminal action against Cambridge Analytica’s defunct parent company SCL Elections.
It also raised concerns about political parties buying personal information from ‘data brokers’.
One company used by the labour party was named, Emma’s Diary – a company that gives medical advice and free baby-themed goods to parents.
The ICO also named Aggregate IQ – which worked with the vote leave campaign in the run up to the EU referendum, the company have been ordered to stop processing UK citizens’ data.
Kyle Taylor, director of campaigning group Fair Vote UK said:
“Under new GDPR (General Data Protection Regulation) laws, the ICO could fine Facebook £479m.
Unfortunately, because they had to follow old data protection laws, they were only able to fine them the maximum of £500,000. This is unacceptable,”
Mr Wylie, a former employee of Cambridge Analytica – a London-based political consulting firm – told the Observer and New York Times his company had made unauthorised use of personal data harvested from millions of Facebook users.
The ICO found that Facebook had breached its own rules and failed to make sure that Cambridge Analytica had deleted this personal data.
Cambridge Analytica insisted that they had wiped their data after Facebook’s erasure request in December 2015, however the ICO said it had found evidence that the data had been shared with others.