Britain's Information Commissioner's Office (ICO) Thursday announced that it has fined Facebook 500,000 pounds for "serious breaches of data protection law".
"Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better," said Elizabeth Denham, Information Commissioner, in a statement.
The ICO's investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply "friends" with people who had.
The social network also failed to keep the personal information secure because it failed to make suitable checks on apps and developers using its platform, according to the ICO.
It has been revealed that one developer, Dr Aleksandr Kogan and his company GSR, harvested the Facebook data of up to 87 million people worldwide, without their knowledge. A subset of this data was later shared with other organizations, including SCL Group, the parent company of Cambridge Analytica, according to the ICO.
The ICO also pointed out that even after the misuse of the data was discovered in December 2015, Facebook did not do enough to ensure those who continued to hold it had taken adequate and timely remedial action, including deletion. In the case of SCL Group, Facebook did not suspend the company from its platform until 2018.
Britain's data protection watchdog found that the personal information of at least one million British users was among the harvested data and consequently put at risk of further misuse. (1 British pound = 1.28 U.S. dollars)Enditem