Facebook scores badly on GDPR principles
As the fallout continues following the data scandal embracing Facebook and Cambridge Analytica, after facing heavy criticism for his long silence, its CEO Mark Zuckerberg has finally emerged with a six-step plan to improve privacy across its platform.
But, just how far did the tech giant stray from the fundamental data protection principles?
So which GDPR principles did Facebook breach?
- Principle 1 - Personal data must be processed fairly, lawfully and in a transparent way
- Principle 2 - Personal data should be collected only for specified, explicit and legitimate purposes, and not processed in a manner that is incompatible with those purposes
- Principle 3 - The personal data collected should be adequate, relevant and limited to what is necessary for our purpose
- Principle 4 - Personal data should be accurate and kept up-to-date. Reasonable steps must be taken to ensure that inaccurate personal data is erased or rectified immediately
- Principle 5 - Personal data must not be kept (in a form that permits identification of data subjects) longer than is necessary for the purpose
- Principle 6 - Personal data must be protected against unauthorised access, unlawful processing, and accidental loss, destruction or damage
Scores on the board - 0/6
If you need to get back on track like Mark, click on the link below and download our free training presentation on GDPR.
Want to do better than Facebook?
As well as 30+ free compliance training aids, we regularly publish informative GDPR blogs. And, if you're looking for a training solution, why not visit our GDPR course library.
If you've any further questions or concerns about GDPR, just leave us a comment below this blog. We are happy to help!