<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">
    Login
    Get started

    Facebook value drops $50bn after data scandal

    Published on 26 Mar 2018 by Lynne Callister

    facebook data scandal

    Facebook's value has dropped $50bn following the data scandal which saw 50 million users' personal data being scraped and shared with data firm Cambridge Analytica, without their knowledge.

    The scandal started in 2014, when Facebook users were paid to take part in a quiz by University of Cambridge academic, Aleksandr Kogan. This subsequently resulted in participants' personal data, as well as their friends' data, being harvested.

    A whistleblower alleges this data was sold on to Cambridge Analytica who used it for psychological profiling and, it's claimed, to also influence voting in American and other elections.

    What GDPR principles may have been broken in this data scandal and what are the various infringements?

    • It waited several years before admitting data harvesting, despite being warned by journalists in 2015 about the breach.
    • It failed to ensure proper accountability and implement appropriate technical and organisational measures to safeguard personal data - other apps harvested personal data using Facebook's infrastructure which was not locked down until 2015 to prevent that happening.
    • It's unlikely that Data Protection Impact Assessment or Privacy Impact Assessment would have been facebook data scandalcarried out.
    • Facebook had no proper control over third parties - it didn't audit them properly to see what personal data they had, or carry out checks to verify whether they had in fact deleted that data, relying instead on self-certification.
    • The firm had a poor understanding overall of its personal data landscape.
    • There were likely breaches relating to the international transfers of personal data.
    • With no proper control over third parties, can Facebook really deliver on the right to be forgotten or right to rectification in the future - and with so many others in the supply chain and various other Facebook apps potentially still having access to personal data?
    • Proper consent was not obtained from those in friends' networks - who were unaware their data had even been harvested and shared.
    • Since users were unaware of automated profiling, they could not exercise their right to object to it or confirm that the data accurately represented their views.
    • Facebook failed to notify users about the breach - something it is required to do under its consent decree with the Federal Trade Agreement and data protection laws.
    • If rumours of Cambridge Analytica's involvement in elections are true and voting preferences were scraped too, we can add serious breaches of the rules on special category (sensitive) data to the list.

    With many of these infringements attracting the maximum fine of €20m or 4% of annual global turnover, it's going to be a challenging year for the tech giant. Based on its annual turnover of $27.64 billion US dollars in 2016, under GDPR the firm would face a whopping €900m fine. Hmm, slightly more than the €20m fine, then, and that doesn't even consider the very many different offences committed here.

    Want to know more about GDPR?

    As well as 30+ free compliance training aids, we regularly publish informative GDPR blogs. And, if you're looking for a training solution, why not visit our GDPR course library.

    If you've any further questions or concerns about GDPR, just leave us a comment below this blog. We are happy to help!

    Leave a comment

    Tick

    Free Trial: Compliance Essentials

    Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

    Request now

    The Biggest Financial Crime Fines

    Monetary fines are the most common punishment for financial crimes. They serve as a powerful tool for encouraging companies to apply best practices to ensure 100% compliance. Yet, despite all the ...

    Read More
    What are the Best Workplace Learning Theories?

    Learning theories have been developing for decades, each has their own merits. We look at six of the most well established theories to explain how you can use them to improve outcomes. When designing ...

    Read More
    Biggest GDPR Fines of 2019

    Penalties for breaching the GDPR can reach up to €20 million or 4% of annual global turnover, whichever is highest. We examine the size and reasons for the biggest GDPR fines of 2019. Ever since ...

    Read More
    Highest FCA Fines of 2019

    The FCA issued a record total of £392 million in fines in 2019. In fact, the two largest fines in 2019 were larger than the 2018 totals. We've analysed they key corporate and individual fines in ...

    Read More