Following a controversial breach of user data, social media giant Facebook been hit with a £500,000 fine from the UK’s GDPR watchdog.
Under GDPR, companies responsible for a breach of data are liable to fines up to 4% of annual turnover. For Facebook, this would have amounted to a penalty worth £479m.
Following a 16-month investigation by the Information Commissioner’s Office (ICO), Facebook was deemed to have failed to ensure controversial data harvester, Cambridge Analytica, had deleted data of Facebook users.
The ICO has confirmed it intends to fine Facebook £500,000 over the incident, which was made public by whistle-blower and former Cambridge Analytica employee, Christopher Wylie, in revelations made to the Observer and New York Times newspapers.
In an official statement, the watchdog said: “The ICO’s investigation concluded that Facebook contravened the law by failing to safeguard people’s information.”
“It also found that the company failed to be transparent about how people’s data was harvested by others.”
While the highest fines under the new data protection bill, legislation which brought GDPR into UK statute books, are set at £17m or 4% of annual turnover, whichever is higher, the ICO was forced to act under old data protection laws as Facebook’s offences took place in 2016.
Responding to Facebook’s fine, Kyle Taylor, director of campaigning group Fair Vote UK, suggested the represented a mere slap on the wrist for Facebook.
“Under new GDPR laws, the ICO could fine Facebook £479m.”
“Unfortunately, because they had to follow old data protection laws, they were only able to fine them the maximum of £500,000. This is unacceptable,” Taylor added.
Information Commissioner Elizabeth Denham maintained that accountability for such data breaches was not “all about fines”, as companies also have a reputation at stake.
She added: “Fines and prosecutions punish the bad actors, but my real goal is to effect change and restore trust and confidence in our democratic system,” she said.
Facebook has a chance to respond to its fine before a final decision is made.
Sign up to our newsletter to get the latest from Business Advice.