Facebook has been fined £500,000 by the UK’s data protection watchdog over its role in the Cambridge Analytica data scandal.

The Information Commissioner’s Office called the incident a “serious breach of data protection law” and issued Facebook with the maximum fine allowed. The incident took place under old data protection rules; had the new GDPR laws come into effect the fine could have been substantially higher as the ICO is now able to fine companies £17m or 4% of global turnover, whichever is higher.

The ICO informed Facebook it intended to issue a fine back in July as part of a wide-raging investigation into the use of data analytics for political purposes. Despite representations from the company, the ICO went ahead with the decision to issue the maximum fine.

The watchdog says Facebook “failed” to keep personal information secure by not checking on apps and developers using its platform. It adds that Facebook processed personal information “unfairly” by allowing developers to access personal information without clear and informed consent and in cases where users had not downloaded an app but were “simply ‘friends’” with people who had.

Facebook says it is “reviewing” the decision but admits it should have done more.

“While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015,” the company says in a statement.

“We are grateful that the ICO has acknowledged our full co-operation throughout their investigation and have also confirmed they have found no evidence to suggest UK Facebook users’ data was in fact shared with Cambridge Analytica.”

Sourced through Scoop.it from: www.marketingweek.com