The ICO intends to fine Facebook a maximum of £500.000

12. July 2018

The British Information Commissioner’s Office (ICO) intends to fine Facebook a maximum of £500,000 after investigating the Facebook/Cambridge Analytica case. Back then, the Investigation started because of allegations that information of about 50 million Facebook users were obtained by Cambridge Analytica without the data subject’s consents by the use of a personality-analysis app. Present estimate suggest that about 87 million users were affected, as the ICO reports.

As stated by the ICO, it intends to fine Facebook for two breaches of the Data Protection Act 1998. It is further said, that Facebook should have contravened the law by failing to safeguard people’s information and failing to be transparent regarding the harvesting of people’s data by others. Facebook, however, will have the possibility to respond to the Notice of Intent. Afterwards a final decision will be made.

Unlike the much higher fees (up to €20 million or 4% of their global annual turnover, whichever is higher) that might be imposed under the General Data Protection Regulation (GDPR), depending on the individual case, £ 500.000 is the maximum possible under the British Data Protection Act 1998. The reason that the Data Protection Act 1998 and not the General Data Protection Regulation was applicable is the time of the events, since they happened before the 25th May 2018, which was the time the General Data Protection Regulation became directly applicable in all member states.

Category: EU · USA
Tags: ,