The Latest / Data Security News
December 27, 2018
A new data breach fine could be heading Facebook’s way after personal photos of seven million users were exposed in a recent cybersecurity incident.
The data breach fine would come from the Irish Data Protection Commission (IDPC), where Facebook has its European headquarters in Dublin. Facebook is subject to EU regulation there, and subsequently the General Data Protection Regulation (GDPR) introduced this year. If companies break this regulation, they can face fines of up to $23 million or 4 percent of annual revenue. CNN estimates that would result in a maximum fine of $1.6 billion if Facebook received the maximum penalty.
The IDPC has confirmed it is opening up an inquiry into the social media giant after the latest data breach that saw personal photos exposed.
At the same time as facing this potential new data breach fine, Facebook is contesting one it received from the UK data protection watchdog, the Information Commissioner’s Office (ICO). It had received the maximum fine it could from the ICO a few months back, of $635,000, for failure to protect British users’ data in the Cambridge Analytica allegations.
However, it has now been revealed that an internal investigation by the ICO discovered that no British data had been found to be involved in the Cambridge Analytica incidents. Facebook is now appealing the fine on the grounds the ICO’s own investigation refutes the basis of the original fine.
Facebook will hope that 2019 is a less incident filled year. Data breaches are bad enough. They stall your working operations, change your focus and can damage you and you customers directly. But the cycle of fines and regulation you can be subject to after are a major drain and inconvenience that can prolong the pain from any cybersecurity mishandling and improper response. Be sure you have the solutions to minimize data incidents but also minimize any data breach fines.