Facebook could be fined more than a billion dollars, following a European regulator’s probe into the recent breaches of the social networking site’s user privacy.
The Irish Data Protection Commission, which oversees Facebook's compliance with European law, confirmed to CNN on Friday it launched a "statutory inquiry" into Facebook. Under the General Data Protection Regulation (GDPR) of Europe, Facebook - with its European headquarters in Dublin - is obligated to inform the Irish regulatory body within 72 hours of discovering any data breach. If the GDPR deems a company to have violated rules/laws, the latter could face a maximum fine of $23 million or 4% of their annual global revenue. By that estimate, Facebook could potentially have to cough up to $1.6 billion if found ‘guilty’ by the European regulators.
On Friday, Facebook revealed that a bug on its social networking platform let third-party app developers access up to 6.8 million Facebook users' photos over a 12-day period. These photos may not have been shared publicly by the users. The bug was discovered by Facebook in September, but it reported the breach to its European regulator two months later, on November 22 – according to the company. Facebook claims it filed the report as soon as it had "established it was considered a reportable breach."
This follows the September announcement from Facebook, about hackers infiltrating around 50 million user accounts on the website. Also earlier this year, a data scientist working for Cambridge Analytica disclosed that the company had several years ago used Facebook data on tens of millions of Americans.