Skip to main content
  1. Home
  2. News

Facebook sued by Australian privacy regulator over Cambridge Analytica scandal

By

Facebook is facing yet more legal issues stemming from the Cambridge Analytica scandal. The Australian Information Commissioner is bringing a Federal Court lawsuit against the social media giant.

Recommended Videos

Facebook is accused of disclosing the personal data of more than 300,000 users, which is a breach of Australian privacy laws. The Information Commissioner’s office has been working on an investigation of the issue for two years and is seeking a fine of up to $1.7 million Australian dollars ($1.1 million U.S.).

Related

The issue at the heart of the case is the “This Is Your Digital Life” survey tool which ran on Facebook’s platform. From 2014 to 2015, the personality quiz hoovered up data from unsuspecting users which was inappropriately shared by the Cambridge Analytica firm. The data included names, email addresses, locations, birth dates, friend information, what pages users had liked, and in some cases, Facebook messages.

“We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control about how their personal information was disclosed.,” Information Commissioner Angelene Falk said in a statement. “Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy.”

The number of Australians affected by the issue was small compared to the global impact, in which it was estimated that a total of 87 million users were affected. However, the Australian Information Commissioner said that Facebook had failed to provide information on which Australian users were affected.

In response, Facebook said that it has made changes to its platform to improve privacy and allow users more control over their data. “We’ve made major changes to our platforms, in consultation with international regulators, to restrict the information available to app developers, implement new governance protocols and build industry-leading controls to help people protect and manage their data,” a Facebook representative said in a statement to Reuters. “We’re unable to comment further as this is now before the Federal Court.”

Other countries have taken action against Facebook for its role in the privacy scandal, including a $5 billion settlement reached between the company and the U.S. Federal Trade Commission and a 500,000 British pound fine from the U.K. Information Commissioner’s Office.

Editors' Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
The EU could hit Facebook with billions in fines over privacy violations
Facebook CEO Mark Zuckerberg

Facebook may be facing some hefty fines from the EU.
The European Union is reportedly nearing the end of its investigation into some of the cases it opened against Facebook under the EU’s General Data Protection Regulation or GDPR, the Wall Street Journal reports.
In total, Ireland’s Data Protection Commission, which is leading the investigation since Facebook’s HQ in Europe is in Dublin, has 11 cases against the social network.
Some of those cases have been finalized to a point where the Commission has passed along its final investigative reports. Decisions, along with any proposed fines and sanctions, are expected to be near completion by the end of September.
If you’re not familiar, GDPR is a set of data privacy laws in the EU designed to give EU citizens more control over their personal data and how it is collected, stored, and used.
The law went into effect on May 25, 2018. We wrote a detailed primer on the law that can help explain things.
Even though Facebook is based in the United States, GDPR laws apply to the company since its service is used by individuals in the European Union.
The cases against Facebook are among the first GDPR cases to involve companies based in the United States. The results of the case could ultimately have an impact on privacy laws and regulations in the United States as well.
Under the GDPR, fines for violations can be up to 4% of a company’s worldwide revenue for the preceding year. In the case of Facebook, that could reach to $2.23 billion.
The EU didn’t provide much information about which cases it was nearing completion on. However, it did name one case, which involves whether Facebook gives WhatsApp users sufficient information about what it shares with Facebook proper.
In July, Facebook settled with the Federal Trade Commission in the United States over privacy violations, a settlement that required the social network to pay $5 billion, the largest fine in FTC history.
While that fine is a lot of money, to put things in perspective, Facebook earned $16.6 billion in revenue during the first three months of 2019.

Read more
Privacy group sues FTC, says $5 billion Facebook fine is chump change
Facebook CEO Mark Zuckerberg

Earlier this week Facebook settled with the Federal Trade Commission (FTC) over privacy violations to the tune of $5 billion, the largest fine in the history of the FTC. While certainly huge, one privacy group thinks that the $5 billion fine isn’t quite enough.
The Electronic Privacy Information Center, known as EPIC, filed a lawsuit against the FTC regarding the settlement on Friday, saying that it is "insufficient to address the concerns originally identified by EPIC and the consumer coalition, as well as those findings established by the Commission.”
The group wants the FTC to “require Facebook to restore the privacy settings users had in 2009; give users access to all of the data that Facebook keeps about them; stop making facial recognition profiles without users' consent; make the results of the government privacy audits public; and stop secretly tracking users across the web.”
It also wants the amount of the fine to be increased. While $5 billion is a large amount, it is a small penalty for the $571 billion company.
“The proposed order wipes Facebook’s slate clean without Facebook even having to admit guilt for its privacy violations,” reads the group’s complaint to the FTC.
“EPIC supports the findings in the FTC Complaint and supports, in part, the directives contained in the Consent Order. The Order makes clear that companies should not engage in unfair and deceptive trade practices, particularly in the collection and use of personal data. However, the proposed Order is insufficient to address the concerns originally identified by EPIC and the consumer coalition, as well as those findings established by the Commission.”
Many other critics also felt the settlement didn't go far enough. The two Democrats on the commission voted against it -- with and one commission, Rohit Chopra, criticized it for not holding senior executives like CEO Mark Zuckerberg or COO Sheryl Sandberg personally accountable for the violations.

https://twitter.com/chopraftc/status/1154010758138736640
In addition to the $5 billion fine, the FTC is requiring Facebook to submit to new restrictions as well as a modified corporate structure that will hold the company accountable for decisions it makes about its user’s privacy.
While it certainly could have been higher, the $5 billion fine is almost 20 times higher than the largest privacy or data security penalty ever imposed worldwide, says the FTC and is one of the largest penalties ever assessed by the U.S. government for any violation.

Read more
The FTC’s $5 billion privacy fine on Facebook could’ve been much, much bigger
Facebook CEO Mark Zuckerberg

The federal government almost fined Facebook tens of billions of dollars for privacy violations -- and nearly held CEO Mark Zuckerberg accountable -- instead of the eventual $5 billion settlement between the Federal Trade Commission (FTC) and the social media giant.

The $5 billion dollar penalty was still an all-time record for an FTC fine, but the agency’s privacy investigation could have resulted in a much harsher punishment, according to The Washington Post.

Read more