My TechDecisions

Network Security

EU Imposes First GDPR Notice on Facebook

The social media giant, Facebook, was involved in a scandal that led to 87 million users’ data being used without their consent, and the GDPR took notice.

Leave a Comment

Facebook Photos

The European Union’s General Data Protection Regulation went into effect on May 25th of this year, requiring companies to report data breaches with 72 hours of the incident. Failure to comply with the regulation could lead to a fine of up to €20 million or four percent of annual global turnover, whichever option is higher. The preceding policy—the Data Protection Act 1998—limited the highest fine to €500,000.

This regulation takes a hard stance against companies lacking in transparency and not taking adequate measures to store citizens private information. Facebook’s involvement in a recent data scandal, which led to the personal information of 87 million citizens’ data being used without their consent, earned them their first GDPR notice, according to ZDNet.

Since the new policy went into effect, the UK’s Information Commissioner’s Office (ICO) receives about 500 calls a week reporting data breaches, but they have yet to issue a fine. They sent out their first GDPR-related notice to AggregateIQ Data Services (AIQ) back in July, but the notice was only discovered recently by the legal firm Mishcon De Reya.

AIQ was a provider of software and tools for the Facebook-Cambridge Analytica data breach making them the target of the ICO’s investigation “into the use of data analytics in political campaigns.” AIQ claims to still be in possession of EU citizen data, which the ICO says has been done without those citizens’ consents.

“The controller [AIQ] has failed to comply [with GDPR]. This is because the controller has processed personal data in a way that the data subjects were not aware of, for purposes which they would not have expected, and without a lawful basis for that processing,” said the ICO, who has given the AIQ 30 days to comply with their requirement to “cease processing any personal data of UK or EU citizens obtained from UK political organizations or otherwise for the purposes of data analytics, political campaigning or any other advertising purposes.”

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ