The famous social media platform, Facebook is once again under investigation in Europe for a leak that disclosed the private data of more than 530 million users from all over the world of its services. The Irish Data Protection Commission, the protector responsible for guaranteeing Facebook complies with European privacy laws, declared on Wednesday that it was initiating an investigation into whether the breach developed a violation of the General Data Protection Regulation (GDPR).
The private information about hundreds of millions of Facebook users, comprising names, dates of birth, email addresses, and phone numbers, was discovered on a hacker website in January. The dataset is said to be containing data of 533 million users from 106 countries. “We are cooperating fully with the IDPC in its inquiry, which relates to features that make it easier for people to find and connect with friends on our services. These features are common to many apps and we look forward to explaining them and the protections we have put in place,” said a spokesperson for Facebook in an emailed statement.
Read more: Personal Facebook data of 533 million users exposed online in a massive leak
Moreover, if Facebook is concluded to have violated the EU’s data rules, the company could face a monetary penalty of up to 4 percent of its $86 billion global revenue. When news of the breach first broke, the company said the data was scrapped because of a vulnerability that the firm patched in 2019, and downplayed the problem as “previously reported”, but Facebook never publicly discussed the vulnerability in detail until the breach of data this month.
Read more: Personal data scraped from 500 million LinkedIn users found for sale online
Furthermore, the EU investigation is expected to investigate whether Facebook had a lawful obligation to inform users and European regulators when the company found and patched up the vulnerability. The EU’s data privacy rules, known as GDPR, require such disclosures, but the GDPR is only implemented on the data processed after the year 2018, and therefore, it is not certain yet clear if the leaked Facebook data was scraped before the GDPR went into effect.
Source: Business Insider
Image Source: Security Magazine