Talks about the possibility of multibillion dollars fines being imposed on Facebook surfaced in Europe after a European regulator said on Friday that an investigation into why the largest social media company of the world was repeatedly failing to protect user privacy is being launched by it.
After receiving multiple reports of data breaches impacting the firm, a “statutory inquiry” into Facebook’s activities has been launched by it, announced the Irish Data Protection Commission on Friday. This agency is tasked with the responsibility of overseeing that Facebook complies with all of the European laws for data protection and anti-trust.
This announcement was made by the agency soon after the US tech giant announced on the very day that photos of about 6.8 million of its users had been exposed to third party app developers because of a bug. It was not long ago but in September this year that company made public its biggest security breach in its history which resulted in hackers being able to access private information of tens of millions of users of the social media platform.
The General Data Protection Regulation (GDPR), which is a European regulation that was adopted by the European Union and came into effect in May this year, granted the power to the Irish data regulator to initiate an inquiry into Facebook and its activities.
It is mandatory on Facebook to inform the Irish data regulator of any breach within 72 hours of an incident of data breach or hacking because the European headquarter of the US company is in Ireland’s Dublin and hence falls under the GDPR rules.
A maximum fine of $23 million or 4% of their annual worldwide revenue, whichever is higher, would be faced by companies which violate the GDPR regulations.
For Facebook, which generated total revenues of almost $40 billion in 2017, and is its revenues remain more or less the same for 2018, the maximum amount of fine that the company could face would be up to $1.6 billion.
Facebook discovered the data breach and the existence of the bug in September. The bug allowed third party app developer access to photos of millions of Facebook users and took place over a 12-day period. But the social media company failed to meet the GFPR regulations because it reported the incident to the Irish regulators two months later, on November 22, according to the company.
The report of the data breach was reported to the concerned authorities as soon as the company was able to establish that it was considered to be a reportable breach, Facebook said.
The Irish Data Commission has initiated an inquiry this week because there have been several notifications of data breach reported by Facebook, said Graham Doyle, the regulator’s head of communications.
“We are in close contact with the Irish Data Protection Commission and are happy to answer any questions they may have,” a Facebook spokesperson told the media.
(Adapted from FoxNews.com)