This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| less than a minute read

Facebook Parent Co Fined $275M for EU Privacy Violations

In late November, the Irish data regulator announced a $275M fine against Meta for privacy violations by Facebook. The company must also undertake "a range of specified remedial actions" imposed by the regulators. The violations stemmed from hundreds of millions of users' data being made accessible to data scrapers and then posted on hacking forums. The data were vulnerable due to a Facebook feature that allowed users to connect easily with their stored contacts.  

Why It Matters

The fine itself is an eye-popping reminder that privacy is not a joke in the EU and other regions. Businesses that use social features to engage with their users and consumers need to pay close attention to how their tools and features procure and use personal data, to ensure that they do not expose it to unauthorized third parties. They also need to be sure that privacy policies accurately and thoroughly disclose what happens with data gathered through social features.  

Between May 2018 and September 2019, scrapers exploited a tool designed to help Facebook users easily connect with their contacts to sweep up a trove of personal data, including users' full names, locations and birthdates, according to Ireland's Data Protection Commission. The tool, which has since been phased out, breached GDPR's Article 25, which requires that companies build data protection into products "by design and default," the regulator said.

Tags

data security and privacy, hill_mitzi, insights
post featured image
On this episode of Conversations with TED, I discuss the growing importance of Decentralized Autonomous Organizations (DAOs). I share how...