Irish Data Protection Commission is Investigating Facebook Again Because of a Glitch

by

The Irish Data Protection Commission (DPC) is investigating one more prospective General Data Protection Regulation (GDPR) violation by Facebook, following the admission of the company that a glitch may have granted the access to the unposted pictures of around 6.8 million Facebook users by unauthorized people.

The DPC is about to investigate the incident relating to the GDPR that was implemented by the EU on May 25, 2018. The data protection legislation was designed to grant regulators the power to sanction organizations that do not adequately protect personal data. Organizations can get charged by as much as €20 million or 4% of an organization’s annual global revenues, whichever amount is higher, if they do not abide by the GDPR. If Facebook is penalized, it could possibly be as high as €1.4 billion, according to its 2017 annual revenue of €35.2 billion.

Facebook is covered by the DPC’s jurisdiction considering that its European head office is established in Dublin. Graham Doyle, the DPC Communications Head, said the Irish DPC has acquired a number of breach notices from Facebook since May 25, 2018 when the GDPR was implemented. A statutory query into the compliance of Facebook with the GDPR started this week.

Facebook released a statement mentioning that the accidental breach in September 13 to 25 may have been because of Facebook users that logged in and authorized third-party apps to view their photos.

Facebook Engineering Director Tomer Bar discussed to apps developers that whenever an individual gives consent for an app to view their pictures on the platform, it generally enables the app to gain access to photographs shared by people on their timeline. Nevertheless, the bug primarily enabled the developers to see other photographs, such as those found on Marketplace or on Facebook Stories.

This is the latest incident in Facebook’s busy year in relation to data privacy investigations. One investigation was began in October because of the compromise of roughly 50 million user accounts in a Facebook data breach.

James Keogh

James Keogh has been writing about the healthcare sector in the United States for several years and is currently the editor of HIPAAnswers. He has a particular interest in HIPAA and the intersection of healthcare privacy and information technology. He has developed specialized knowledge in HIPAA-related issues, including compliance, patient privacy, and data breaches. You can follow James on Twitter https://x.com/JamesKeoghHIPAA and contact James on LinkedIn https://www.linkedin.com/in/james-keogh-89023681 or email directly at [email protected]