The Information Commissioner’s Office (ICO) has fined Facebook £500,000 for serious breaches of data protection law.

This is the result of a widely publicized investigation into the use of data analytics for political purposes. As a reminder, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had. In addition, Facebook failed to keep users personal information secure because it failed to make suitable checks on apps and developers using its platform.

The fine of £500,000 is the maximum allowed under the Data Protection Act (DPA) 1998 - the law which applied at the time the incidents occurred. The DPA 1998 was replaced in May 2018 by the Data Protection Act 2018, alongside the General Data Protection (GDPR). The maximum fines allowed under the new legislation is £17 million or 4% of global turnover.

At Markel Law we regularly comment on SME related matters. 

Follow this link to find out more about Markel Law and how we can assist your business.