ICO hints at Facebook hypocrisy over data protection goals

Elizabeth Denham asks Facebook to drop appeal after CEO's call for greater internet regulation

ICO Elizabeth Denham

The Information Commissioner's Office (ICO) has responded to Mark Zuckerberg's call for greater regulation for internet firms, by asking Facebook to drop its appeal over a data protection fine.

Writing an opinion piece in the Washington Post, Zuckerberg outlined four areas which he felt new regulations and standardised systems were needed. He called for the global enforcement of privacy, election integrity and data protection rights.

While these all sound like the right things to say, the UK's Information Commissioner Elizabeth Denham took the opportunity to point out that Facebook is still fighting current regulations.

"In light of Mark Zuckerberg's statements over the weekend about the need for increased regulation across four areas, including privacy, I expect Facebook to review their current appeal against the ICO's 500,000 fine - the maximum available under the old rules - for contravening UK privacy laws," she said in a statement on Monday.

The fine Denham referred to is the 500,000 fine, the maximum under the Data Protection Act 1998, which the regulator imposed on Facebook in October for serious breaches of data protection law.

An ICO investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing app developers access to their information without clear and informed consent - this also included access even if users had not downloaded the Facebook app, but were friends with people who had.

Facebook also failed to keep personal information secure because it failed to make suitable checks on apps and developers using its platform. This directly led to the Cambridge Analytica scandal, which has seen Facebook become the focus of tougher internet and data regulations.

Since then, the social network and Zuckerberg, has sought to change its reputation and by repeatedly sending out the message that it's doing everything it can to comply with data privacy. However, despite talking a good game, there have been plenty of incidents to show the company still isn't on the ball when it comes to data protection, such as the recent announcement that millions of users passwords were left unencrypted.

In response to the ICO's call to drop its appeal, Facebook told IT Pro that it thinks there is a place for increased regulation of the tech industry, but that doesn't mean it won't disagree with regulators on some of the decisions made. The social network stands by the statement it released in November, outlining its appeal.

"The ICO's investigation stemmed from concerns that UK citizens data may have been impacted by Cambridge Analytica, yet they now have confirmed that they have found no evidence to suggest that information of Facebook users in the UK was ever shared by Dr Kogan with Cambridge Analytica, or used by its affiliates in the Brexit referendum," a spokesperson said.

"Therefore, the core of the ICO's argument no longer relates to the events involving Cambridge Analytica. Instead, their reasoning challenges some of the basic principles of how people should be allowed to share information online, with implications which go far beyond just Facebook, which is why we have chosen to appeal."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020