With GDPR on the horizon nothing could highlight data protection issues like the shocking revelation that Facebook failed to protect 50 million of its users whose data was obtained by Cambridge Analytica. Amongst allegations that Cambridge Analytica played a central role in Donald Trump’s election victory and even the Referendum result the Information Commissioner has forced Facebook to pull an audit of Cambridge Analytica’s offices as she applies for an urgent warrant to access their servers.
Whilst the facts are murky with regard to the relationship between Facebook and Cambridge Analytica and the 'harvesting' of personal data, if Facebook is fined for breaches of the Data Protection Act 1998 the maximum fine would be £500,000; under the GDPR the fine could be the higher of 4% of Facebook’s gross turnover and €20 million.
Data protection and GDPR are certain to remain in the headlines in the coming weeks as data controllers come under further scrutiny by the Information Commissioner.
Facebook founder Mark Zuckerberg has admitted that the social network "made mistakes" that led to millions of Facebook users having their data exploited by a political consultancy.