Australia’s privacy watchdog is suing Facebook over Cambridge Analytica data breach.
In 2018 it was revealed that political consulting company Cambridge Analytica had harvested personal data of millions of Facebook users without consent and used the data for political advertising. The news became a global scandal with lasting consequences. Data of 87 million Facebook users was collected by the company, including names, dates of birth, location, email addresses, friend lists, page likes, and even messages for some users.
The data was acquired using an app called This is Your Digital Life, developed by data scientist Aleksandr Kogan. Tens of thousands of users used the app and granted it access to their Facebook information, which allowed the app to access their friends lists and harvest the data of all those people as well. The data was then used for political profiling and developing software that would predict and even influence voters, which is not what the app said the data was collected for when asking users to grant permission. Facebook became aware of the unauthorized data collection in 2015 but did not pursue any action apart from asking Cambridge Analytica to delete the data. Nor did it inform affected users.
After journalists made the data harvesting public in 2018, Facebook found itself in serious trouble. And two years later, they’re still in deep waters. This time, Australia’s privacy watchdog is suing the social media giant for allowing improper use of Australian user data. According to a statement, the Australian Information Commissioner has lodged proceedings against Facebook in the Federal Court, claiming that Facebook has committed serious and/or repeated interferences with privacy in contravention of Australian privacy law.
“The Commissioner alleges that the personal information of Australian Facebook users was disclosed to the This is Your Digital Life app for a purpose other than the purpose for which the information was collected, in breach of the Privacy Act 1988,” the statement reads.
The Australian privacy watchdog believes that 311,127 Australians had their Facebook data exposed and sold for purposes including political profiling. The majority of these users did not install the app themselves, and their data was harvested via their friends’ use of This is Your Digital Life. Furthermore, the privacy watchdog also alleges that the social media giant did not take appropriate steps to protect user information from unauthorized disclosure.
Australian Information Commissioner and Privacy Commissioner Angelene Falk has said that Facebook’s design made it difficult for users to exercise reasonable choice and control over how their personal information was disclosed.
“Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy,” she said.
Commissioner Falk also believes that “these were systemic failures to comply with Australian privacy laws by one of the world’s largest technology companies”.
Each contravention could cost Facebook $1.7 million, if imposed by the Federal Court. This means Facebook could be facing a fine of $539 billion.
“The Commissioner may apply to the Federal Court for a civil penalty order alleging that an APP entity has engaged in serious and/or repeated interferences with privacy in contravention of s 13G of the Privacy Act. The Federal Court can impose a civil penalty of up to $1,700,000 for each serious and/or repeated interference with privacy (as per the penalty rate applicable in 2014–15).”