[ad_1]
(LONDON) – The Irish data regulator has opened a Facebook investigation following a recent data breach that allowed hackers to access 50 million accounts. The investigation could cost Facebook more than $ 1.6 billion fine.
The Irish Data Protection Commission said on Wednesday it would check whether the US social media company was complying with the European regulations that came into force earlier this year on data protection.
This is the latest headache for Facebook in Europe, where the authorities are putting pressure on the dominant technology companies in data protection. Last month, Vera Jourova, head of consumer protection in the European Union, said she was looking forward to Facebook for taking too long to clarify the terms and conditions of service regarding the processing of user data.
The commission said in a statement that it would consider whether Facebook would put in place "appropriate technical and organizational measures to ensure the security and protection of personal data processed by the latter".
The commission said earlier this week that the number of potentially affected EU accounts rose to less than 5 million.
Ireland, the leading regulator of privacy protection for Facebook in Europe, has promptly launched an investigation into the US tech company since the Friday breakthrough.
Facebook said Friday's attackers now have the opportunity to "take control" of user accounts by stealing digital keys used by the company to keep users connected. They could do this by exploiting three separate bugs in the Facebook code.
Facebook also said that hackers could also use these stolen digital keys to access applications or outside services that allow users to log in with their Facebook usernames and passwords. The company said it had found no evidence of this.
The company said that it had fixed the bugs and disconnected the 50 million users violated – as well as 40 million vulnerable users to the attack – in order to reset these digital keys. Facebook said they did not know who was behind the attacks or where they were. Neither passwords nor credit card data were stolen. At that time, the company said it had alerted the FBI and US and European regulators.
Facebook said in a statement on Wednesday that he had been in close contact with the Irish agency since she had become aware of the violation and that she would continue to cooperate with the investigation. .
Facebook has had a tumultuous year of security and privacy issues. Earlier this year, Cambridge Analytica, a data analytics company employed by the Trump campaign, improperly obtained access to personal data from millions of user profiles. A Congressional investigation later revealed that agents from Russia and other countries have been publishing fake political ads since at least 2016. In April, Zuckerberg appeared at a congressional hearing devoted to Facebook's privacy practices.
The European Union has put in place stricter data and confidentiality rules, known as the General Data Protection Regulation, in May.
The case could prove to be the first major test of the GDPR. Under the new rules, companies could be fined 4% of annual global turnover for the most serious offenses. In the case of Facebook, this could rise to more than $ 1.6 billion based on 2017 revenues.
The new rules also require companies to disclose any violations within 72 hours. The commission said Facebook had informed it that its internal investigation was continuing and that it was taking steps to "mitigate potential risks to users".
Source link
