Meta Faces Costly Day with Legal Settlements and Fines
Meta is facing a hefty financial hit today. In Australia, the company has agreed to pay a $50 million AUD ($31.7 million USD) settlement related to the Cambridge Analytica scandal. On top of that, the Irish Data Protection Commission (IDPC) has slapped Meta with a €251 million ($263 million) fine. This fine is connected to a significant data breach on Facebook that occurred in 2018.
The data breach happened because hackers found a flaw in Facebook’s code, specifically with the “View As” feature. This vulnerability allowed them to access users’ accounts by stealing access tokens. As a result, the hackers were able to log into approximately 29 million Facebook accounts worldwide, three million of which were in the European Union and European Economic Area. The hackers accessed personal information like full names, email addresses, phone numbers, locations, dates of birth, religions, and children’s personal data.
The IDPC holds Meta accountable for not implementing adequate data protection measures in its system design, failing to process personal data strictly when necessary, and not fully disclosing details about the breach.
DPC Deputy Commissioner Graham Doyle emphasized, “This enforcement action demonstrates the serious risks and potential harm individuals face when data protection is not integrated throughout the design and development process. The unauthorized exposure of profile information due to this breach posed significant misuse risks to this data.”
In response, a Meta spokesperson told Engadget, “This decision pertains to an incident from 2018. We took immediate measures to fix the issue as soon as we identified it, and we proactively informed those affected as well as the Irish Data Protection Commission. We have a broad range of leading measures in place to safeguard users across our platforms.”
Cambridge Analytica Scandal Settlement in Australia
In Australia, the settlement over the Cambridge Analytica scandal originates from a whistleblower’s revelation in 2018 that the company had misused Facebook to gather millions of profiles. Facebook learned about this three years prior. Cambridge Analytica used the gathered data to influence voters in the US during Donald Trump’s 2016 campaign and the Pro-Brexit campaign. The company was previously headed by Steve Bannon, who recently served jail time for not cooperating with the January 6 investigation.
The settlement aims to compensate approximately 311,127 individuals. Those eligible must have had a Facebook account between November 2015 and December 2015, spent over 30 days in Australia during that time, and either personally installed or had a Facebook friend who installed the “This is Your Digital Life” app. Meta has also agreed to pay $725 million to users in the US.
Update, December 17 2024, 10:19AM ET: This article has been updated to include a statement from a Meta spokesperson.