Social network giant Facebook faces a fine of £500,000 for its role in the Cambridge Analytica controversy as part of an ongoing investigation by Britain’s information watchdog into the use of data analytics in political campaigns.
Facebook, with Cambridge Analytica, has been the focus of the Information Commissioner Office’s (ICO) investigation since February when evidence emerged that an app was used to harvest data of 50 million Facebook users across the world.
The ICO’s investigation concluded that Facebook contravened the law by failing to safeguard people’s information. It also found that the company failed to be transparent about how people’s data was harvested by others, ICO said in an update on its probe on Tuesday.
CA’s role in political campaigns in India also made headlines earlier this year when The Observer reported details about its activities provided by whistleblower Christopher Wylie. A separate investigation by a parliamentary committee is also on.
Information commissioner Elizabeth Denham said, “We are at a crossroads. Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes”.
“New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters. But this cannot be at the expense of transparency, fairness and compliance with the law.
“Fines and prosecutions punish the bad actors, but my real goal is to effect change and restore trust and confidence in our democratic system.”
Denham has also called for an ethical pause to allow government, Parliament, regulators, political parties, online platforms and the public to reflect on their responsibilities in the era of big data before there is a greater expansion in the use of new technologies.
She said, “People cannot have control over their own data if they don’t know or understand how it is being used. That’s why greater and genuine transparency about the use of data analytics is vital.”
The ICO update said it is its “intention to fine Facebook a maximum £500,000 for two breaches of the Data Protection Act 1998”. It is the maximum penalty applicable under the previous law, which has since been revised to provide for higher penalties.
Since May 25, 2018, the ICO has the power to impose a civil monetary penalty on a data controller of up to £17 million or 4% of its global turnover. Facebook has a chance to respond, after which a final decision will be made.
Other regulatory action set out in the ICO update includes warning letters to 11 political parties and notices compelling them to agree to audits of their data protection practices.