One of 2018’s biggest revelations was that Facebook completely failed its users when it allowed Cambridge Analytica to access personal data without their consent. For this massive privacy breach, Facebook has been fined a whopping… £500,000?
The measly fine — which amounts to around €565,000 or $645,000 — was issued by the UK Information Commissioner‘s Office today and cements the initial ruling in July, the Guardian reports.
It doesn’t take a genius to work out that the fine is pocket change for the social media giant. The company surpassed €35 billion in revenue in 2017, which would make today’s fine around 0.001 percent of last year’s revenue. Quartz calculated it would take the company only a few minutes to earn back the fine’s amount.
UK authorities aren’t intentionally going easy on Zuck and friends. £500,000 was the absolute highest amount they could fine the company due to a cap set in the old data protection regulation legislation.
There’s one positive aspect to the story though — the next fine could be higher.
The EU‘s ambitious new data regulation, GDPR, — which sadly came into effect only after the Cambridge Analytica scandal — significantly increases the maximum fine for data breaches. It allows fines up to €20 million, or four percent of the company’s global annual turnover, whichever is higher.
That means if Facebook would be fined for a similar breach later on, it could end up having to pay €1.4 billion, based on 2017 revenue. Now that might actually hurt.
That painful fine might not be far off. Just last month, Facebook announced that a new data breach affected 50 million users. The tech giant’s sloppy handling of personal data has led to a new investigation by the Data Protection Commission of Ireland. If Facebook is fined for this latest breach, it would be under the new beefed up GDPR with its threatening new cap.