Skip to main content

Facebook's Cambridge Analytica fine could have been even bigger under GDPR

Facebook has been warned that it could have faced much sterner punishment from UK watchdogs for its part in the Cambridge Analaytica data breach scandal.

It was revealed earlier today that the social media giant had been hit with a £500,000 penalty from the Information Commissioner's Office (ICO) following the revelation that it misused user data.

However Facebook can count itself lucky that it avoided a much larger fine, which could have been the case if the case had been carried out under the spectre of GDPR.

Facebook Cambridge Analytica fine

GDPR regulations, which came into force on May 25th, state that companies would face much harsher penalties for misuse of user data.

The new legislation imposes a maximum fine of whichever is higher between the figure of €20m (£17m), or four percent of the offending company’s annual global turnover. 

According to its last results, this means that Facebook could have been hit with a maximum fine of around £1.2bn. 

Instead of being charged under GDPR, Facebook was called up for for two violations of the 1998 Data Protection Act - first off for failing to safeguard the data of its users, but also for failing to inform its users that their data was being harvested.