Legal problems continue to stack up on Facebook. This time, Irish authorities are investigating the data leak that affected over half a billion users.
It’s beginning to look like there is more legal uncertainty every day for Facebook. The Irish data regulator is opening an investigation into Facebook looking for any evidence of wrongdoing on Facebook’s part. Last week, we reported on the data leak which saw over half a billion Facebook users exposed after login credentials and other pieces of personal information were left unencrypted on an Amazon bucket. The leak gradually expanded. Apparently, “millions” of Instagram users have also been impacted by the leak.
Here’s a report from CNN:
Ireland’s data regulator has opened an investigation into Facebook for mishandling the passwords for hundreds of millions of its users.
The probe announced Thursday by the Irish Data Protection Commission is the latest in a series of privacy and data investigations targeting Facebook, and could result in billions of dollars in penalties.
Facebook (FB) said in March that it failed to properly mask the passwords for a huge number of users, storing them as plain text in an internal database that could be accessed by its staff.
The news comes after privacy commissioners of Canada and British Columbia released a report saying that Facebook is violating privacy laws. They are using that report as a launchpad to potentially take Facebook to court. They are also using the report to call on Canadian politicians to give it power to levy fines against companies who violate privacy laws. Currently, there is little they can do.
Unlike Canadian privacy commissioners, Irish data regulators do have the power to levy fines. This is thanks to the General Data Protection Regulations (GDPR). As we mentioned in our previous report, this latest leak could fall under the GDPR laws because they came into force back in June of last year. The laws allow authorities to fine companies who violate privacy laws with a percentage of global annual turnover. So, if you violate privacy laws, the fines can actually sting unlike what we see in a country like Canada.
Some might think that Irish authorities investigating Facebook over privacy issues might sound very familiar. If that’s the case for you, then you are probably thinking of the story where Facebook was hacked back in September of 2018. At the time, 50 million users were reportedly exposed. In response, Irish authorities launched an investigation. This latest incident marks the second time this has happened. It’s as if history is more or less repeating itself here.
In another case, Facebook is potentially facing a $5 billion fine by US regulator, the FTC. After that story broke, some observers suggest that Facebook makes so much money, they could brush off a fine like that. The problem for Facebook may not be any one fine in particular, but rather, a stack of multiple fines similar to that. If this is a $22 billion company, a $5 billion fine may not be much. However, add in another $2 billion here and a second $2 billion fine there and these fines will gradually add up after a while. Sooner or later, something is going to give here because a company can’t keep racing up fines like this forever.
For Facebook, they may be able to survive all of these hits to the bottom line. Chances are, however, they are hoping that they won’t suffer from any more security incidences. Not only is the bottom line at risk, but also the public image.
Drew Wilson on Twitter: @icecube85 and Facebook.