Privacy experts are warning that Facebook could face mass legal action for a data leak that involved more than 500 million Facebook profiles.
We reported a few weeks ago that private information, including the names, phone numbers, email addresses and dates of birth belonging to more than 533 million Facebook users were found on a database that was first reported by Business Insider.
Now, we’ve had the first warning signs that Facebook could face mass legal action for the data leak, on behalf of a digital privacy group based in Europe, launched in the Irish courts.
Get ISO 27001 – Information Security – Certification With Best Practice
Last week, the Irish Data Protection Commission confirmed that it has launched a formal investigation into the data leak of more than 500 million Facebook users. The investigation is aimed at determining whether or not Facebook violated the EU’s GDPR – General Data Protection Regulation Act.
A breach of the EU’s GDPR Act of 2018 can result in fines of up to 4% of that company’s annual turnover.
The tech giant, however, remains steadfast in its position that the data was “scraped” from a database publicly available at the time of the leak, and not the result of any malpractice on its part.
Antoin O’Lachtnain, the director of Digital Rights Ireland has said that the potential for legal action in this case could spark a domino effect launched against companies that had caused similar data leaks.
Digital Rights Ireland says that Facebook failed to uphold its responsibilities in terms of keeping the data of its users secure, and also failed in its responsibility to inform those impacted by the breach.
“This will be the first mass action of its kind, but we’re sure it won’t be the last,” he said. “The scale of this breach, and the depth of the personal information compromised, is gob-smacking.”
Facebook to Face Mass Legal Action for Data Leak of 500 Million
O’Lachtnain added that “the laws are there to protect consumers and their personal data and it’s time these technology giants wake up to the reality that protection of personal data must be taken seriously.”
The organisation says that those implicated in the widespread data leak could be offered up to AUD $18,600 per breach, if the mass legal action against Facebook is successful.
Ray Walsh, ProPrivacy’s digital privacy expert has told the BBC that “if successful, this could well set a precedent and open the door to further class action down the line.”
“Big Tech might then find that being made to compensate individual users is a strong reminder to work harder on privacy compliance,” Walsh said.
A spokesperson for Facebook has responded to the allegations, stating that “we understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without out permission more difficult and go after the people behind it.”
The spokesperson pointed to similar data leaks from other tech companies, stating that “as LinkedIn and Clubhouse have shown, no company can completely eliminate scraping or prevent data sets like these from appearing.”
“That’s why we devote substantial resources to combat it and will continue to build out our capabilities to help stay ahead of this challenge,” Facebook’s spokesperson said.
