Facebook under investigation by Irish Data Commission over data leak
By Treasure Mayowa
The Irish Data Protection Commission has recently announced an investigation into an allegation that Facebook leaked the personal data of many users of the platform.
The company is under investigation in Europe forthe personal data of more than 530 million global users of its services.
The Irish Data Protection Commission announced on Wednesday that it was opening an inquiry into whether the leak constituted a breach of the General Data Protection Regulation, or GDPR.
According to a report by Business Insider, the personal information on hundreds of millions of Facebook users, including names, birth dates, email addresses, and phone numbers, was discovered on a website for hackers back in January.
The data set contains information on 533 million users from 106 countries.
the leak hadn’t been caused by its services being hacked but through a Facebook feature by using a method of scraping, an often automated process of netting unsecured public data. The vulnerability was fixed by Facebook in 2019, the company said.
“As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists,” said Mike Clark, product management director for Facebook.
The aim of the DPC’s investigation will be to establish whether Facebook complied with its obligations as the “controller” of users’ personal data, the regulator said in a statement.
Among these obligations are Facebook’s responsibility to inform the correct data protection authority and affected individual users of any data leaks in a timely manner.
“We are cooperating fully with the IDPC in its enquiry, which relates to features that make it easier for people to find and connect with friends on our services,” said a spokeswoman for Facebook in an emailed statement.
“These features are common to many apps and we look forward to explaining them and the protections we have put in place.”
Facebook doesn’t yet appear to have notified any users affected by the leak. If Facebook is found to be in breach of the GDPR, the company can be fined up to 4 percent of its global annual turnover.
To check whether a particular Facebook account was affected, users can search the breach-tracking website Have I Been Pwned?