The European Union’s General Data Protection Regulation (GDPR), launched in 2018, empowers regulators to protect consumers from digital giants like Facebook, Google, Apple, and Twitter.
The Irish data protection commission DPC announced on Wednesday the opening of an investigation into the social network Facebook following the revelation of a data breach of more than 530 million users dating back to 2019.
Ireland’s regulator, competent because Facebook has its European headquarters installed in this country, will investigate whether the US digital giant complied with its control obligations, according to a statement.
The DPC claims to have been in contact with Facebook as a result of this incident and believes that there may have been a violation of the General Data Protection Regulation (GDPR) of the European Union, which the investigation will have to determine.
“We are fully cooperating with the investigation of the DPC,” reacted a Facebook spokesperson, ensuring that the functions in question, which facilitate the search for users, are “common in many applications” and that the group “will explain the protections in place.”
The GDPR, launched in 2018, empowers regulators to protect consumers from digital giants like Facebook, Google, Apple and Twitter, which, attracted by favorable tax treatment, have chosen Ireland as their headquarters.
The regulation allows regulators to fine these groups up to 4% of their global turnover.
In the case of Facebook, the Irish body had already warned last week that personal data “that appears to come from Facebook appeared on a freely accessible hacking website this weekend that contains the data of 533 million people”, including a “significant number of European users”.
Emails and phones
Some of this data dates back to 2018 and others “could be more recent,” added the DPC, which said it had not received “any information in advance from Facebook.”
Stolen data, including emails and phone numbers, expose you to “spamming for marketing purposes, but users should also be on the lookout for any services that require authentication with a phone number or email address, for if third parties try to access ”the accounts in question, the regulator warned.
It is not the first time that data from millions of users of the main social network, which has almost 2,800 million users monthly, has been published on the internet.
A Facebook spokesperson said ten days ago that the hacked data was “old” and that its leak “had already been reported in the media in 2019.”
“We identified and fixed this problem in August 2019,” he said.
The social network’s reputation for data privacy was seriously tarnished by the Cambridge Analytica scandal, revealed in 2018, named after a British company that unauthorized use of the personal data of tens of millions of Facebook users. for political propaganda purposes.
Facebook has other open dossiers with the DPC.
One of its subsidiaries, the social network Instagram, has been under investigation in Europe since 2020 for handling the personal data of underage users. The regulator opened two separate procedures last month after receiving complaints that the phone numbers and email addresses of people under 18 were accessible to all users of the network.
