The UK’s Information Commissioner’s Office (ICO) has fined Facebook GBP 500,000 for its role in the Cambridge Analytica data breach scandal, the BBC reports. The fine is the maximum allowed under the old data protection rules before GDPR took effect in May.
The ICO said that Facebook had allowed a “serious breach of the law” take place by giving app developers access to user data “without clear consent”.
“Between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had,” said ICO in a statement.
Facebook said it was “reviewing” the ICO’s decision.
“While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015,” it said in a statement.
According to the watchdog, more than one million people in the UK had their data harvested by Cambridge Analytica.