Irish data authority probes Facebook photo breach

December 15, 2018
The Irish data watchdog has launched an investigation into Facebook

The Irish data watchdog on Friday launched an investigation into Facebook, after the social media titan admitted a "bug" may have exposed unposted photos from up to 6.8 million users.

The Irish Data Protection Commission (DPC) probe will take place under strict new European privacy laws outlined in the General Data Protection Regulation (GDPR).

It follows a similar probe launched in October—when Facebook admitted a exposed 50 million user accounts.

"The Irish DPC has received a number of breach notifications from Facebook since the introduction of the GDPR on May 25, 2018," said head of communications Graham Doyle.

"With reference to these data breaches, including the breach in question, we have this week commenced a statutory inquiry examining Facebook's compliance with the relevant provisions of the GDPR."

The Irish DPC has primary European jurisdiction over Facebook as the California-based firm has established its international headquarters in Dublin.

GDPR legislation gives regulators vast powers to sanction firms failing to sufficiently secure personal data.

Corporations can be fined up to four percent of their annual global turnover if they neglect to conform.

That means Facebook faces a theoretical fine of 1.4 billion euros ($1.6 billion), based on its 2017 annual revenue of 35.2 billion euros ($40.6 billion).

On Friday Facebook said using the login and granting permission to third-party applications to access photos may have led to the unintended between September 13 and 25.

"When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline," engineering director Tomer Bar announced in a message to developers.

"In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories."

The earlier October DPC investigation was launched after Facebook admitted attackers exploited a vulnerability in the website's code in a manner which could have granted to private accounts.

That probe has been touted as the first major test of GDPR legislation.

Facebook is already under scrutiny as a result of its role in the Cambridge Analytica (CA) data scandal.

Following revelations from a whistleblower it was revealed that tens of millions of users had their personal data hijacked by CA, a political firm working for Donald Trump in 2016.

Explore further: Irish data authority probing Facebook over breach of 50 mn accounts

Related Stories

Bug may have exposed photos from 7M Facebook users

December 14, 2018

Facebook's privacy controls have broken down yet again, this time through a software flaw affecting nearly 7 million users who had photos exposed to a much wider audience than intended.

Security failure at Facebook—what we know

October 3, 2018

The security breach revealed on September 28 by Facebook affected tens of millions of accounts at the social network, which boasts more than 2.2 billion monthly users.

Recommended for you

Researchers engineer a tougher fiber

February 22, 2019

North Carolina State University researchers have developed a fiber that combines the elasticity of rubber with the strength of a metal, resulting in a tougher material that could be incorporated into soft robotics, packaging ...

A quantum magnet with a topological twist

February 22, 2019

Taking their name from an intricate Japanese basket pattern, kagome magnets are thought to have electronic properties that could be valuable for future quantum devices and applications. Theories predict that some electrons ...

Good dog? Bad dog? Their personalities can change

February 22, 2019

When dog-parents spend extra time scratching their dogs' bellies, take their dogs out for long walks and games of fetch, or even when they feel constant frustration over their dogs' naughty chewing habits, they are gradually ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.