The Information Commissioner’s Office (ICO) intends to fine Facebook a record £500,000 for two breaches of the Data Protection Act 1998. The two breaches are linked to the Cambridge Analytica scandal whereby Facebook had failed to ensure Cambridge Analytica deleted tens of millions of users’ personal data. 

facebook gdprAs part of the ICO’s investigation, it was also found that Facebook had breached its own internal rules in ensuring the deletion of personal data. The fine of £500,000 is the maximum allowed under the Data Protection Act 1998. However, under the General Data Protection Regulations, this has now increased to €20 million or 4 per cent of turnover (whichever is greater).

While Facebook is one of the world’s largest data controllers it’s clear from a previous BHW blog reporting on the Noble Design ICO fine that the ICO is not allowing companies of any size to avoid data protection legislation and will bring an action against those who fail to comply.

If you have any questions surrounding the use of personal data or the GDPR in general then please do not hesitate to give Matt Worsnop a call on 0116 281 6235 or email

Published by

Categorised in: , ,

Tags: , , , ,