Five hundred thousand pounds. That’s what Facebook will be paying to make up for its liability in the Cambridge Analytica scandal in the UK. To recap, the scandal involved the unauthorized, unethical, and what now turns out to be an unlawful collection of personal data on 87 million Facebook users. That data was then used to profile users and deliver tailored political messages during to the 2016 US presidential elections and the Brexit referendum.
To give you an idea of how insignificant this fee is for Facebook, in the first quarter of 2018, the social media giant was making £500,000 in revenue every five and a half minutes.
Beyond Monetary Fines
Information commissioner Elizabeth Denham said that the real goal was to “restore trust and confidence.” “This is not all about fines,” she said, “any company is worried about its reputation because people want to feel that their data is safe.”
The fine is punishment for two breaches of the Data Protection Act, a United Kingdom Act of Parliament tasked with updating data protection laws in the UK and implementing the EU’s General Data Protection Regulation (GDPR).
GDPR Does Not Apply
The Information Commissioner’s Office was unable to apply the penalties based on GDPR, which, in Facebook’s case, would have amounted to £1.4bn (equal to 4% of the company’s global turnover) due to the timing of the breaches. The £500,000 fine happens to be the maximum amount possible under the current Data Protection Act.
Denham noted that while most people have some understanding of targeted advertising for commercial purposes, “very few people have an awareness of how they can be micro-targeted, persuaded or nudged in a democratic campaign, in an election or a referendum.”
The inquiry has also resulted in warning letters to every UK party with an MP in the House of Commons as of March 2017.