Australian Privacy Watchdog Sues Facebook; Maximum Fine Of $529 Billion

For your free ISO 27001 Information Security Management System Gap Analysis Checklist, click here.




The Australian Information Commissioner’s Office has launched a case in the Federal Court accusing Facebook of breaching privacy laws amid the controversial Cambridge Analytica scandal, with the unlikely potential of a maximum fine over half a trillion dollars.


The case argues that Facebook users that downloaded the “This Is Your Digital Life” app were misled, presuming they were taking a personality quiz. Cambridge Analytica, the infamous political consulting company then leveraged this in-depth data on users for political groups to more accurately target their advertising and other activities.


The OAIC alleges that Facebook breached the 1998 Privacy Act through its sharing of 311,127 profiles for political profiling via the seemingly unrelated product.


According to the Australian Privacy Act, there is a civil penalty of up to $1.7 million for every breach of the privacy act. The OAIC believes that there were 311,127 violations of the act on Australian residents, hence the potential maximum fine of $529 billion.


For reference, Facebook paid the UK’s privacy watchdog fine of £500,000 when found guilty for breaching its domestic privacy act. Reuters is reporting that “last July, Facebook was fined a record $5 billion by the U.S. Federal Trade Commission after a probe triggered by the same user personality quiz from 2014 to 2015.”


“In all, Facebook was accused of inappropriately sharing information belonging to 87 billion users globally with the survey tool of now-defunct British firm Cambridge Analytica. The consultancy’s clients included U.S. President Donald Trump’s 2016 election campaign.”


Angelene Falk, Australian Information Commissioner and Privacy Commissioner said in a press release that“all entities operating in Australia must be transparent and accountable in the way they handle personal information, in accordance with their obligations under Australian privacy law.”


“We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control about how their personal information was disclosed. Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy.”


“We claim these actions left the personal data of around 311,127 Australian Facebook users exposed to be sold and used for purposes including political profiling, well outside users’ expectations,” she concluded.


A spokesperson from Facebook has said that the company will continue to “actively” engage with the Office of the Information Commissioner with its investigation.


“We’ve made major changes to our platforms, in consultation with international regulators, to restrict the information available to app developers, implement new governance protocols and build industry-leading controls to help people protect and manage their data,” they said.


“We’re unable to comment further as this is now before the Federal Court,” Facebook concluded.

© 2019 by Best Practice

  • White YouTube Icon
  • White LinkedIn Icon
  • White Instagram Icon
  • White Facebook Icon
  • White Twitter Icon