Facebook Faces Billions In Possible GDPR Fines

facebook-privacy-user-data

The impact of Europe’s General Data Protection Regulation (GDPR) continues to take shape roughly five months after taking effect, and Facebook could be on the hook for billions of dollars in fines tied to a data breach of about 50 million user accounts.

As reported, the social media giant was hacked through a vulnerability in the Facebook source code, which gave the attackers the ability to steal access tokens, which they in turn used to keep Facebook subscribers logged in.

Should Facebook be found by regulators to have breached GDPR by not adequately protecting user data, the fines could touch roughly $1.6 billion, at least as estimated on the well-reported four percent of annual top line that would be used in that calculation.

As reported by ZDNet and other sites, class action suits have already been filed against the company.  This is not the first brush Facebook has had with regulators on the continent in reference to data privacy.  Recall that under the previous data protection laws, namely the Data Protection Act of 1998, the company was fined 500,000 pounds by the U.K. Information Commissioner’s Office, as Cambridge Analytics had harvested Facebook’s data tied to as many as 87 million users internationally.  That was the maximum fine under the old laws.  The U.K. has also issued its first GDPR notice against AggregateIQ Data Services, which over the past several months had been linked to the Facebook/Cambridge Analytica Data efforts.

Crypto Regulations

Also in Europe, the European financial markets regulator has said that it wants to spend one million euros to promote market stability in the region as pertains to cryptocurrencies and FinTechs.  The one million euros will be spent through 2019, according to reports. The amount was disclosed in the Annual Work Program, which had been devised by the European Securities and Market authority at the end of last month.  That document focuses on budgets and regulatory efforts across the region. FXStreet reported last week that the ESMA wants to track retail investor activities and coordinate its own regulatory efforts stretching across Europe.

Also eyeing cryptocurrencies, in the United States members of Congress have written to Jay Clayton, who helms the Securities and Exchange Commission, asking for information about how the SEC may look to regulate cryptocurrencies moving forward.  As stated in the letter and as reported by CNBC, “It is important that all policy makers work toward developing clearer guidelines between those digital tokens that are securities, and those that are not, through better articulation of SEC policy, and, ultimately, through formal guidance or legislation.” 

Regulatory Fines, on a Global Scale

To move beyond European borders and gain a sense — on a more global scale — of who gets fined where … the United States tops the list.

Duff & Phelps, through its Global Enforcement Review, said at the end of last week that total penalties have climbed by 30 percent from 2015 to 2017, to $26.5 billion. The tally of these “large enforcement cases” may be on the decline, though as the findings show that they stand at $8.1 billion through the first six months of 2018, where last year showed $18.4 billion over the corresponding period.

The U.S. accounted for 94 percent of the total amount of penalties handed down on companies ($24.4 billion) and 99 percent of the amount brought against individuals ($621 million). Fines against companies were up 2 percent between 2016 to 2017 and over that same period were up 23 percent against individuals.

Banking, Eyed by the Fed

The United States Federal Reserve, through Loretta Mester, president of the Cleveland Federal Reserve, has said that there should be an overhaul of regulations on small business banking that would in turn give a lift to U.S. community banks and small business lending. Specifically, regulations under the Community Reinvestment Act should also embrace technological changes, said Mester in remarks last week, that have come since the Act was last reviewed by regulators two decades ago.  As has been reported, the U.S. Government Accountability Office has said that there has been growth in small business lending, as measured across 2001 to 2017.