Facebook broke Canadian privacy law, according to regulators

Privacy regulators in Canada have determined that Facebook broke local privacy laws by mishandling user data. On Thursday, the regulators announced that they would be taking the company to court to force it to change how it protects consumer privacy.

“Facebook’s refusal to act responsibly is deeply troubling given the vast amount of sensitive personal information users have entrusted to this company,” says Daniel Therrien, privacy commissioner of Canada. “Their privacy framework was empty, and their vague terms were so elastic that they were not meaningful for privacy protection.”

The Office of the Privacy Commissioner of Canada opened its investigation into Facebook’s privacy practices following the Cambridge Analytica scandal last spring. Around 300,000 Facebook users across the globe downloaded the “This is Your Digital Life” app, which siphoned data to the political consulting firm Cambridge Analytica. That abuse of data privacy standards resulted in the disclosure of data belonging to around 87 million people, and around 600,000 Canadians, according to the press release.

According to the report, Facebook did not obtain meaningful consent from users to share their data with the third-party app, it did not conduct “proper” oversight over apps with access to the platform, and it engaged in “irresponsible” behavior with consumer data. When prompted by authorities to submit to audits, Facebook refused, despite already complying with US data checkups.

For these reasons outlined in the report, the regulators intend to take their findings to Canadian federal court to seek an order that would require Facebook to change its privacy practices to account for their findings.

“The stark contradiction between Facebook’s public promises to mend its ways on privacy and its refusal to address the serious problems we’ve identified – or even acknowledge that it broke the law – is extremely concerning,” Therrien said.

The report also makes suggestions to update current privacy like allowing regulators to implement fines or conduct audits to ensure companies like Facebook are in compliance with the law.

“It is untenable that organizations are allowed to reject my office’s legal findings as mere opinions,” Therrien said.

On Wednesday, Facebook released its earnings and included guidance for investors suggesting that they expect to be fined from the US Federal Trade Commission anywhere from $3 to $5 billion following the agency’s investigation into Cambridge Analytica and subsequent privacy scandals. The European Union levied fines against Facebook last year as well regarding privacy, but they were far smaller (the hundreds of thousands) than what is anticipated from the FTC.

Canadian regulators do not have the authority to wage fines like officials do in the US and the EU.

 This article was written by Makena Kelly and originally appeared in The Verge.

Take Back Your Day

Learn how the latest technologies can free up your time so you can focus on your business

Share This