*By Conor White* Facebook is staring down the barrel of what may be the biggest fine ever imposed for a privacy violation. But regulators still need to prove the company acted in bad faith, and that may be easier said than done, said POLITICO's chief tech correspondent Mark Scott. "At the moment, Facebook has followed the letter of the law," Scott said Wednesday in an interview on Cheddar. "They'd only be fined that amount if they were proven to really mishandle people's data." Ireland's data protection authority on Wednesday launched a formal investigation into Facebook's ($FB) latest data breach, which reportedly affected at least 50 million users. It is the largest hack in the company's 14-year history. Three software flaws allowed hackers to break into user accounts, gaining access to all the third-party apps user signed into with their Facebook logins ー popular platforms like Spotify ($SPOT), IAC-owned ($IAC) dating app Tinder, and Instagram, to name a few. Data points like user names, hometowns, and genders were also exposed, the company said. Under the guidelines of Europe's new General Data Protection Rule (GDPR), Facebook could be forced to pay as much as 4 percent of its global revenue, roughly $1.6 billion. The company said it has since fixed the problem and forced 90 million users to re-sign into their accounts. Still, Scott said this breach is the last thing Facebook needs. "This doesn't really come at a good time for Facebook with the Cambridge Analytica scandal in the recent past ー plus the U.S. midterms coming up," he said, pointing out the company has come under fire for not preventing bad actors from meddling with the platform during recent elections. "Facebook can double-down on the privacy specialists, and it has done a pretty good job, but in the end this is not good news for Facebook as it tries to rebuild trust with consumers." Before the GDPR, the company might've had more time to assess its options, but the social media giant is now required by law to inform regulators within 72 hours of a breach's discovery. While privacy issues are taken more seriously in the European Union, Scott said that the latest developments may have forced Americans to take a closer look at how ー and with whom ー they're sharing their information. "The privacy debate pre-Cambridge Analytica was kind of philosophical," Scott said. "But now with Facebook, and maybe the Equifax scandal in the past, the American population has kind of woken up to the fact that maybe they should be paying more attention to this." For full interview [click here](https://cheddar.com/videos/europes-gdpr-gets-first-real-test-with-latest-facebook-breach).

Share:
More In Business
Nestlé dismisses CEO after he has relationship with a subordinate
Nestlé has dismissed its CEO Laurent Freixe after an investigation into an undisclosed relationship with a direct subordinate. The company announced on Monday that the dismissal was effective immediately. An investigation found that Freixe violated Nestlé’s code of conduct. He had been CEO for a year. Philipp Navratil, a longtime Nestlé executive, will replace him. Chairman Paul Bulcke stated that the decision was necessary to uphold the company’s values and governance. Navratil began his career with Nestlé in 2001 and has held various roles, including CEO of Nestlé's Nespresso division since 2024.
Kraft Heinz undoes blockbuster merger after a decade of falling sales
Kraft Heinz is splitting into two companies a decade after they joined in a massive merger that created one of the biggest food companies on the planet. One of the companies will include brands such as Heinz, Philadelphia cream cheese and Kraft Mac & Cheese. The other will include brands like Oscar Mayer, Kraft Singles and Lunchables. When the company formed in 2015 it wanted to capitalize on its massive scale, but shifting tastes complicated those plans, with households seeking to introduce healthier options at the table. Kraft Heinz's net revenue has fallen every year since 2020.
Load More