*By Conor White* Facebook is staring down the barrel of what may be the biggest fine ever imposed for a privacy violation. But regulators still need to prove the company acted in bad faith, and that may be easier said than done, said POLITICO's chief tech correspondent Mark Scott. "At the moment, Facebook has followed the letter of the law," Scott said Wednesday in an interview on Cheddar. "They'd only be fined that amount if they were proven to really mishandle people's data." Ireland's data protection authority on Wednesday launched a formal investigation into Facebook's ($FB) latest data breach, which reportedly affected at least 50 million users. It is the largest hack in the company's 14-year history. Three software flaws allowed hackers to break into user accounts, gaining access to all the third-party apps user signed into with their Facebook logins ー popular platforms like Spotify ($SPOT), IAC-owned ($IAC) dating app Tinder, and Instagram, to name a few. Data points like user names, hometowns, and genders were also exposed, the company said. Under the guidelines of Europe's new General Data Protection Rule (GDPR), Facebook could be forced to pay as much as 4 percent of its global revenue, roughly $1.6 billion. The company said it has since fixed the problem and forced 90 million users to re-sign into their accounts. Still, Scott said this breach is the last thing Facebook needs. "This doesn't really come at a good time for Facebook with the Cambridge Analytica scandal in the recent past ー plus the U.S. midterms coming up," he said, pointing out the company has come under fire for not preventing bad actors from meddling with the platform during recent elections. "Facebook can double-down on the privacy specialists, and it has done a pretty good job, but in the end this is not good news for Facebook as it tries to rebuild trust with consumers." Before the GDPR, the company might've had more time to assess its options, but the social media giant is now required by law to inform regulators within 72 hours of a breach's discovery. While privacy issues are taken more seriously in the European Union, Scott said that the latest developments may have forced Americans to take a closer look at how ー and with whom ー they're sharing their information. "The privacy debate pre-Cambridge Analytica was kind of philosophical," Scott said. "But now with Facebook, and maybe the Equifax scandal in the past, the American population has kind of woken up to the fact that maybe they should be paying more attention to this." For full interview [click here](https://cheddar.com/videos/europes-gdpr-gets-first-real-test-with-latest-facebook-breach).

Share:
More In Business
Study: Over 58% of Hybrid Workers Are 'Coffee Badging'
With more employees being called back to the office, many workers are suddenly protesting by being in the office for as little time as possible. As the term suggests, coffee-badging means coming in for just enough time to have a cup of coffee, show your face, and swipe your badge.
Securitize: Join The Private Credit Boom
Cheddar News' Need2Know is brought to you by Securitize, which helps unlock broader access to alternative investments in private businesses, funds, and other alternative assets. The private credit boom is here and the Hamilton Lane Senior Credit Opportunities Fund has tripled in assets under management in just six months from November 2022 through April this year. Visit Securitize.io to learn more.
Load More