*By Conor White* Facebook is staring down the barrel of what may be the biggest fine ever imposed for a privacy violation. But regulators still need to prove the company acted in bad faith, and that may be easier said than done, said POLITICO's chief tech correspondent Mark Scott. "At the moment, Facebook has followed the letter of the law," Scott said Wednesday in an interview on Cheddar. "They'd only be fined that amount if they were proven to really mishandle people's data." Ireland's data protection authority on Wednesday launched a formal investigation into Facebook's ($FB) latest data breach, which reportedly affected at least 50 million users. It is the largest hack in the company's 14-year history. Three software flaws allowed hackers to break into user accounts, gaining access to all the third-party apps user signed into with their Facebook logins ー popular platforms like Spotify ($SPOT), IAC-owned ($IAC) dating app Tinder, and Instagram, to name a few. Data points like user names, hometowns, and genders were also exposed, the company said. Under the guidelines of Europe's new General Data Protection Rule (GDPR), Facebook could be forced to pay as much as 4 percent of its global revenue, roughly $1.6 billion. The company said it has since fixed the problem and forced 90 million users to re-sign into their accounts. Still, Scott said this breach is the last thing Facebook needs. "This doesn't really come at a good time for Facebook with the Cambridge Analytica scandal in the recent past ー plus the U.S. midterms coming up," he said, pointing out the company has come under fire for not preventing bad actors from meddling with the platform during recent elections. "Facebook can double-down on the privacy specialists, and it has done a pretty good job, but in the end this is not good news for Facebook as it tries to rebuild trust with consumers." Before the GDPR, the company might've had more time to assess its options, but the social media giant is now required by law to inform regulators within 72 hours of a breach's discovery. While privacy issues are taken more seriously in the European Union, Scott said that the latest developments may have forced Americans to take a closer look at how ー and with whom ー they're sharing their information. "The privacy debate pre-Cambridge Analytica was kind of philosophical," Scott said. "But now with Facebook, and maybe the Equifax scandal in the past, the American population has kind of woken up to the fact that maybe they should be paying more attention to this." For full interview [click here](https://cheddar.com/videos/europes-gdpr-gets-first-real-test-with-latest-facebook-breach).

Share:
More In Business
Regulators Investigating Chevy Volts
Federal regulators are investigating Chevrolet Volt hybrid cars after some drivers reported issues including sudden power loss and failure to restart.
Celebrating the Holidays With Build-A-Bear Workshop
Build-A-Bear Workshop has been one of the most recognizable and beloved toy brands in the world since opening in 1997. Sharon Price John, CEO of Build-A-Bear Workshop, spoke with Cheddar News about its plans for the holiday season this year as well as the company's first animated feature film.
Stocks Flat Ahead of Fed Chair Comments
Stocks were generally flat after the opening bell on Friday ahead of Federal Reserve Chair Jerome Powell's comments in a speech at Spelman College later. Investors are growing optimistic that the central bank is done raising rates and may start cutting next year.
Load More