Facebook: Ireland opens privacy probe into data breach
April 14, 2021
Irish regulators are responsible for the investigation because the US tech giant has set up its European headquarters in Dublin. It will focus on reports that more than 500 million users saw their data leaked online.
Ireland's data regulator opened an investigation into Facebook on Wednesday over whether the social media giant breached EU privacy rules.
The country's Data Protection Commission (DPC) is looking into reports that some 533 million Facebook users worldwide were exposed on an online hacker forum.
The breach affected people from more than 100 countries, and included names, Facebook IDs, phone numbers, locations, birthdates and email addresses.
Why is Ireland investigating?
Irish authorities are leading the inquiry because the US tech firm has its European headquarters in Dublin.
The DPC said in a statement that it was "of the opinion that one or more provisions" of EU or Irish law had been broken by Facebook, adding it had received "a number of responses" from the firm.
Facebook said it was "cooperating fully" with the regulator's inquiry, which it said "relates to features that make it easier for people to find and connect with friends on our services."
"These features are common to many apps and we look forward to explaining them and the protections we have put in place," a company spokesman said
Facebook last week published a blog post, seeking to downplay the row after the DPC first released a statement on April 6 saying it was aware of the breach.
EU to revolutionize how Big Tech works
The tech giant said it was related to data scraped by hackers using its contact importer tool sometime before September 2019 and that the security loophole had since been fixed.
What has the EU done on data privacy?
EU governments brought in the bloc's General Data Protection Regulation (GDPR) which came into effect in 2018, granting social media users greater rights in relation to their data.
Companies who fall foul of the law can be hit with fines of either 20 million euros ($24 million) or up to 4% of their annual revenues, whichever is the greater amount.
Ireland’s DPC issued its first-ever GDPR penalty in December last year, hitting micro-blogging site Twitter with a fine of €450,000 (roughly $540,000).
It is also conducting probes into separate breaches by Facebook and its sister company, the photo-focused social media site Instagram.
The country has succeeded in attracting some of the world's biggest technology firms, such as Apple, to its shores owing to its 12.5% corporate tax rate. In France, it stands at 28%, while the German corporate tax rate is 30%.