Australia sues Facebook over Cambridge Analytica data breach
The Australian information commissioner on Monday sued Facebook for sharing the personal data of Australians as part of the Cambridge Analytica controversy.
Australian Information Commissioner and Privacy Commissioner Angelene Falk said in a statement that the data of more than 300,000 Australians was “exposed to be sold” by Facebook to the political consulting group in the run-up to the 2016 elections.
Falk alleges in charges filed in an Australian federal court on Monday that Facebook disclosed the personal information of users to Cambridge Analytica between 2014 and 2015 as part of an app. Falk noted that many users who had data compromised did not install the app personally and that their data was exposed due to friends who had.
Cambridge Analytica harvested the data of about 50 million Facebook users without their permission to pinpoint voters, part of the firm’s role as consultants for the 2016 campaign of now-President Trump.
Cambridge Analytica accessed the data through the “This is Your Digital Life” app, which gathered information about Facebook users in order to pinpoint them for political advertisements without their permission, which Falk called a serious problem Monday.
“All entities operating in Australia must be transparent and accountable in the way they handle personal information, in accordance with their obligations under Australian privacy law,” Falk said. “We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control about how their personal information was disclosed.”
Falk added that “Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy.”
An official for Facebook told The Hill that the company had “actively engaged” with the Australian government for the past two years.
“We’ve made major changes to our platforms, in consultation with international regulators, to restrict the information available to app developers, implement new governance protocols and build industry-leading controls to help people protect and manage their data,” the official said. “We’re unable to comment further as this is now before the Federal Court.”
While the case is still pending, Australian law allows for a civil penalty of up to $1.7 million to be applied to companies for serious privacy violations. The Australian government noted in the court filing that it is actively seeking an order that Facebook pay a monetary penalty.
Australia is not the only country to target Facebook in relation to the Cambridge Analytica scandal.
Facebook settled with the Federal Trade Commission in the U.S. in 2019, and was ordered to pay $5 billion for not adequately protecting user data.
Brazil’s Department of Consumer Protection fined the social media giant $1.6 million for improperly sharing data, while the British government fined Facebook $645,000 in 2019 in relation to data concerns over the Cambridge Analytica incident.