It has been reported that the Information Commissioner’s Office intends to fine Facebook £500,000 for failing to safeguard users’ data, and not telling tens of millions of people how Cambridge Analytica harvested their information for use in political campaigns. IT security experts commented below.
Christopher Littlejohns, EMEA Manager at Synopsys:
“The intended £500K fine imposed on Facebook for the Cambridge Analytica scandal is a salutary lesson to companies operating within the European region. The underlying contraventions are considered by regulatory authorities to be on the top end of the scale of violations of data privacy. Should this or a similarly grave issue happen now, fines within the new GDPR regime could easily cost Facebook $100’s of Millions of Dollars of revenue.
“Such fines are potentially so large they can significantly affect operating margin, and ultimately share prices of large companies. Personal data collectors and aggregators are particularly at risk to these issues, due to the scale and value of the data they collect; and consequently should be extremely vigilant and diligent in their custodianship of such data.
“Companies that do not undertake effective risk analysis, data privacy management, ongoing diligence, and open communication with users and authorities when breaches occur will potentially face severe business impediments at best, and existential threats at worst.”
Frank Bien, CEO at Looker:
“Ethical and transparent data means clarity. Clarity on where your data will reside, what it will be used for and who can access it, and with whom it will be shared.
“Even as we’ve witnessed seemingly benign data being harvested and weaponised, we believe there is a clear opportunity for data to be harnessed for good. Businesses of all sizes need to prioritise the long-term greater good over the short-term bottom line. In short, businesses need to be willing to leave money on the table if partners or potential partners don’t protect user data.
“We believe that putting ethical decision-making at the heart of business strategies will dictate the right path.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.