Facebook faces fresh probe after photo leak
Facebook has been hit with the broadest data protection investigation yet in Europe after the social media group revealed another leak of private photos belonging to millions of people.
The Irish data protection commission said it had opened a new investigation into Facebook because of its high number of data breaches this year.
The social network said on Friday that it had discovered a problem with the way hundreds of third-party developers accessed photos using its app platform. The flaw leaked private photos that Facebook users had uploaded but not chosen to share publicly.
“Because of this bug, some third-party apps may have had access to a broader set of photos than usual for 12 days between September 13 to September 25, 2018,” Facebook’s engineering director Tomer Bar said. “Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers.”
The Irish data protection commissioner said in response to Facebook’s revelation that it had opened an investigation into the Silicon Valley company’s compliance with the EU’s General Data Protection Regulation (GDPR) — not just on the latest leak but on the broad spread of privacy issues this year.
“The Irish DPC has received a number of breach notifications from Facebook since the introduction of the GDPR on May 25, 2018,” a spokesperson said. “With reference to these data breaches, including the breach in question, we have this week commenced a statutory inquiry examining Facebook’s compliance with the relevant provisions of the GDPR.”
Facebook has been left reeling from a series of privacy and security problems in the wake of the Cambridge Analytical scandal, which has prompted investigations from regulators in the US, Europe, and the UK.
In September, Facebook disclosed a cyber attack that it said could have exposed the personal information of tens of millions of its users.
Under GDPR, companies must inform regulators of any data breach within 72 hours of its discovery. Fines can run to as much as 4% of a company’s global revenues for the prior year.
Facebook said it was “sorry” the latest photo breach had happened and would release a tool next week to help developers determine which users had been affected. “We will also notify the people potentially impacted by this bug via an alert on Facebook,” it said.