It seemed for many businesses that, though the build up to the GDPR Regulations was very intense with hundreds of emails inviting us to update our settings or give consent, the event went out with a short puff of smoke.
Well, that’s not the case. GDPR is well and truly with us. In fact, the Business Advice website has today reported that “Following a controversial breach of user data, social media giant Facebook been hit with a £500,000 fine from the UK’s GDPR watchdog.” Read more here.
The fine is due to the incident, which was made public by whistle-blower and former Cambridge Analytica employee, Christopher Wylie, in revelations made to the Observer and New York Times newspapers earlier this year.
However, the confusion isn’t about the fine but as to why this fine is so small.
Under GDPR, companies responsible for a breach of data are liable to fines up to 4% of annual turnover. For Facebook, this would have amounted to a penalty worth £479m.
While the highest fines under the new data protection bill, legislation which brought GDPR into UK statute books, are set at £17m or 4% of annual turnover, whichever is higher, the ICO was forced to act under old data protection laws as Facebook’s offences took place in 2016.
In this instance, you could say that Facebook has been very lucky. But going forward, any breaches of these regulations will not be viewed lightly. So, if you still haven’t ensured that your business is GDPR compliant, don’t wait until it’s too late. Get advice and guidance now.