- Europe's default privacy regulator for Facebook will investigate whether Facebook broke the law after the social media company admitting to storing millions of passwords in plain text.
- Ireland's data protection watchdog said on Thursday it will open a 'statutory inquiry' into whether Facebook broke Europe's strict privacy laws, the GDPR.
- Facebook said in March it hadn't found any evidence of misuse.
Facebook is facing a multi-billion dollar fine for accidentally storing millions of people's passwords in plain text.
Ireland's Data Protection Commission (DPC), which is the default privacy regulator for Facebook in Europe, said on Thursday it had launched a "statutory inquiry" into the social network after it admitted to the error.
The news of a fresh investigation comes a day after Facebook announced that it would be
setting aside $3 billion to cover the costs of a privacy investigation launched by the US regulators, during its first quarter 2019 earnings call.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More Facebook said in March that it had stored hundreds of millions of users' passwords in an unencrypted format for years, meaning employees with access to its systems could simply look at people's passwords. Around 20,000 workers were thought to be able to access the passwords, although Facebook said it hadn't found any evidence of misuse.
The DPC published a statement on Thursday saying it would investigate Facebook to see if it had breached Europe's strict privacy laws, the GDPR.
It said: "The Data Protection Commission was notified by Facebook that it had discovered that hundreds of millions of user passwords, relating to users of Facebook, Facebook Lite and Instagram, were stored by Facebook in plain text format in its internal servers. We have this week commenced a statutory inquiry in relation to this issue to determine whether Facebook has complied with its obligations under relevant provisions of the GDPR."
A company that breaches the GDPR, which was introduced last May, can be fined up to €20 million, or 4% of global annual turnover, whichever is the bigger number. In Facebook's case, that would equate to around $2.2 billion.
Facebook said it would work with the regulator on its investigation.
A spokesperson said: "We are working with the IDPC on their inquiry. There is no evidence that these internally stored passwords were abused or improperly accessed."
Correction: An earlier version of this article incorrectly stated that the DPC is investigating Facebook's harvesting of email contacts.
Next Story
I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
Why are so many elite coaches moving to Western countries?
Global GDP to face a 19% decline by 2050 due to climate change, study projects
5 things to keep in mind before taking a personal loan
Markets face heavy fluctuations; settle lower taking downtrend to 4th day
Move over Bollywood, audio shows are starting to enter the coveted ‘100 Crores Club’
