The U.K.’s data regulator has slapped Facebook with a maximum £500,000 fine (U.S. $641,000) for serious breaches of data protection rules after users’ data was “unlawfully processed” and subsequently used to guide political advertising and campaigns as part of the Cambridge Analytica scandal.
Between 2007 and 2014, Facebook allowed third-party application developers access to the personal information of tens of millions of users without their consent—around one million of which were based in the United Kingdom. Worse still, their data was accessible even if they had not downloaded the app—developers could access it simply if they were “friends” on Facebook with people who had.
