Facebook has been penalized for sharing user data without consent in South Korea. The fine is approximately $6 million, following a report by the Personal Information Protection Commission (PIPC).
$6 Million Fine against Facebook for Breaking South Korean Laws
According to the organization, the US tech giant shared data of at least 3.3 million users of 18 million Korean users. Not only did Facebook do this without users’ consent, but it also shared the data with other companies in the period May 2012 – June 2018.
PIPC is also planning to file a criminal complaint against the US company for breaching local laws regarding personal information.
What type of information has been affected?
Shared data includes Facebook users’ names, jobs, academic history, hometown, and relationship status. How was the information shared? Upon logging into their accounts via third-party apps using users’ Facebook accounts, users’ and their friends’ data was shared with the same services. Worse, their friends were unaware that the services were compromising their personal details without their knowledge and consent.
As explained by the commission, users agreed to share their information with said services when logging in with their Facebook accounts. However, their friends didn’t agree to this and were unaware that their information was also shared.
What was the collected data used for?
Not surprisingly, collected personal details were abused to create customized ads that were displayed on Facebook. According to PIPC, the social media made profits by sharing the data.
What else did Facebook do to breach the privacy of its users?
Apparently, the company stored users’ password data without encryption, and didn’t notify users when accessing their data. Furthermore, the tech giant turned in false or incomplete documents during the investigation, obstructing the investigation to top that off. A fine of additional $66 million was imposed for this impediment.
The Korea Communication Commission started the investigation against Facebook in 2018 amidst the Cambridge Analytica scandal. The case was then handed to the Personal Information Protection Commission.
In May, Facebook faced another penalty over false data privacy claims. According to Canada’s Competition Bureau, Facebook mishandled user information by creating the false feeling that users could control who could see and access their personal information via privacy features. The penalty was estimated at CAD 9 million, which equals USD 6.5 million, or EUR 5.9 million.