Facebook on a smartphone (illustration).
SOPA Images / SIPA
The Irish data protection regulator on Wednesday announced the opening of an investigation into Facebook on behalf of the EU.
This comes after the revelation of a data breach of more than 530 million users dating back to 2019.
The Irish Data Protection Commission (DPC), the equivalent of the French CNIL, will investigate whether the American digital giant has met its obligations in terms of data control, according to a statement.
Facebook has its European headquarters in Ireland and it is therefore up to the Irish regulator to conduct the investigation for the European Union (EU).
A fine of up to 4% of turnover
The DPC indicates that it has discussed the incident with Facebook and believes that it is possible that there may have been a breach of the EU's General Data Protection Regulation (GDPR), which the investigation will have to determine.
"We fully cooperate with the investigation of the DPC", reacted a spokesperson for Facebook, assuring that the functions in question, making it possible to find the users more easily, were "frequent for many applications" and that the group counted “Explain the protections in place”.
The GDPR, launched in 2018, gives regulators more power to protect consumers from the domination of Facebook, Google, Apple and Twitter, which, attracted by favorable taxation, have chosen Ireland as their home port.
The regulation provides that regulators can impose a fine of up to 4% of the global turnover of these groups.
Telephone numbers, addresses and dates of birth
In the case of Facebook, the hacked data in question was partly published on a hacker forum in early April and is the work of "malicious actors", Facebook explained last week.
This data comes from a leak that dates back to 2019 and "has been resolved", according to the group which urges its members to better protect their accounts It denounced the method of "scraping" or looting of Facebook profiles via software imitating the network feature which helps members easily find friends and thus scraping contact lists.
The publication of these phone numbers, addresses, dates of birth on a hacker forum had been spotted by the
This is not the first time that data from millions of users of the first social network - which has nearly 2.8 billion monthly users - has been put online.
Revealed in 2018, the Cambridge Analytica scandal, a British firm that hijacked the personal data of tens of millions of Facebook users for political propaganda purposes, had permanently tarnished the reputation of the social network on the issue of data privacy.
Files are piling up
Facebook has meshed with the DPC on other issues.
Its subsidiary, the social network Instagram, has been targeted since 2020 by an investigation in Europe concerning the processing of personal data of minor users.
The regulator opened two separate cases last month after receiving complaints that phone numbers and email addresses of young people under the age of 18 were accessible to all users on the network.
Irish justice, seized by Facebook, had also, last September, agreed to examine a request from the social network and temporarily blocked an investigation by the Irish regulator which could prevent the transfer of data between Europe and the United States. .
Facebook had contested the preliminary conclusions of the DPC, which seemed ready to challenge the system used by the American group to transfer the data of its users from one continent to another.
By the Web
Facebook: Understand everything about the data breach that affects 533 million users
Facebook: Huge Data Leak Reveals Mark Zuckerberg Downloaded Signal