Meta obtained a slap on the wrist on Friday to the tune of 91 million euros ($102 million) for breaking Europe’s strict privateness guidelines. The firm hadn’t put sufficient protections in place to safe folks’s social media passwords, and realized it was by accident storing them in plain textual content.
The Irish Data Protection Commissioner, which is accountable for making certain Meta abides by Europe’s General Data Protection Regulation, issued the nice following a 5 12 months investigation, stretching again to 2019. It was whether or not Meta had failed to fulfill its obligations of guaranteeing customers acceptable privateness and safety, and reporting any issues to DPC.
“It is extensively accepted that person passwords shouldn’t be saved in plaintext, contemplating the dangers of abuse that come up from individuals accessing such knowledge,” mentioned Deputy Commissioner Graham Doyle in an announcement. “It should be borne in thoughts, that the passwords the topic of consideration on this case, are notably delicate, as they might allow entry to customers’ social media accounts.”
The GDPR, which got here into drive in 2018, holds corporations to excessive requirements on the subject of defending folks’s privateness. As a part of the foundations, corporations should be proactive in making certain that they are clear about any potential privateness issues they uncover. In line with these guidelines, Meta reported the issue when it made the invention.
“As a part of a safety evaluation in 2019, we discovered {that a} subset of FB customers’ passwords had been quickly logged in a readable format inside our inside knowledge techniques,” mentioned a spokesperson for the corporate on Friday. “We took speedy motion to repair this error, and there’s no proof that these passwords had been abused or accessed improperly.”
It’s not the primary and solely time Meta has fallen foul of privateness guidelines, however the firm claimed it is now taken steps to verify one thing comparable cannot occur sooner or later and customers’ passwords are totally protected.
