Ireland’s privacy watchdog is interested in understanding more about the recently disclosed Facebook users’ phone number leak and is asking the company questions about it, TechCrunch reports.
Facebook has European headquarters in Dublin, Ireland. Therefore, Ireland is Facebook’s lead regulator in the region. Google (GOOGL), Apple (AAPL), and Twitter (TWTR) are the other big tech companies from America with European headquarters based in Ireland.
Ireland cracks down on data breach
As we discussed previously, a US security researcher recently discovered a huge database containing millions of Facebook users’ phone numbers. The database also contained people’s name, gender, and country of residence in some cases.
While Ireland is looking into the Facebook users’ phone number leak and may open a probe into the matter, the TechCrunch report suggested that the data breach may have predated GDPR (General Data Protection Regulation), a data protection law that applies to the EU (European Union).
Facebook shuts down phone search feature
Before the Facebook users’ phone number leak, the company was dealing with other issues. For some time, Facebook offered a feature that allowed people to search for others on its flagship social network using their phone number or email address. However, the company pulled down the feature in 2018. Facebook stopped allowing people to look up others using a phone number in April 2018. However, GDPR came into force in May 2018.
Recently, Facebook looked at the exposed data and found that the records look old. The leakage of the phone number records most likely took place before the company ended the phone search feature.
Additionally, the company said it has seen no indication that someone used the data to compromise its users’ accounts. That would be a problem as Facebook oversees more than 2.4 billion user accounts on its namesake social network.
GDPR spells out huge fines for violations
The GDPR represents the EU’s aggressive attempt to protect its citizens’ data and regulate big tech companies. The GDPR law generally limits how companies collect people’s personal data and use it. A company can face fines of up to 4.0% of its global annual revenue for infringing the GDPR law.
Already Facebook is the subject of multiple GDPR investigations. Likewise, Google has already faced the GDPR fine and faces more GDPR-related probes. The Wall Street Journal reported last month that Ireland could begin hitting Facebook with GDPR fines this year.
Facebook may face a $2.2 billion fine
Facebook generated $55.8 billion worth of revenue worldwide in 2018. Therefore, a fine of 4.0% on Facebook’s 2018 annual revenue would shave $2.2 billion from the company. Facebook finished the second quarter with $41.1 billion of cash reserve. Therefore, breaches like the exposure of millions of Facebook users’ phone numbers could be costly if subjected to GDPR scrutiny.
To read more about the Facebook breach, read Facebook: What Users’ Phone Number Leak Means.