Facebook Moves Quickly to Address Privacy Error

Towards the end of last week social media giant Facebook revealed  it experienced a data privacy breach last week that placed 14 million users of the platform in danger.

From May 18 and 27, a technical glitch meant that the privacy settings for new posts was automatically set to public audience by default. Facebook have said that this issue impacted 14 million users. The company has issued alerts to users and advising them to exercise caution every time that they write a new post or update. Additionally, Facebook has changed the default option to private until users have a chance to review this and choose to “set to public” again.

Facebook’s Chief Privacy Officer, Erin Egan’s released a statement that said: “We recently found a bug that automatically suggested posting publicly when some people were creating their Facebook posts. We have fixed this issue and starting today we are letting everyone affected know and asking them to review any posts they made during that time. To be clear, this bug did not impact anything people had posted before — and they could still choose their audience just as they always have.”

The speed of the actions that were taken by Facebook are being explained as a renewed effort to ensure compliance with the new European Union GDPR legislation. Facebook are also stressing that this is a start to the new proactive and transparent ways for the company to manage issues. This comes on the back of Facebook announcing that it has had data-sharing partnerships with at least four Chinese electronics companies, including a manufacturing company that works closely with the Chinese government.

Facebook CEO Mark Zuckerberg, while being questioned by US Congress, admitted his personal data was among that improperly acquired by election consultancy firm Cambridge Analytica in a previous breach in early 2018.

The UK’s data watchdog, the Information Commissioner’s Office, stated that as Facebook’s European headquarters are in Dublin, the EU-wide GDPR regulations require the Irish Data Protection Commission (DPC) to take the lead on this case for EU Member States.