Shorter Reads

Facebook and Cambridge Analytica – the GDPR implications

1 minute read

Published 22 March 2018

Authors

Howard Ricklow
Partner
Visit profile
Read more from Howard

Key information

Services
Business
Data Protection

With GDPR on the horizon nothing could highlight data protection issues like the shocking revelation that Facebook failed to protect 50 million of its users whose data was obtained by Cambridge Analytica. Amongst allegations that Cambridge Analytica played a central role in Donald Trump’s election victory and even the Referendum result the Information Commissioner has forced Facebook to pull an audit of Cambridge Analytica’s offices as she applies for an urgent warrant to access their servers.

Whilst the facts are murky with regard to the relationship between Facebook and Cambridge Analytica and the ‘harvesting’ of personal data, if Facebook is fined for breaches of the Data Protection Act 1998 the maximum fine would be £500,000; under the GDPR the fine could be the higher of 4% of Facebook’s gross turnover and €20 million.

Data protection and GDPR are certain to remain in the headlines in the coming weeks as data controllers come under further scrutiny by the Information Commissioner.

http://www.bbc.co.uk/news/world-us-canada-43494337

Back to Insights

Shorter Reads

Facebook and Cambridge Analytica – the GDPR implications

Published 22 March 2018

Associated sectors / services

Business
Data Protection

Authors

Howard Ricklow
Partner
Read more from Howard

Data protection and GDPR are certain to remain in the headlines in the coming weeks as data controllers come under further scrutiny by the Information Commissioner.

http://www.bbc.co.uk/news/world-us-canada-43494337

Associated sectors / services

Business
Data Protection

Authors

Howard Ricklow
Partner
Read more from Howard

Need some more information? Make an enquiry below.

Enjoy reading our articles? why not subscribe to notifications so you’ll never miss one?

Subscribe to our articles

Message us on WhatsApp (calling not available)

Please note that Collyer Bristow provides this service during office hours for general information and enquiries only and that no legal or other professional advice will be provided over the WhatsApp platform. Please also note that if you choose to use this platform your personal data is likely to be processed outside the UK and EEA, including in the US. Appropriate legal or other professional opinion should be taken before taking or omitting to take any action in respect of any specific problem. Collyer Bristow LLP accepts no liability for any loss or damage which may arise from reliance on information provided. All information will be deleted immediately upon completion of a conversation.

I accept Close

Latest news:

Apply for your Training Contract with Collyer Bristow

ExpandNeed some help?Toggle

I'm looking for someone
I'm looking for information on a specific legal area
I want to contact you
Request a callback
I'd like to search for something
I'd like to subscribe to receive updates

If your issue is urgent,
please call +44 20 7242 7363

Get in touch

Get in touch using our form below.

View everyone
Business
Dispute Resolution
Private Wealth
Real Estate
About us
Updates
Open in maps
Message on WhatsApp Give us a call

Business

Dispute Resolution

Private Wealth

Real Estate

About

Updates

Facebook and Cambridge Analytica – the GDPR implications

Authors

Howard Ricklow

Share

Key information

Longer ReadsDemystifying the UK government’s proposed reforms to data protection laws

Longer ReadsRecent trends in data breach litigation

Shorter ReadsRoyal Mail cybersecurity incident a reminder of the international reach of the UK GDPR

Shorter ReadsMonitoring staff – employers should not expect to see staff chained to their desks all day

PodcastsDirectors’ duties – An introduction

Shorter ReadsPrivate equity’s embrace of ESG

Longer ReadsSalaries continue to fall in real terms despite unemployment levels at historic lows

Shorter ReadsDon’t dismiss the four-day week

Shorter Reads‘Red tape’ reform for thousands of businesses

Shorter ReadsScrapping GDPR regulations likely to cause additional red tape for UK businesses

Longer ReadsDon’t let your cookie compliance crumble

Videos5 tips when seeking Private Equity investment

Shorter ReadsData privacy update: International data transfers

Shorter ReadsP&O further wage cuts blocked

Shorter ReadsA debate: Will The Online Safety Bill Make The Internet Safer?

Shorter ReadsData Subject Access Requests: Six key issues for HR Teams

Shorter ReadsRights without responsibilities?

Shorter ReadsData subject access requests are ‘weaponised’ as disgruntled customers seek to ‘tie businesses in knots’

Shorter ReadsAI regulation in financial services and how the UK diverges from EU rules

Longer ReadsDomestic CCTV: are you compliant?

Longer ReadsGDPR: New Guidelines on international data transfers

Longer ReadsDear Santa…A Cautionary Data Privacy Tale

PodcastsArticle 27 of the GDPR – Do you need to appoint a UK/EU Data Representative?

Shorter ReadsCovid update: déjà vu – working from home again

Shorter ReadsESG and Data Protection

VideosESG and the Private Investor

PodcastsGDPR and Artificial Intelligence in the workplace

Longer ReadsWhat are the limits on video surveillance in the workplace?

Longer ReadsComplying with data laws when engaging with freelancers

Shorter ReadsUK data protection standards to be deemed adequate by the EU

Shorter ReadsIkea fined €1 million for illegal staff surveillance

Shorter ReadsFirst, sack all the IP lawyers.

Shorter ReadsIs your personal data safe on Zoom?

Shorter ReadsFirmware cyber-attacks: the next big thing?

Shorter ReadsWebsite cookies crumble as they fail to meet legislation

Shorter ReadsPost-Brexit breathing space for EU-UK transfers of personal data

Shorter ReadsNow is the time to review your data protection policies

Longer ReadsThe end of the Brexit transition period: what this means for your business’s data protection...

VideosControl the process: mastering your data processing agreements

Shorter ReadsNo rest for the European Data Protection Board

Shorter ReadsTest-and-trace data sharing: a healthy lesson for private-sector businesses on the importance of transparency

Shorter ReadsGood(ish) news for BA

Shorter ReadsNew EDPB guidelines: copying and pasting GDPR provisions into your commercial agreements isn’t enough

Longer ReadsPrivacy Shield invalidated: what this means for your data flows to the US

Shorter ReadsNo Data Protection Impact Assessment (DPIA) undertaken for Test and Trace programme – but what is a...

Shorter ReadsPreparing for 4 July: Pubs and restaurants required to collect customers’ details

Shorter ReadsProtecting Personal Data as Lockdown unlocks

Shorter ReadsBabylon Health admits GP app suffered a data breach

VideosM&A: Cyber security and data privacy risks

Shorter ReadseasyJet’s woes worsen

Shorter ReadsCathay Pacific, British Airways, easyJet – what’s the connection?

Shorter ReadsDisputes arising from COVID-19 disruptions – skipping to Court or skipping Court?

Shorter ReadsData protection in the time of coronavirus

Shorter ReadsCoronavirus: Corporate Residence – Updated HMRC Guidance

Shorter ReadsCovid-19 cooperation: A new world for intellectual property rights

Longer ReadsWM Morrisons Supermarkets plc v Various Claimants – Supreme Court hands down decision

Shorter ReadsZoom under increased scrutiny as popularity rises

Shorter ReadsThe New Global Talent Visa

Longer ReadsPrivacy and real-time bidding: An updated guide for adtech vendors and publishers

Longer ReadsHow to limit reputational damage after a data breach

Shorter ReadsBritish Airways facing record GDPR fine

Longer ReadsAI: It’s time to ExplAIn

Shorter ReadsIt’s time to AI-xplain

Shorter ReadsWhy GDPR isn’t last year’s news

Shorter ReadsOfcom has fined Royal Mail £50 million for abuse of dominance

Shorter ReadsBreaking Point for KitKat?

Shorter ReadsWorld Cup 2018 – Celebrating success!

Shorter Reads4-to-3 mergers are never easy

Shorter ReadsGDPR – Smaller charities at risk

Shorter ReadsWill Meghan join the queue at the new US Embassy?

Shorter ReadsFlossy the UKIP Lion

Shorter ReadsCommission fines Scania €880 million for participating in trucks cartel

Longer ReadsDemystifying the UK government’s proposed reforms to data protection laws

Longer ReadsRecent trends in data breach litigation

Shorter ReadsRoyal Mail cybersecurity incident a reminder of the international reach of the UK GDPR

Longer Reads
Demystifying the UK government’s proposed reforms to data protection laws

Longer Reads
Recent trends in data breach litigation

Shorter Reads
Royal Mail cybersecurity incident a reminder of the international reach of the UK GDPR

Shorter Reads
Monitoring staff – employers should not expect to see staff chained to their desks all day

Podcasts
Directors’ duties – An introduction

Shorter Reads
Private equity’s embrace of ESG

Longer Reads
Salaries continue to fall in real terms despite unemployment levels at historic lows

Shorter Reads
Don’t dismiss the four-day week

Shorter Reads
‘Red tape’ reform for thousands of businesses

Shorter Reads
Scrapping GDPR regulations likely to cause additional red tape for UK businesses

Longer Reads
Don’t let your cookie compliance crumble

Videos
5 tips when seeking Private Equity investment

Shorter Reads
Data privacy update: International data transfers

Shorter Reads
P&O further wage cuts blocked

Shorter Reads
A debate: Will The Online Safety Bill Make The Internet Safer?

Shorter Reads
Data Subject Access Requests: Six key issues for HR Teams

Shorter Reads
Rights without responsibilities?

Shorter Reads
Data subject access requests are ‘weaponised’ as disgruntled customers seek to ‘tie businesses in knots’

Shorter Reads
AI regulation in financial services and how the UK diverges from EU rules

Longer Reads
Domestic CCTV: are you compliant?

Longer Reads
GDPR: New Guidelines on international data transfers

Longer Reads
Dear Santa…A Cautionary Data Privacy Tale

Podcasts
Article 27 of the GDPR – Do you need to appoint a UK/EU Data Representative?

Shorter Reads
Covid update: déjà vu – working from home again

Shorter Reads
ESG and Data Protection

Videos
ESG and the Private Investor

Podcasts
GDPR and Artificial Intelligence in the workplace

Longer Reads
What are the limits on video surveillance in the workplace?

Longer Reads
Complying with data laws when engaging with freelancers

Shorter Reads
UK data protection standards to be deemed adequate by the EU

Shorter Reads
Ikea fined €1 million for illegal staff surveillance

Shorter Reads
First, sack all the IP lawyers.

Shorter Reads
Is your personal data safe on Zoom?

Shorter Reads
Firmware cyber-attacks: the next big thing?

Shorter Reads
Website cookies crumble as they fail to meet legislation

Shorter Reads
Post-Brexit breathing space for EU-UK transfers of personal data

Shorter Reads
Now is the time to review your data protection policies

Longer Reads
The end of the Brexit transition period: what this means for your business’s data protection...

Videos
Control the process: mastering your data processing agreements

Shorter Reads
No rest for the European Data Protection Board

Shorter Reads
Test-and-trace data sharing: a healthy lesson for private-sector businesses on the importance of transparency

Shorter Reads
Good(ish) news for BA

Shorter Reads
New EDPB guidelines: copying and pasting GDPR provisions into your commercial agreements isn’t enough

Longer Reads
Privacy Shield invalidated: what this means for your data flows to the US

Shorter Reads
No Data Protection Impact Assessment (DPIA) undertaken for Test and Trace programme – but what is a...

Shorter Reads
Preparing for 4 July: Pubs and restaurants required to collect customers’ details

Shorter Reads
Protecting Personal Data as Lockdown unlocks

Shorter Reads
Babylon Health admits GP app suffered a data breach

Videos
M&A: Cyber security and data privacy risks

Shorter Reads
easyJet’s woes worsen

Shorter Reads
Cathay Pacific, British Airways, easyJet – what’s the connection?

Shorter Reads
Disputes arising from COVID-19 disruptions – skipping to Court or skipping Court?

Shorter Reads
Data protection in the time of coronavirus

Shorter Reads
Coronavirus: Corporate Residence – Updated HMRC Guidance

Shorter Reads
Covid-19 cooperation: A new world for intellectual property rights

Longer Reads
WM Morrisons Supermarkets plc v Various Claimants – Supreme Court hands down decision

Shorter Reads
Zoom under increased scrutiny as popularity rises

Shorter Reads
The New Global Talent Visa

Longer Reads
Privacy and real-time bidding: An updated guide for adtech vendors and publishers

Longer Reads
How to limit reputational damage after a data breach

Shorter Reads
British Airways facing record GDPR fine

Longer Reads
AI: It’s time to ExplAIn

Shorter Reads
It’s time to AI-xplain

Shorter Reads
Why GDPR isn’t last year’s news

Shorter Reads
Ofcom has fined Royal Mail £50 million for abuse of dominance

Shorter Reads
Breaking Point for KitKat?

Shorter Reads
World Cup 2018 – Celebrating success!

Shorter Reads
4-to-3 mergers are never easy

Shorter Reads
GDPR – Smaller charities at risk

Shorter Reads
Will Meghan join the queue at the new US Embassy?

Shorter Reads
Flossy the UKIP Lion

Shorter Reads
Commission fines Scania €880 million for participating in trucks cartel

Longer Reads
Demystifying the UK government’s proposed reforms to data protection laws

Longer Reads
Recent trends in data breach litigation

Shorter Reads
Royal Mail cybersecurity incident a reminder of the international reach of the UK GDPR

Shorter Reads
Monitoring staff – employers should not expect to see staff chained to their desks all...

Podcasts
Directors’ duties – An introduction

Shorter Reads
Private equity’s embrace of ESG

Longer Reads
Salaries continue to fall in real terms despite unemployment levels at historic lows

Shorter Reads
Don’t dismiss the four-day week