Facebook Inc. faces a formal probe by its main privacy regulator in the European Union following the leak of the personal data of more than half a billion users of the social media service.
Ireland’s Data Protection Commission on Wednesday opened an inquiry following media reports earlier this month showing “that a collated dataset” of Facebook users’ personal data “had been made available on the internet,” the authority said in a statement.
Personal information on 533 million Facebook users reemerged on a hacker website in early April. The information included phone numbers and email addresses of users, the Irish regulator said in a statement earlier this month. Facebook has said the data is old and was already reported on in 2019.
Facebook said it’s “cooperating fully” with the Irish authority and that the probe “relates to features that make it easier for people to find and connect with friends on our services.” It said the features “are common to many apps and we look forward to explaining them and the protections we have put in place.”
The EU’s General Data Protection Regulation, or GDPR, took effect in May 2018, paving the way for national authorities in the 27-nation bloc to levy fines on companies of as much as 4% of annual sales. Facebook is among a number of big U.S. tech giants that have set up an EU hub in Ireland.
According to the Irish agency’s last annual report, the regulator has 27 open privacy probes targeting companies such as Apple Inc. and Google, nine of which focus on Facebook.
The probe will determine “whether Facebook Ireland has complied with its obligations, as data controller, in connection with the processing of personal data of its users by means of the Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer features of its service,” the regulator said in its statement said.