Meta Platforms, Inc. (formerly Facebook) will pay $50 million to eligible Australian Facebook users impacted by the Cambridge Analytica data-sharing incident, marking a significant resolution under Australian privacy law. The payment comes as part of an enforceable undertaking agreed upon with the Office of the Australian Information Commissioner (OAIC) following a protracted court process.
The settlement follows civil penalty proceedings launched in March 2020 by the Australian Information Commissioner (AIC) against Meta. The Commissioner alleged that the personal information of approximately 311,074 Australian Facebook users was improperly accessed through the This Is Your Digital Life app.
The app, developed by Dr. Aleksandr Kogan and his company Global Science Research, exploited Facebook’s API to collect data not only from users who installed the app but also from their Facebook friends. This information was allegedly shared with Cambridge Analytica, a political consulting firm, and other entities for political profiling purposes, breaching Australian Privacy Act 1988 provisions.
The Cambridge Analytica scandal, first brought to light in 2018, exposed major flaws in Facebook’s handling of personal data and sparked global investigations into privacy violations. In Australia, the OAIC pursued Meta for breaching privacy laws, citing the severe risks posed to affected individuals. Commissioner Elizabeth Tydd, speaking on the settlement, described the outcome as the largest-ever payment dedicated to addressing privacy concerns in Australia.
The AIC investigation, led initially by then-Commissioner Angelene Falk, highlighted concerns about Facebook’s failure to protect user data and its serious or repeated breaches of the Australian Privacy Principles (APPs). Specifically, the Commissioner claimed Meta failed to take reasonable steps to protect data from unauthorized access and failed to provide adequate transparency about third-party app permissions. The period in question spans from 2 November 2013 to 17 December 2015, during which the app harvested significant amounts of user data.
Settlement terms
The agreed enforceable undertaking outlines a $50 million payment scheme to address the impact of the data breach on Australian users.
Individuals are eligible if they:
- Held a Facebook account between 2 November 2013 and 17 December 2015.
- Were present in Australia for more than 30 days during that period.
- Either installed the This Is Your Digital Life app or were Facebook friends with someone who installed the app.
Payments will be administered by an independent third-party administrator, who will be appointed by Meta. Users who experienced general concern or embarrassment due to the incident will receive a “base payment,” while those who can demonstrate specific loss or damage resulting from the data misuse may qualify for a higher compensation.
The payment program is expected to open for applications in the second quarter of 2025, with further details to be provided by the third-party administrator. Meta is also required to make reasonable efforts to notify affected users and publicize the program.
Meta’s compliance efforts
As part of the settlement, Meta has not admitted liability but acknowledged the Commissioner’s concerns. The company emphasized the steps it has taken since the incident to improve data privacy and security. These include:
- Restricting third-party app access to users’ data, particularly friends’ information, unless explicitly authorized.
- Reducing the data fields accessible via Facebook Login, such as religious views, political affiliations, and relationship details.
- Implementing robust monitoring, automated scans, and annual audits of third-party apps to ensure compliance with platform policies.
Australian Facebook users eligible for the payment scheme are advised to stay alert for official communications from Meta or the third-party administrator and look out for potential scams taking advantage of the settlement news.
FBI Warns of HiatusRAT Campaigns Targeting Web Cameras and DVRs
Leave a Reply