The Irish Data Protection Commission (DPC) is launching an investigation into a resurfaced data leak that exposed the personal information of over half a billion users. Over the course of the investigation, the DPC will determine whether Facebook violated the EU’s personal data rights.
The DPC Sets Its Sights on Facebook
In early April 2021, the personal details of 533 million Facebook users were posted online, compromising users’ email addresses, locations, phone numbers, and birth dates. The dataset originated from a 2019 leak, but it was never made public until it was posted in a hacking forum.
In a press release on the DPC website, the DPC announced that it is launching an investigation into the data leak. The DPC believes that Facebook may have infringed on users’ personal data rights, stating:
The DPC, having considered the information provided by Facebook Ireland regarding this matter to date, is of the opinion that one or more provisions of the GDPR and/or the Data Protection Act 2018 may have been, and/or are being, infringed in relation to Facebook Users’ personal data.
The DPC also aims to find out whether Facebook Ireland “has complied with its obligations, as data controller, in connection with the processing of personal data of its users.”
Just days before the DPC announced its investigation, Didier Reynders, the EU Commissioner for Justice, sent out a Tweet saying that he spoke with the DPC to discuss the Facebook leak.
“The Commission continues to follow this case closely and is committed to supporting national authorities,” Reynders wrote. “We also call on Facebook to cooperate actively and swiftly to shed light on the identified issues.”
Today I spoke with Helen Dixon @DPCIreland about the #FacebookLeak. The Commission continues to follow this case closely and is committed to supporting national authorities. We also call on @Facebook to cooperate actively and swiftly to shed light on the identified issues.
— Didier Reynders (@dreynders) April 12, 2021
A Facebook spokesperson told CNBC that it’s “cooperating fully” with the DPC, and notes that the 2019 leak involved “features that make it easier for people to find and connect with friends on our services.” It also stated that “these features are common to many apps and we look forward to explaining them and the protections we have put in place.”
Can You Still Trust Facebook?
This is one of the largest Facebook data leaks to date and is definitely a cause for concern for Facebook users. Although the data is from 2019, it’s still worrisome to have your personal information exposed online, especially when it’s your phone number or name.
For peace of mind, you can check if your email address was exposed by using Have I Been Pwned. The tool checks to see if your email was exposed in any data breaches, including the most recent Facebook data leak.
About The Author