News and Events

Irish Data Protection Commission begin investigation into Facebook

View profile for Thomas Emmett
  • Posted
  • Author

Around May 2018, I was very busy assisting clients in their preparations for the then incoming General Data Protection Regulation. I don’t think there was a day around that time that I did not use the acronym “GDPR”.  

Two topics were of particular concern to clients – whether sending marketing emails would cause them to be in breach of the regulations and the consequences of falling foul of the GDPR. The latter will now have to be considered by Facebook, after the recent announcement by the Irish Data Protection Commission that it has opened a formal investigation into its recent data breach. 

The GDPR and marketing emails

The Commission will decide whether Facebook should be fined for failing to prevent hackers from being able to access up to 50 million of Facebook’s users’ accounts. The Commission will focus, in particular, on Facebook’s compliance with its obligations under the GDPR to implement appropriate technical and organisational measures to ensure the security and safeguarding of the personal data it processes.  

Irish Data Protection Commission

The monetary penalties under the GDPR fall into two classifications: 
  1. for less severe breaches the maximum fine is €10 million or 2% of a company’s global annual revenue (whichever is greater); or, 
  2. for more serious breaches, the maximum fine is €20 million or 4% of a company’s global annual revenue (whichever is greater). 
Taking into consideration of the size of the breach, it is likely (although not confirmed) that, if found to be in contravention of the regulations, the penalty for Facebook would fall into the latter category. The fine, should it be set at the maximum level, would be significant considering the global annual revenue of Facebook. 
If you require any assistance with your business’s data protection requirements, please do not hesitate to contact me. I’m available at our Basildon office on 01245 453847 or by email at