Hot potato: Facebook bosses face questioning by legislators and regulators about the misuse of personal data. Picture: REUTERS
Hot potato: Facebook bosses face questioning by legislators and regulators about the misuse of personal data. Picture: REUTERS

Brussels — Revelations that data belonging to 87-million Facebook users may have been misused have become a game changer for data protection as regulators seek to raise awareness about how to secure information.

Elizabeth Denham, the British privacy regulator leading the European investigations into how user data ended up in the hands of political consulting firm Cambridge Analytica, says the technology industry and regulators must improve the public’s trust and confidence in how private information is handled.

"The dramatic revelations of the last few weeks can be seen as a game changer," Denham told data protection practitioners at her agency’s annual conference. "Suddenly everyone is paying attention. The media, the public, parliament, the whole darn planet it seems."

Denham’s agency is combing through evidence it gathered at the offices of Cambridge Analytica following reports that the firm had obtained swathes of data from a researcher who transferred the data without Facebook’s permission.

Her office had been reviewing the use of data analytics for political purposes since May 2017 and was investigating 30 organisations, including Facebook, Denham said.

"Our investigation into the use of personal data analytics for political purposes by campaigns, parties, social media companies and others will be measured thoroughly and independently. Only when we reach our conclusions based on the evidence will we decide if enforcement action is warranted."

Her remarks come ahead of a meeting of the EU’s 28 data watchdogs in Brussels to discuss the issue and a call between Facebook chief operating officer Sheryl Sandberg and the bloc’s justice commissioner.

Starting in May, EU privacy regulators will get the power to fine companies as much as 4% of global annual sales under new data protection rules.

Denham said she had no intention of changing her office’s "proportionate and pragmatic approach" after that date and "hefty fines will be reserved for those organisations that persistently, deliberately or negligently flout the law".

Facebook CEO Mark Zuckerberg will testify on Tuesday and Wednesday before congressional panels investigating the mishandling of its data and other revelations about the social media company.

Legislators and regulators in Europe are also seeking answers to questions about how the data of 2.7-million people in the EU could have ended up in the hands of a consulting firm that worked on Donald Trump’s US presidential campaign.

Italy’s privacy watchdog will meet Facebook’s deputy chief global privacy officer Stephen Deadman on April 24 as part of its investigation into the scandal.

Two days later, Facebook will send its chief technology officer Mike Schroepfer to answer questions from a British parliamentary committee investigating the effect of social media on recent elections.

On Monday, Denham’s office launched a public awareness campaign called Your Data Matters, which seeks to restore people’s trust in how data is treated. "The proper use of personal data can achieve remarkable things," she said. "Now, more than ever, the role of data protection practitioner is not just as a guardian of privacy but as an ambassador for the appropriate use of personal data in line with the law."