U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Spain – Facebook slapped with €1.2M fine for violating data protection regulations

The Spanish Data Protection Agency (AEPD) has issued a €1.2 Million fine against Facebook for violating data protection regulations. Other privacy problems for the tech giant Facebook, the company has been fined for a series of privacy violations in Spain. The Spanish Data Protection Agency (AEPD) has issued a €1.2 Million fine against Facebook for violating data protection regulations. According […]

Facebook phishing

The Spanish Data Protection Agency (AEPD) has issued a €1.2 Million fine against Facebook for violating data protection regulations.

Other privacy problems for the tech giant Facebook, the company has been fined for a series of privacy violations in Spain.

The Spanish Data Protection Agency (AEPD) has issued a €1.2 Million fine against Facebook for violating data protection regulations.

According to the AEPD, the social network giant collects users’ personal data without informed and ‘unequivocal consent’ for commercial purposes. It is sharing the data with advertisers and marketers without informing users, the company collects sensitive data on user’s ideology, religious beliefs, sex and personal tastes and navigation.

“The Agency notes that the social network collects, stores and uses data, including specially protected data, for advertising purposes without obtaining consent.

The data on ideology, sex, religious beliefs, personal preferences or browsing activity are collected directly, through interaction with their services or from third party pages without clearly informing the user about how and for what purpose will use those data” states the AGDP. 

“Facebook does not obtain unambiguous, specific and informed consent from users to process their data, since the information it offers is not adequate”

The list of violations continues, Facebook doesn’t totally cancel information when no longer needed for the purpose they were collected.

The Spanish Agency considered identified two serious and one very serious infringements of the Data Protection Law and imposes on the company a sanction of 1,200,000 euros.

Facebook privacy

The AEPD fined Facebook for €600,000 due to a “very serious” infringement, while the remaining two serious violations are:

  1. Tracking people through the use of “Like” button social plug-ins embedded in other non-Facebook web pages (FB slapped with €300,000).
  2. Failing to delete data collected from users once it has finished using it (FB  slapped €300,000).

The AEPD accuses Facebook of using a privacy policy containing “generic and unclear terms,” and that doesn’t “adequately collect the consent of either its users or nonusers, which constitutes a serious infringement.”

Below the reply of Facebook to the accusations:

“We take note of the DPA’s decision with which we respectfully disagree. Whilst we value the opportunities we’ve had to engage with the DPA to reinforce how seriously we take the privacy of people who use Facebook, we intend to appeal this decision.”

“As we made clear to the DPA, users choose which information they want to add to their profile and share with others, such as their religion. However, we do not use this information to target adverts to people.” states Facebook.

In May, the company was fined €150,000 because the techniques used to target advertising and track users.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – social network, privacy)

[adrotate banner=”12″]