The ICO intends to fine Facebook a maximum £500,000 fine for the social network's role in the Cambridge Analytica scandal. The information of an estimated 87 million Facebook users was improperly shared with the political consultancy through a quiz that collected data from participants and their friends.
The ICO's investigation found Facebook guilty of two breaches of the Data Protection Act 1998: failing to safeguard user information and lacking transparency about how their data was harvested.
Facebook has a chance to respond to the Commissioner's Notice of Intent, after which a final decision will be made. The £500,000 fine is a paltry sum for a company that made $11.97 billion (£9 billion) in revenues in the first quarter of 2018 and the figure could have been far higher if the breaches had occurred before the GDPR came into force.