Facebook fined a paltry £500,000 (8 minutes’ revenue) over Cambridge Analytica scandal

Under GDPR rules the fine could have been as high as £1.2 billion.

Facebook fined a paltry £500,000 (8 minutes' revenue) over Cambridge Analytica scandal

The UK’s Information Commissioner’s Office (ICO) has announced that Facebook will be fined £500,000 – the maximum amount possible – for two breaches of the Data Protection Act 1998 in connection with the Cambridge Analytica scandal.

You’ll remember that Cambridge Analytica burst onto the front pages of the newspapers after it emerged that an app had harvested the profiles of 87 million Facebook users.

According to the ICO, Facebook broke the law by failing to safeguard people’s information, and also failed to be transparent about how users’ data could be harvested by others.

Sign up to our free newsletter.
Security news, advice, and tips.

In a tweet, journalist Charles Arthur pointed out that the £500,000 was not going to worry Facebook one jot, as it amounted to less than ten minutes’ worth of revenue for the company.

£500,000 to Facebook isn’t even a mosquito bite. It’s barely a drop in the ocean. If Facebook had been fined under Europe’s new GDPR rules the maximum penalty could have been as much as £1.2 billion.

Even £1.2 billion would only amount (and I’m taking Charles’s word for this, as my maths is rubbish) to around 14.5 days’ revenue for the internet giant.

The ICO’s £500,000 fine for Facebook comes as part of a broader investigation into whether personal data was misused by campaigns on both sides of UK’s Brexit referendum, and includes political parties, data analytics parties, as well as social media platforms.

Whistleblower Christopher Wylie didn’t mince his words.

Now feels like an appropriate juncture to point you towards the “Smashing Security” podcast about how to quit Facebook.

Smashing Security #75: 'Quitting Facebook'

Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...

For much more information and background on the controversy surrounding Facebook and Cambridge Analytica, read the following articles:

Further reading: Cambridge Analytica controversy: Was there a Facebook data breach?

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.