In the aftermath of the Facebook / Cambridge Analytica scandal, Facebook has upped the reported number of user profiles included from the original number 50 million to 86 million. Most of those users profiles were from Americans but 660,000 of them were Canadian. Those are some big numbers.
To give credit where credit is due, CEO Mark Zuckerberg just announced that Facebook will be providing security consistent with the new European based “General Data Protection Regulation” (GDPR), to ALL Facebook users regardless of their country. This is a major step for Facebook and its users, because GDPR is without a doubt the toughest privacy regulations in the world and after 3 years of notice, it comes into effect April of 2018.
A simplified summary of GDPR is:
- Because of cross agreements between countries, it effectively applies everywhere in the world for all but the smallest companies
- Personal data can not be collected without a business purpose
- Personal data must be deleted (without request) as soon as the ORIGINAL business use for collecting that data is complete
- Companies must be able to PROVE they are protecting personal data.
- Companies MUST test their data protection systems and keep reports on its effectiveness
- This is ever evolving and companies cannot claim that security they put in place last year is sufficient for this year
- Data breaches must be reported to the affected people and the the GDPR regulator within 72 hours
For a more details, see our article: The Top 10 Things Everyone Needs To Know About GDPR