The UK’s privacy watchdog has asked Facebook’s lead EU regulator to look into ongoing data protection concerns about its ad platform — including how its platform is being used to target and spread fake adverts to try to manipulate voters.
Facebook’s international HQ is in Ireland so the regulator in play here is the Irish Data Protection Commission.
The ICO noted the action in a 113-page report to parliament yesterday giving an update on its long-running investigation into the use of data analytics in political campaigns — writing:
We have referred our ongoing concerns about Facebook’s targeting functions and techniques that are used to monitor individuals’ browsing habits, interactions and behaviour across the internet and different devices to the to the IDPC. Under the GDPR, the IDPC is the lead authority for Facebook in the EU. We will work with both the Irish regulator and other national data protection authorities to develop a longterm strategy on how we address these issues.
A spokesperson for the watchdog told us these concerns fall outside the remit of that still partially ongoing investigation, which was triggered by the Cambridge Analytica data misuse scandal.
So the issues of concern are not the same issues that the ICO fined Facebook for last month, when it handed the company the maximum possible penalty under the UK’s previous data protection regime. Hence the referral to the Irish DPC.
We’ve reached out to Facebook for comment on the referral.
A spokesman for the Irish regulator told us: “The DPC has yet to receive any information from the ICO.”
Giving one example of its concerns, the ICO’s spokesperson pointed to recent news reports flagging fake political ads that had passed Facebook’s checks and been able to circulate on the platform — until being spotted by journalists, after which they got pulled by Facebook.