Facebook fined over privacy breach in Turkey

The Turkish government has fined Facebook $282,000 over the violation of data protection laws, which affected nearly 300,000 citizens of the country. A huge data breach exposed millions of Facebook users’ personal photos, reported by the Turkey official Personal Data Protection Board (KVKK).

The board took this decision after the bug permitted third-party applications to access photos of more than 6.8 million Facebook users through a photo application programming interface.

Facebook was accused of not preventing this on time, which shows there were insufficiencies in technical security regarding the issue. Facebook did not make any statement about the personal data breach, which is a violation of Turkish Data Protection Law article 12(5).

The KVKK said, “it decided to fine US-based social network for failing to fix the bug in time, but also for neglecting to notify Turkish authorities of the incident.”

Facebook’s “View your Timeline as someone else,” “Birthday celebration tool” and “Video uploader” services caused the data leak, told by the Turkish watchdog.

Due to the breach, name, gender, birthday, educational background, religion, relationship status, hometown and location information of more than 281,000 users got compromised, said the Personal Data Protection Authority.

Facebook was fined 1.15 million Turkish liras ($201,865) for the breach, and 450,000 Turkish liras (nearly $79,000) for not providing notice of the breach intentionally.

This is not the first time Facebook got finned by the authorities over the data breach. In June, the United States fined Facebook $5 billion for privacy violations, which is the largest ever fine imposed by the Federal Trade Commission on a tech company.

Being a famous social media network, Facebook has been under the attacks of such breaches for a very long time. Earlier this year, in March, Facebook disclosed a security violation, when they admitted that they have stored hundreds of millions of users’ passwords in plaintext. In another incident in which Facebook investigated for September 2018 data breach. The case was about unknown attackers, who exploited three bugs, stole personal details of around 30 million users.