Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cambridge Analytica's Parent Pleads Guilty To Breaking UK Data Law (techcrunch.com)

Posted by msmash on from the some-justice dept.

Cambridge Analytica's parent company, SCL Elections, has been fined 15,000 Pound (roughly $19,000) in a UK court after pleading guilty to failing to comply with an enforcement notice issued by the national data protection watchdog, the Guardian reports. From a report: While the fine itself is a small and rather symbolic one, given the political data analytics firm went into administration last year, the implications of the prosecution are more sizeable. Last year the Information Commissioner's Office ordered SCL to hand over all the data it holds on U.S. academic, professor David Carroll, within 30 days. After the company failed to do so it was taken to court by the ICO. Prior to Cambridge Analytica gaining infamy for massively misusing Facebook user data, the company, which was used by the Trump campaign, claimed to have up to 7,000 data points on the entire U.S. electorate -- circa 240M people. So Carroll's attempt to understand exactly what data the company had on him, and how the information was processed to create a voter profile of it, has much wider relevance.

1 of 37 comments (clear)

  1. Re:Massively Misusing Facebook Data? by ljw1004 · · Score: 4, Informative

    Ok, still trying to understand. What law did they break. I'm by no means trying justifying what they did, but trying to have a conversation.

    The law they broke is the UK Data Protection Act. Read the Guardian article. It's all there. Even if, as you say, Cambridge Analytica obeyed the Facebook terms of service, nevertheless...

    (1) Cambridge Analytica held data on people; (2) Under UK law at the time - the "Data Protection Act" - if a company holds data on you, then the company is obliged to divulge that data to you personally upon your request; (3) someone did request their data and Cambridge Analytica ignored the request; (4) the UK's Information Commissioner's Office - which has authority under UK law relating to this part of the Data Protection Act - issued an enforcement notice which in the UK has weight of law, requiring Cambridge Analytica to comply with the request; (5) Cambridge Analytica declined the comply with the request arguing that it didn't have to; (6) a law court found that Cambridge Analytica did indeed have obey the enforcement notice, and had broken the law by not doing so.

    Summary: the law they broke is the UK Data Protection Act.