Facebook has agreed to pay a 500,000 pound ($644,000) fine for breaches of data protection law related to the harvesting of data by consultancy Cambridge Analytica, Britain’s information rights regulator said on Oct. 30.
Facebook CEO Mark Zuckerberg has faced questioning by U.S. and EU lawmakers over how the political consultancy obtained the personal data of 87 million Facebook users from a researcher.
The fine may be small for a company worth $540 billion, but it is the maximum the Information Commissioner’s Office (ICO) could issue and represents the first move by a regulator to punish Facebook over the Cambridge Analytica scandal.
The ICO issued the fine last year after it said data from at least 1 million British users had been among the information harvested by the researcher and used for political purposes.
On Wednesday the ICO said that in dropping its appeal and agreeing to pay the fine, Facebook had not made an admission of liability.
“The ICO’s main concern was that UK citizen data was exposed to a serious risk of harm. Protection of personal information and personal privacy is of fundamental importance,” said ICO Deputy Commissioner James Dipple-Johnstone.
British lawmakers have criticized Facebook’s response to the data scandal and Zuckerberg’s refusal to appear and answer questions in the UK over its protections and political advertising.
They have also raised concerns over the use of social media in Britain’s 2016 referendum on leaving the European Union.
Facebook’s Chief Technology Officer last year apologized for errors made by the company and vowed to do more to improve transparency during a four-hour grilling by lawmakers, though he said there was no evidence Cambridge Analytica had managed referendum-related advertisements.
“We made major changes to our platform back then, significantly restricting the information app developers could access,” said Harry Kinmouth, Facebook’s Associate General Counsel.
“Protecting people’s information and privacy is a top priority for Facebook, and we are continuing to build new controls to help people protect and manage their information.”