Late last month, the United Kingdom's Information Commissioner Office (ICO) issued a hefty £500,000 ($638,744) fine to Facebook due to the misuse of user data related to the Cambridge Analytica scandal that was brought to the spotlight earlier this year. It probably comes as no surprise, but the social network has now decided to appeal that decision.
The investigation conducted by the ICO, which resulted in the fine levied in October, suggested that over one million UK citizens may have had their data misused, even though the scandal was deeply related to the 2016 United States elections. Facebook, however, says that the ICO has found no evidence of that happening. Instead, in a statement, the company states that the issues raised aren't related to Cambridge Analytica so much as they are to the way users are allowed to share information online:
"The ICO's investigation stemmed from concerns that UK citizens' data may have been impacted by Cambridge Analytica, yet they now have confirmed that they have found no evidence to suggest that information of Facebook users in the UK was ever shared by Dr Kogan with Cambridge Analytica, or used by its affiliates in the Brexit referendum.
Therefore, the core of the ICO's argument no longer relates to the events involving Cambridge Analytica. Instead, their reasoning challenges some of the basic principles of how people should be allowed to share information online, with implications which go far beyond just Facebook, which is why we have chosen to appeal.
For example, under ICO's theory people should not be allowed to forward an email or message without having agreement from each person on the original thread. These are things done by millions of people every day on services across the internet, which is why we believe the ICO's decision raises important questions of principle for everyone online which should be considered by an impartial court based on all the relevant evidence."
While Facebook has chosen to appeal the fine, one might think that the social network might consider itself lucky. Had the decision been made under the General Data Protection Regulation and Data Protection Act that went into effect earlier this year, the price to pay could have been as high as £17 billion ($21.72 billion). Both sides will now have to wait for a decision from the General Regulatory Chamber to know whether the fine will have to be paid or not.