Privacy Commissioner of Canada Daniel Therrien issued a statement to CTV News and other media yesterday saying that it plans to reach out to Facebook regarding the misuse of its data by a third-party firm.
The Privacy Commissioner of Canada today issued this statement re: @facebook scandal pic.twitter.com/RY2loCuQL3
— Michel Boyer (@BoyerMichel) March 19, 2018
Cambridge Analytica, a U.K.-based company has been in media reports since the weekend with former employer-turned-whistleblower and Canadian Chris Wylie spoke out. In work it conducted for the campaign of U.S. President Donald Trump, the firm harvested Facebook data using a third-party app to build up personality profiles on voters in order to target them with political ads. Cambridge Analytica attained the data under the guise of conducting academic research, and then allegedly violated the terms of its agreements with Facebook, according to Wylie’s accounts to media. Facebook no longer allows third-party apps to collect data in this way, and it knew of the data breach with Cambridge Analytics two years ago, according to Wylie.
In the Privacy Commissioner’s statement, Therrien points out that Canada’s privacy law that applies to the private sector, the Personal Information Protection and Electronic Documents Act (PIPEDA), doesn’t apply to political parties.
“Ultimately, our goal is to ensure that the privacy rights of Canadian Facebook users are protected,” he says.
Therrien’s comments came after U.K. Information Commissioner Elizabeth Denham announced her office was launching an investigation into Facebook over the matter. Denham was previously the assistant privacy commissioner of Canada in from 2007-2011, and then the Privacy Commissioner of British Columbia until 2016.
Denham is seeking a warrant to search the office of the London headquarters of Cambridge Analytica, BNN reports. The investigation will also ask whether Facebook did enough to respond to the data breach after learning about it.
Cambridge Analytics and denied any misuse of data reported in the media, and says it deleted the Facebook data in 2014.
This isn’t the first time that Facebook has drawn the attention of Canada’s Privacy Commissioner. Here are a few past investigations into Canada’s most popular social network:
- July 15, 2008 – (During Denham’s tenure in the federal office as assistant commissioner): a report issued by the commissioner’s office found that Facebook was in violation of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).
- April 4, 2012 – Privacy Commissioner of Canada Jennifer Stoddart reported on investigations into three separate complaints against Facebook. It found Facebook needed to be more proactive about ensuring apps were privacy-compliant before rolling them out to users.
- July 11, 2013 – The Privacy Commissioner’s office releases a report on a complaint from a mother who’s daughter had been impersonated on Facebook. Facebook agreed to examine and investigate cases of impersonation and find ways to help affected victims reclaim their online identity.
