Facebook gets the wind in both Ireland, the US and Canada. A privacy investigation, a legal investigation and a lawsuit about three different privacy scandals are starting from the three countries.
In the US, New York Public Prosecutor, Letitia James, is launching an investigation into Facebook that gathered unsolicited contacts from one and a half million members.
Facebook did that when it asked for new members not only the e-mail address but also the password for a short time. This enabled Facebook to check whether the email address was valid immediately.
What Facebook did not say is that it was unsolicited all e-mail addresses from that mailbox.
In the meantime, Ireland, where Facebook has its European headquarters, is starting an investigation into the fact that Facebook saved hundreds of millions of passwords internally as plain text instead of encrypting them.
This enabled thousands of Facebook employees to view passwords just like that.
Facebook admitted the problem itself, but the Irish privacy regulator now wants to investigate to what extent that practice violates the GDPR.
In Canada, the OPC privacy regulator is already one step further. Following the Cambridge Analytica scandal, the organisation began an investigation, the report of which appeared this week.
That report states that Facebook did not request permission from Canadian users to share their data with Cambridge Analytica.
The OPC believes that Facebook, despite apologies for this scandal, does too little for privacy and uses vague terms that are so elastic that they do not offer decent privacy protection. That is why it is dragging Facebook to court to fight the case legally.
