Briefing: The $5 billion penalty for FB
Updated: Aug 2, 2019
What is happening?
A record US $5 billion settlement was issued by the US Federal Trade Commission (FTC) to Facebook on Wednesday (26/07/2019), as part of the agreement ending years-long investigation into Cambridge Analytica scandal and other privacy violations.
The penalty is the largest ever imposed on any business for violation of privacy laws and one of the largest ever issued by the US government for any legal impeachments. In order to settle the agreement, Facebook will need to pay $5 billion and impose a series of new restrictions on the business regarding collection and usage of user data and set up a privacy committee within its board of directors appointed by an independent nominating committee.
So what does this mean for other businesses?
The magnitude of the penalty and order of intervention to one of the world’s largest technology giants demonstrates the growing determination and increasing importance placed by the government on improving data governance frameworks and laws concerning privacy issues, and this calls for an overhaul of privacy controls and oversight by businesses across the world.
In the big data era, many businesses are undertaking digital transformation and leveraging data to drive business value. The penalty issued by FTC to Facebook based on privacy violations and other misconducts around usage of user data is a wakeup call for businesses to have a fundamental mentality shift when it comes to data asset management and to review their risk profiles with existing operations.
With the advantages of being a global financial centre and with easy access to huge pool of local talents, Hong Kong is well placed to become a blossoming technology hub. To address and monitor this growing sector, the Hong Kong government has passed laws to monitor and govern how enterprises ought to behave when dealing with sensitive information of their clients and customers, with the most prominent of these being the Personal Data (Privacy) Ordinance, otherwise known as the PDPO.
The PDPO focuses on six core data protection principles including collection, retention, usage, security, openness and access. Although non-compliance with the above data protection principles does not constitute a criminal offence directly, contravention with the enforcement notices issued secondary to non-compliancy is, and offenders may be slapped with a whopping maximum fine of $50,000 HKD.
To ensure businesses comply with the latest regulations and laws on data governance and privacy, businesses may engage with third party auditing firms to receive advice and feedback on their current processes and internal policies.
And this is where we come in.
At Aurum (Data Governance) Consultancy, our mission is to mitigate the compliance and technological risks for businesses of those undertaking the course of digital transformation. Our Transformational Productised Service (TPS) package provides the following:
· Assessment - we advise businesses on their operation, product and/or service in terms of the risk of non-compliance of data protection and cyber-security risk.
· Implementation - we help businesses to build and implement programmes which would enhance their data protection framework, and help businesses to draft up policies, procedures and guidelines to mitigate the risks.
· Monitoring - we monitor the ever-changing regulatory landscape on behalf of our clients and to continue to help their businesses to update their data protection framework, so that they are not exposed to vulnerabilities and threats in terms of compliance and risk issues.
Separate to the above, Aurum (Data Governance) Consultancy also organises and provides data protection and governance training and workshops to assist professionals, businesses and communities interested in digital transformation.
Why choose Aurum?
At Aurum (Data Governance) Consultancy, our consultants boast years of experience in both legal and technology sectors across the globe. We value our relationship with our clients and place the needs of clients as our highest priority. We are proud of our work ethic and focus on being simpler, better and smarter than our competitors.
How can your business engage with our service?
Please reach out to firstname.lastname@example.org or Tel: +852 3725 4806.