Meta hit with $102 million privacy fine from European Union over 2019 password security lapse

印刷用画面を開く

Posted

Category: Top Stories

Listening

Unlocking Word Meanings

Read the following words/expressions found in today’s article.

  1. lapse / læps / (n.) – a temporary failure to think or act in the usual or proper way
    Example:

    The company apologized for the lapse in customer service and promised to improve its support team.


  2. inadvertently / ˌɪn ədˈvɜr tnt li / (adv.) – in a way that is accidental or not intended
    Example:

    The door was left unlocked because someone inadvertently forgot to check it before leaving.


  3. encrypt / ɛnˈkrɪpt / (v.) – (in computing) to change information into a special code so that only certain people can read it
    Example:

    The sensitive data was encrypted to protect it from hackers trying to access the system.


  4. subset / ˈsʌbˌsɛt / (n.) – a smaller group that is part of a larger group
    Example:

    A subset of the population is often used in surveys to represent the larger group for easier analysis.


  5. constructively / kənˈstrʌk tɪv li / (adv.) – in a helpful way, usually building or improving something
    Example:

    Instead of arguing, they talked constructively about their differences and found a solution together.


Article

Read the text below.

Meta was punished in September with a fine worth more than $100 million from the social media giant’s European Union privacy regulator over a security lapse involving passwords for Facebook users.


The Irish Data Protection Commission said it slapped the U.S. tech company with a 91-million-euro ($101.6-million) penalty following an investigation.


The watchdog started investigating in 2019 after it was notified by Meta that some passwords had been inadvertently stored internally in plain text, which means they weren’t encrypted and it was possible for employees to search for them.


Deputy Commissioner Graham Doyle said it’s “widely accepted” that user passwords should not be stored in plain text, “considering the risks of abuse.”


Meta said a security review found that a “subset” of Facebook users’ passwords were “temporarily logged in a readable format.”


“We took immediate action to fix this error, and there is no evidence that these passwords were abused or accessed improperly,” the company said in a statement. “We proactively flagged this issue to our lead regulator, the Irish Data Protection Commission, and have engaged constructively with them throughout this inquiry.”


It’s the latest in a series of hefty fines for Meta and its social media platforms from the Dublin-based watchdog, which is the company’s lead regulator under the 27-nation EU’s stringent data privacy rulebook. They include a 405 million euro fine for Instagram over mishandling teen data, a 5.5 million euro penalty involving WhatsApp, and a 1.2 billion euro fine for Meta over transatlantic data transfers.


This article was provided by The Associated Press.


Viewpoint Discussion

Enjoy a discussion with your tutor.

Discussion A

  • A subset of Facebook users’ passwords had been inadvertently stored internally in plain text which can be seen by any of the company’s employees. Does hearing about security lapses like this one affect your trust in social media platforms? Why or why not? What do you think social media companies could do to regain trust after a lapse? Discuss.
  • The investigation started when Meta reported the lapse. Do you think Meta handled the situation responsibly by reporting the problem and fixing it? Why do you say so? How important is it for companies to admit their mistakes publicly? Discuss.

Discussion B

  • Who do you think is more responsible for protecting user data: the company or the user? Why? How do you think companies could help users avoid making common password mistakes (ex. require a strong password, put up reminders on their sites)? Discuss.
  • Have you ever had concerns about the security of your online accounts? What steps do you take to keep your online accounts and passwords safe? Discuss.