DUBLIN (Reuters) - Facebook’s lead regulator in the European Union, the Irish Data Protection Commissioner, is “following up” with the U.S. internet giant to ensure its oversight of app developers’ use of its data is effective, her office said on Tuesday.
Britain is investigating whether Facebook (FB.O) did enough to protect data after a whistleblower said a London-based political consultancy hired by Donald Trump improperly accessed information on 50 million Facebook users to sway public opinion.
Facebook, like a number of U.S. multinationals, has its European headquarters in Dublin and the office of Irish Data Protection Commissioner Helen Dixon said she was looking into the matter.
“The Irish DPC is following up with Facebook Ireland in relation to what forms of active oversight of app developers and third parties that utilise their platform is in place with a view to ensuring it is effective,” it said in a statement.
The micro-targeting of social media users with political advertisements is “an ongoing issue”, it added.
But it said that issues reported by Britain’s Observer newspaper “affected substantially U.S. Facebook users” and was already being investigated by the British regulator.
Facebook said in a statement that if Cambridge Analytica still held the data it would be a “grave violation of Facebook’s policies.” Cambridge Analytica has denied all the media claims.
The Irish government has significantly increased the funding of the DPC in recent years following accusations its regulation system was weak.
In 2011 Austrian privacy activist Max Schrems submitted a complaint to the Irish regulator about the use of Facebook users’ friends’ data by third-party apps without their direct consent.
That complaint was rejected, but the DPC said it recommended in 2012 that Facebook reconsider its policy of allowing the data of friends of Facebook users to be harvested by app-owners.
In May 2014, access to friends data was restricted by Facebook in a platform upgrade, the DPC said.
Asked on Tuesday about concerns over regulation in Ireland, where U.S. internet multinationals are major employers, Irish Prime Minister Leo Varadkar said the system was “robust” and the government would continue to increase the DPC’s resources.
“I don’t think we can be any way complacent about the risks that are posed by people interfering in elections,” Varadkar said.
Schrems told Irish broadcaster RTE on Tuesday that the issue described by a whistleblower in the Observer was exactly what was described in the complaint to the Irish DPC in 2011 and that the regulator “could probably have prevented” Cambridge Analytica from securing that data.
The DPC did not directly respond when asked if its actions had allowed Cambridge Analytica to harvest data.
Reporting by Conor Humphries, editing by Padraic Halpin and David Stamp