Japan Orders Facebook to Better Protect Users' Data | Digital Guardian

The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls

Digital Guardian's Blog

Japan Orders Facebook to Better Protect Users' Data

by on Wednesday October 24, 2018

Contact Us
Free Demo

Japan asked Facebook on Monday to better safeguard its users data following several breaches - one of 29 million users, another of 87 million users - this year.

Facebook, this year’s perennial loser, at least when it comes to privacy, was reprimanded yet again on Monday after Japan ordered the company to improve its data protection practices.

Japan’s Personal Information Protection Commission, a nine-person commission tasked with protecting the personal information of Japanese citizens, called on Facebook to better communicate its security issues to users, increase surveillance of providers of applications on its platform, and inform regulators of any change in security measures

While not a mandate - the issue is merely a recommendation, there's no administrative order or legal repercussion if Facebook fails to follow through - it's another thorn in the company’s side.

The request come after a series of security missteps for the company, including the breach of 87 million individuals data by Cambridge Analytica, a U.K.-based political consulting firm in April, and last month, when the company said attackers managed to take data from 29 million accounts after exploiting a flaw in the service's "View As" feature.

According to the Associated Press, one of the first agencies to report the news Monday morning, it's the first time the government commission has issued a warning like this to an online entity.

Facebook, in response, made a post to the Newsroom section of its Japanese site on Monday, addressing the Personal Information Protection Committee's order.

In the post, Facebook points out changes its made both in the last several years and months around its data policies, namely the debut of its privacy center, a portal that tells users how to manage their data.

“We have been presenting and updating privacy product functions with government agencies and privacy experts,” Facebook said Monday, “We will continue to investigate the application and make necessary changes to enhance the safety of the platform and we will do our utmost to develop products and functions to protect users' information.”

Facebook also pointed out updates its made to the social network like the personal data management tool, which it released in May following the Cambridge Analytics scandal, and how the company handles General Data Protection Regulation (GDPR) compliance.

Japan and the EU agreed to recognize each nation's data protection systems in July. The European Commission called the bond at the time “the world's largest area of safe transfers of data based on a high level of protection for personal data,” adding that Europeans would benefit from strong protection of their personal data in line with EU privacy standards when their data is transferred to Japan.

Japan’s warning to Facebook comes after a weekend in which it was reported the company may be looking to acquire a cybersecurity firm in wake of its recent security kerfuffles. That's at least according to The Information, which cited four internal sources familiar with the matter in an article on Sunday. While Facebook didn’t confirm nor deny the news it certainly wouldn’t be surprising news given its track record as of late.

Tags: Privacy, Data Privacy

Recommended Resources

  • Understand technologies that enable compliance
  • Common pitfalls and challenges to be aware of
  • How to build a sustainable GDPR compliance program
  • The people, process, and technology impacts of GDPR
  • The top challenges to GDPR compliance
  • How to address them and improve your GDPR position

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.