Facebook, this year’s perennial loser, at least when it comes to privacy, was reprimanded yet again on Monday after Japan ordered the company to improve its data protection practices.

Japan’s Personal Information Protection Commission, a nine-person commission tasked with protecting the personal information of Japanese citizens, called on Facebook to better communicate its security issues to users, increase surveillance of providers of applications on its platform, and inform regulators of any change in security measures

While not a mandate - the issue is merely a recommendation, there's no administrative order or legal repercussion if Facebook fails to follow through - it's another thorn in the company’s side.

The request come after a series of security missteps for the company, including the breach of 87 million individuals data by Cambridge Analytica, a U.K.-based political consulting firm in April, and last month, when the company said attackers managed to take data from 29 million accounts after exploiting a flaw in the service's "View As" feature.

According to the Associated Press, one of the first agencies to report the news Monday morning, it's the first time the government commission has issued a warning like this to an online entity.

Facebook, in response, made a post to the Newsroom section of its Japanese site on Monday, addressing the Personal Information Protection Committee's order.

In the post, Facebook points out changes its made both in the last several years and months around its data policies, namely the debut of its privacy center, a portal that tells users how to manage their data.

“We have been presenting and updating privacy product functions with government agencies and privacy experts,” Facebook said Monday, “We will continue to investigate the application and make necessary changes to enhance the safety of the platform and we will do our utmost to develop products and functions to protect users' information.”

Facebook also pointed out updates its made to the social network like the personal data management tool, which it released in May following the Cambridge Analytics scandal, and how the company handles General Data Protection Regulation (GDPR) compliance.

Japan and the EU agreed to recognize each nation's data protection systems in July. The European Commission called the bond at the time “the world's largest area of safe transfers of data based on a high level of protection for personal data,” adding that Europeans would benefit from strong protection of their personal data in line with EU privacy standards when their data is transferred to Japan.

Japan’s warning to Facebook comes after a weekend in which it was reported the company may be looking to acquire a cybersecurity firm in wake of its recent security kerfuffles. That's at least according to The Information, which cited four internal sources familiar with the matter in an article on Sunday. While Facebook didn’t confirm nor deny the news it certainly wouldn’t be surprising news given its track record as of late.