Colombia’s Superintendency for Industry and Commerce (SIC) ordered social media platform Facebook to step up measures to protect users’ data.
In a February 13 ruling that was made public on Monday, the watchdog agreed with a suit that was filed last year that claimed the company’s efforts to protect the theft or abuse of its users’ data were insufficient.
The SIC ordered Facebook’s Colombia office to implement measures to protect the data of the platform’s 31 million users in Colombia.
These measures must be verified by a third party analyst before June 14 to make sure the company complied with its constitutional obligation to adequately protect the private information of citizens.
What must Facebook do?
According to the SIC, Facebook must comply with a 2012 law that obliges private companies to guarantee “the technical, human and administrative measures necessary to secure the records against the unauthorized or fraudulent use, tampering, loss, consultation, use or access,” which it apparently doesn’t in Colombia.
All individuals have the right to their personal and family privacy and their good name, and the State must respect and ensure respect for these rights. Similarly, they have the right to know, update and rectify the information that has been collected about them in data banks and archives of public and private entities. In the collection, processing and circulation of data, the freedom and other guarantees enshrined in the Constitution shall be respected.
Article 15 of Colombia’s constitution
Why the concern?
The claimants asked the SIC to order improved security measures after the website of now-defunct UK company Cambridge Analytica claimed it had supported an election candidate in Colombia with “reputation management” through data collection.
This claim was later denied by former Cambridge Analytica director Brittany Kaiser, who told British parliament that the company talked to three different campaigns in the South American country, but was never hired to campaign for any of them.
Cambridge Analytica used Facebook’s security breaches to illegally mine user data for electoral propaganda purposes between 2015 and 2018.