Facebook Inc. was hit by a trio of investigations over its privacy practices opened by the authorities of Ireland, Canada and the USA on Thursday.
Irish data protection authority looking into the breach of “hundreds of millions” of Facebook and Instagram user passwords that were stored in plaintext on its servers. The Irish authorities will investigate the case under the European GDPR data protection law. If Facebook is found guilty, it faces a fine of up to 4% of its annual revenue, that is, several billion dollars.
The Office of the Privacy Commissioner of Canada found “serious contraventions” of national privacy laws. Authorities were investigating the scandal with Cambridge Analytica and the loss of data to 87 million Facebook users. A Canadian regulator plans to resolve a conflict with Facebook in federal court.
Lastly, New York State law enforcement is looking into the recent “unauthorized collection” of 1.5 million user email addresses, which Facebook used for profile verification, but inadvertently also scraped their contact lists.
Facebook spokesperson Jay Nancarrow said the company is “in touch with the New York State attorney general’s office and are responding to their questions on this matter.”