Updated at 2:50 p.m. ET
Australia is investigating whether Facebook violated national privacy laws by exposing users’ information to the data analysis firm Cambridge Analytica.
Facebook has acknowledged that data from more than 300,000 Australians may have been improperly shared with the analysis company — out of some 87 million users worldwide.
Australia’s acting privacy commissioner, Angelene Falk, says she has opened a formal investigation into whether Facebook broke the law by failing to secure personal information.
“If Facebook has breached [Australia’s] Privacy Act, it could face a fine of up to $1.5 million,” Louisa Lim reports for NPR from Melbourne. “But the company’s already lost $100 billion in market value since the scandal broke.”
A Facebook spokeswoman in Australia told Reuters that the company will be “fully responsive” to the investigation.
The wire service also reported that Australia is already investigating Facebook, as well as Google, to see whether the companies have “disrupted the news media to the detriment of publishers and consumers.
Australia’s 1988 Privacy Act mandates that organizations take “reasonable steps to ensure that personal information is held securely,” Falk said in a statement. “Organizations should regularly and proactively assess their information-handling practices to ensure that they are both compliant with privacy laws and in keeping with community expectations.”
In the U.S., Facebook and Cambridge Analytica have been hit with lawsuits, and some watchdog groups and politicians have called for federal investigations into the apparent privacy breach. The FTC has confirmed it is investigating how Facebook handles personal data.