A data leak of information on approximately 533 million Facebook users – including profile names, mobile numbers and location data – has prompted talk of regulatory action against the social media platform, but bringing a case under Europe’s General Data Protection Regulation (GDPR) may not be successful or possible.
According to Ireland’s Data Protection Commission (DPC) – which due to Facebook’s substantial presence in Ireland was early to instigate a probe into the incident – the age of the data may put it outside the scope of the GDPR.