|
|
|
|
|
|
by mziel
3006 days ago
|
|
|
Regarding "they got the users’ permission initially" this is true for the users that signed up for it, not anybody in their social graph. GDPR treats data about a user as data belonging to this user. Those people have definitely not consented to having their data mined for this use case. Next (as I understand) the consent was for research purposes, not for the CA targeting. So under GDPR Cambridge Analytica could be fined 4% of global revenue or €20M - whichever is HIGHER [1] [1] https://www.gdpreu.org/compliance/fines-and-penalties/ |
|
|