Facebook will be fined £500,000 ($662,900) in the U.K. after the country’s privacy watchdog said its data sharing scandal broke the law.
The Information Commissioner’s Office (ICO) is hitting the social network with the maximum possible fine it can impose, for two breaches of the U.K.’s Data Protection Act.
Facebook failed to safeguard people’s information, the ICO said, and was not transparent about the way in which user data was harvested by others.
“Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes,” Information Commissioner Elizabeth Denham said in a statement on Wednesday.
Denham added: “New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters. But this cannot be at the expense of transparency, fairness and compliance with the law.”
She said that fines and prosecutions “punish the bad actors” but that her true aim was to “effect change and restore trust and confidence in our democratic system.”
The ICO said it will send out warning letters and audit notices to 11 political parties, and will seek a criminal prosecution for SCL, the parent company of the now-defunct controversial political data analytics firm Cambridge Analytica.
The fine on Facebook was unveiled as part of the ICO’s report investigating whether personal data had been misused by political campaigns during the 2016 referendum on the U.K.’s membership of the European Union.
“As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015,” Erin Egan, chief privacy officer at Facebook, said in an emailed statement.
“We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries. We’re reviewing the report and will respond to the ICO soon.”