The UK’s Information Commissioner (ICO), Elizabeth Denham, issued a statement regarding her office’s investigation about the use of data analytics in political campaigns. The progress report focuses on the link between ‘Cambridge Analytica, its parent company SCL Elections Limited and Aggregate IQ and involves allegations that data, obtained from Facebook, may have been misused by both sides in the UK referendum on membership of the EU and used to target voters during the 2016 American Presidential election process. When it comes to Facebook the report quotes: ‘The ICO has issued Facebook with a Notice of Intent to issue a monetary penalty in the sum £500,000 for lack of transparency and security issues relating to the harvesting of data constituting breaches of the first and seventh data protection principles under the Data Protection Act 1998.’ The media reports that Facebook’s chief privacy officer, Erin Egan,wrote in an emailed statement: ‘As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015. We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries. We're reviewing the report and will respond to the ICO soon.’ The ICOS’s investigation came to the conclusion that ‘The company failed to be transparent about how people's data was harvested by others.’
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.