Skip to main content

Facebook: Data Protection

Question for Department for Digital, Culture, Media and Sport

UIN 179113, tabled on 12 April 2021

To ask the Secretary of State for Digital, Culture, Media and Sport, what discussions he has had with the Information Commissioner's Office on the Facebook data leak of 2019; how many UK Facebook users were informed of that leak; and whether UK users data remains compromised.

Answered on

15 April 2021

The Information Commissioner’s Office referred the 2019 data leak to Facebook’s EU supervisory authority, the Data Protection Commission in Ireland, who announced in April 2019 that they were opening a Statutory Inquiry into the breach.

The Information Commissioner’s Office continues to work with and support its Irish counterpart to ensure that the data of UK citizens is protected.

The government has made it clear that all organisations, especially large global tech firms who process vast amounts of personal data, must comply with the UK’s data protection legislation, which poses strict obligations on organisations to ensure that UK citizens’ data is processed safely, securely and transparently. Organisations which fail to comply with the legislation may be investigated by the Information Commissioner’s Office and subject to increased fines.

The National Cyber Security Centre recommends that members of the public who are concerned that their email and/or phone number may have been leaked in the 2019 breach and any other data breaches should check the website This website has been supported by the National Cyber Security Centre in the past. Further advice on what action to take in the event of a data breach, can be found at:

Named day
Named day questions only occur in the House of Commons. The MP tabling the question specifies the date on which they should receive an answer. MPs may not table more than five named day questions on a single day.