An Irish regulator said on Friday it had launched an investigation into Facebook Inc after the company disclosed a bug that may have exposed private photos of up to 6.8 million users, the latest in a series of Facebook privacy glitches.
Ireland’s Data Protection Commission said in a statement that it was investigating Facebook to determine whether it had complied with strict new European Union privacy rules in its response to a number of breaches, including the bug that exposed private photos. The new rules took effect in May.
Facebook representatives could not immediately be reached for comment on the probe.
The company had disclosed the issue earlier on Friday, saying the bug had allowed some 1,500 software apps to access private photos for 12 days ending Sept. 25. “We’re sorry this happened,” Facebook said in a blog targeted at developers who build apps for its platform.
The problem is the latest in a string of security and privacy issues that have caused complaints from users and led to investigations by regulators and lawmakers. The issues include the massive Cambridge Analytica scandal and a security breach that affected nearly 30 million users.
The company said it would send an alert through Facebook to notify users whose photos may have been exposed by the latest issue. The alert will direct them to a link where they will be able to see if they have used any apps that the bug allowed to access private photos.
The incident initially appears to be relatively minor but could prompt privacy regulators in Europe to start investigations of Facebook, said Brian Wieser, an analyst with Pivotal Research.
“We already have a lot of evidence to reinforce the idea that Facebook is sloppy,” he said in an email, adding that the company prioritizes growth at the expense of other considerations.
George Salmon, an analyst with Hargreaves Lansdown, said that new reports of bugs and breaches raise the likelihood that governments will impose new regulations on Facebook’s business practices.
“Facebook is sensibly trying hard to regain the trust of its user base, but all that effort will be to no avail if stories like this keep emerging,” he said. The bug affected users who give third-party applications permission to access their photos.
The company typically only grants such apps access to photos shared on a user’s timeline.
The bug potentially gave developers access to other photos, including ones that were uploaded but not posted, as well as ones shared on Marketplace and Facebook Stories, the company said.