The Facebook scandals just keep coming. Business Insider reported on Thursday that the social network was harvesting email information of new members without telling them. New users that joined the social networking site after May 2016 were asked to share not only their email address, but their email passwords. The website was brought into question of this practice by a security expert before Business Insider found that the website would import all of your email contacts into its database without user consent. Facebook has claimed that this practice, which occurred for nearly three years, was an accident.

What Happened

Facebook claims that as many as 1.5 million users had their email data harvested without consent between May 2016 and now. When new users would sign up for the social networking platform, they were asked to provide not only their email address but their password. Facebook would then access their email account and harvest the contact information for their email accounts. Users were unable to opt out of this feature. Facebook maintains the story that this was unintentional, but the data was used to improve ad targeting to its more than one billion active users.

Facebook does assure its users that were affected that the content of their email accounts was not accessible, though. The mistake was merely meant to import contact information, not snoop on otherwise protected email content. Although only 1.5 million estimated accounts were impacted by this data breach, Facebook would not release information about how many email addresses were harvested from that. One can assume that number grows exponentially, as 1.5 million users each have quite a few email contacts, no doubt.

Repercussions

As it stands right now, Facebook has been caught in the middle of a number of scandals over the last couple of years. The Cambridge Analytica scandal nearly destroyed consumer trust in social media websites once and for all. Facebook had to work hard to gain respect once again. The scandal revealed that a digital advertising agency out of London had been implementing questionable tactics in order to politically weaponize data in elections. Targeted ads, specialized content, and data misuse allegedly helped win elections around the world—all in the hand of Facebook. Today the world is still figuring out what to make of that information. Meanwhile, Facebook has already gotten in trouble again—and again.

The CEO, Mark Zuckerberg, appeared in a Federal court to discuss potential changes to the way social networks operate. This included how data was obtained, stored, and sold. Today, the FTC wants to hold Zuckerberg himself accountable for the latest issues. While it may sound as if Zuckerberg will be heading to jail, it’s not quite that simple. What the FTC means by this is that it wishes to hold the CEO and his company to a much higher standard than other websites. Facebook takes in billions of dollars’ worth in public and private data each year. It’s no wonder that there should be some regulation about how that data is used.

What’s In Store For Zuckerberg

Holding Zuckerberg accountable may result in massive fines that come out of his own pockets. It could also mean tighter rules and greater government oversight on the company. Zuckerberg himself has admitted that much of what happened with Cambridge Analytica was Facebook’s fault. He signed off on the changes that were put in place to allow that sort of thing to happen. So it’s only natural that he should be the one to take the fall for it.