The Japanese government on Monday ordered Facebook Inc. to improve the protection of users’ personal information following a series of incidents including a massive data breach earlier this year that impacted 87 million people around the world, a commission said.

It is the first time the government’s Personal Information Protection Commission has issued this kind of warning to the U.S. social media giant.

The commission said user information such as IDs and browsing history was automatically transferred to Facebook when a user viewed an outside website that had Facebook’s “like” button, even if the user did not click on the button.

It said Facebook should give clear explanations on how user information is handled, gain users’ consent when necessary and properly respond to users’ requests for deletion of their information.

Facebook said in a statement, “In addition to making necessary changes to our platform to enhance its safety, we will make utmost efforts to develop products and features which will ensure protection of our users’ information.”

The data leak involving Cambridge Analytica, a London-based political consulting firm, came to light this spring, with the information believed to have been used in Donald Trump’s U.S. election campaign in 2016.

Up to 100,000 Facebook users may have been affected in Japan, although it has not been confirmed that such personal information was actually abused, the commission said.

In addition, the panel ordered Facebook to report on its own investigation into a breach made public in September in which personal data from 29 million accounts, including in Japan, were stolen by hackers.

The committee is a supervisory body for the protection of personal information. It can issue orders and instructions to companies and other entities based on relevant laws.