Skip to main content

Zuckerberg releases first statement on Cambridge Analytica, vows more security

Image used with permission by copyright holder

Facebook has banned the analytics firm Strategic Communication Laboratories and its political arm, Cambridge Analytica, for failure to follow its rules regarding the handling of personal data — and what may be among the largest abuses of personal data in U.S. history.

Facebook founder and CEO Mark Zuckerberg released his first statement on the matter just today. In it, Zuckerberg takes responsibility for Cambridge Analytica’s abuse of the Facebook platform, and promises that the company will do better in the future.

“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you. I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again,” Zuckerberg said. “The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there’s more to do, and we need to step up and do it.”

The statement goes on to describe how Facebook intends to address the problem going forward, but Zuckerberg is quick to point out that the company has already taken the first steps toward securing your data. First, Zuckerberg claims, Facebook will be auditing thousands of apps which may have improperly accessed user data.

“We will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity,” Zuckerberg said. “We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps.”

Second, Facebook will be cracking down on developers access to your personal data, reducing the data apps are able to access when you use Facebook to login — restricting it to just your name, profile photo, and email address. Lastly, Facebook will now list apps which have access to your private data in a bar above your news feed. You can already access this information, but Zuckerberg says moving it to a more visible location will keep people aware of which apps have access to their data. Users will be able to revoke permissions without digging into their privacy settings.

It’s a good set of first steps, but what Zuckerberg fails to mention is why it took Facebook over two years to publicly acknowledge the problem, when it knew sensitive user data was compromised.

Here’s what happened

While some outlets have reported that this was the result of a breach, the social network denies this claim. In the company’s statement, Facebook VP and Deputy General Counsel Paul Grewal said that the reports regarding a data breach were “completely false.”

The truth seems more complex than that.

Cambridge Analytica, which is best known for its work alongside Donald Trump’s presidential campaign, obtained the information from Dr. Aleksandr Kogan, who created an app called “thisisyourdigitallife.” The app billed itself as a personality test and was downloaded by about 270,000 people. By downloading the app, the users gave permission for the app’s developers to access information regarding the city they lived in, what kind of content they liked on Facebook, and other general information.

But by sniffing through the friends of those users, and the friends of friends, the company was able to gather up info on 50 million people in total, according to the New York Times — none of whom granted the company permission to use or even access to their data, these details were corroborated in Zuckerberg’s statement.

“The firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history,” the Times reported. This may not have been a data breach, but user’s wishes certainly weren’t honored.

While Kogan obtained the information on the initial 270,000 users legitimately and in accordance with Facebook’s rules, he then proceeded to violate those rules by sharing them with a third party — in this case, Cambridge Analytica.

“By passing information on to a third party, including SCL/Cambridge Analytica and Christopher Wylie of Eunoia Technologies, he violated our platform policies,” Grewal wrote. “When we learned of this violation in 2015, we removed his app from Facebook and demanded certifications from Kogan and all parties he had given data to that the information had been destroyed. Cambridge Analytica, Kogan, and Wylie all certified to us that they destroyed the data.”

Meanwhile, threats of legal action are beginning to appear. On Saturday, Massachusetts attorney general Maura Healey said she planned to look into the situation.

#BREAKING: Massachusetts residents deserve answers immediately from Facebook and Cambridge Analytica. We are launching an investigation.

— Maura Healey (@MassAGO) March 17, 2018

Last week, Facebook received reports that not all of the data had been destroyed as promised. Facebook has not yet verified these claims, but has chosen to suspend SCL/Cambridge Analytica and Kogan from the site while it investigates these accusations.

Facebook isn’t the only organization looking into Cambridge Analytica. The Guardian has reported that the British Election Commission is investigating the organization in regards to the Brexit vote, which saw the U.K. vote to leave the European Union.

“We are investigating the circumstances in which Facebook data may have been illegally acquired and used,” said the Commission’s Elizabeth Denham. “It’s part of our ongoing investigation into the use of data analytics for political purposes which was launched to consider how political parties and campaigns, data analytics companies and social media platforms in the U.K. are using and analysing people’s personal information to micro-target voters.”

Facebook itself has faced questions regarding how it handles user data as well.

Editors' Recommendations

Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
Meta found over 400 mobile apps ‘designed to steal’ Facebook logins
Social media mobile apps on a smartphone screen, all on a textured gray fabric background.

If you frequently use your Facebook login to sign into new mobile apps you've installed, you may want to pay attention to Meta's latest announcement.

On Friday, Facebook's parent company Meta published a blog post written by its Director of Threat Disruption David Agranovich, and Ryan Victory, a Malware Discovery and Detection engineer at Meta. The post detailed Meta's discovery of over 400 mobile apps "that target people across the internet to steal their Facebook login information." Essentially, Meta found hundreds of mobile apps that were "designed to steal"  the login information of Facebook users by having those users log in to these apps with their Facebook login information.

Read more
Facebook’s new controls offer more customization of your Feed
A smartphone with the Facebook app icon on it all on a white marble background.

Facebook isn't likely to stop recommending posts in your Feed anytime soon, but it is offering a few options for controlling the content you see there.

On Wednesday, Facebook parent company Meta announced that the social networking platform is offering two more ways to customize your feed: by selecting "Show more" or "Show less" on individual posts, and by adjusting new settings in Feed Preferences.

Read more
Get ready: there could be more ads in Instagram’s future
Instagram app on the Google Play Store on an Android smartphone.

It's possible that Instagram users will see more ads in their favorite photo- and video-sharing app going forward as parent company Meta is apparently experimenting with new kinds of ads.

MarketWatch reported on Tuesday that Meta announced that Instagram would see "three new advertising types." These new ad types are Explore ads, profile feed ads, and the third type was described as a "multi-advertiser ad."

Read more