It’s no secret that Facebook tracks user data, as anyone who has seen an ad related to a topic they just posted about can attest — but the alleged illegal data mining of as many as 87 million users that was acquired by Cambridge Analytica is raising new concerns about the security of personal information stored on Facebook. Facebook has since banned the analytics firm and the parent company Strategic Communication Laboratories and launched wide-spread changes to data privacy and third-party app access, but with Cambridge Analytica handling social media campaigns related to President Donald Trump’s presidential bid and the U.K.’s Brexit vote, the scrutiny will likely continue for some time.
After Facebook CEO Mark Zuckerberg broke his silence and shared a post detailing what happened, several of those changes have already been set in motion. On April 4,
In a press conference April 4, Zuckerberg said the company, at first, did not have a wide enough view on how the network could potentially be abused. “We didn’t focus enough on preventing abuse and thinking through how people could use these tools to do harm as well. That goes for fake news, foreign interference in elections, hate speech, in addition to developers and data privacy. We didn’t take a broad enough view of what our responsibility is, and that was a huge mistake. It was my mistake.”
On Monday, March 26, the Federal Trade Commission confirmed an open but non-public investigation into
So what do
Users didn’t have to authorize an app to have their data mined
Some of the user data in question was accessed by authorizing the app “thisisyourdigitallife,” by Global Science Research, a personality app that told users the information was anonymous and for physiological research. Granting access to a third-party app prompts a pop-up screen that says what data the app will have access to, requiring the user to agree to the terms before allowing access. The app was also reportedly boosted by Amazon Turk, a program that pays users to complete surveys and other online tasks. Global Science Research allegedly sold that data to Cambridge Analytica.
That is not why the app’s developers and Cambridge Analytic are under fire, however. Around 270,000 people actually accessed the app. But the app didn’t stop there; it also gathered data on those users’ friends, until it had access to information from millions of users. This means the vast majority of users who had their data stolen never authorized the app to access their accounts, thus prompting the ensuing controversy and
The New York Times first estimated 50 million users were affected.
Most of those numbers are users based in the U.S. but some of that data jumps borders. While other countries only make up around one percent of the possible users affected, users in the Phillipines, Indonesia, United Kingdom, Mexico, Canada, India, Brazil, Vietnam and Australia could have been tracked by the third-party app.
While wasting three minutes of your life taking a quiz to find out what kind of potato chip you are is nobody’s proudest moment, granting an unknown company access to your data, and that of your friends, is an irrationally high price to pay.
Third-party apps can no longer access your friends’ data — and Facebook is still doing more
While third-party apps have not had access to friend data for years, Zuckerberg says the platform will take several steps to further protect user data. Third-party apps will now only stay connected for three months, preventing one-time use apps from monitoring data in the background. The network is also launching an audit of all the apps that used friend data prior to 2014 — and removing anyone who doesn’t cooperate with the audit as well as apps that misused data. And while users could always look in the settings to see what apps have access to their data,
In an official blog post following Zuckerberg’s statement,
Facebook knew about the data in 2015
A lawsuit filed by investors said
Cmabridge Analytica claims that the information was deleted and is cooperating with audits. The company also says that the information was not used during the 2016 presidential campaign.
Facebook is losing money — and that might be a good thing
Advertisers often choose
While that’s not good news if you invested in
The scandal has also sparked a #deletefacebook movement, but Zuckerberg says that the company hasn’t seen any “meaningful impact” from the movement. The CEO said that, while the movement hasn’t created drastic user drops, the company is still working to repair that distrust.
This isn’t the first time Facebook has been scrutinized over privacy
A second complaint on the list sounds familiar in the midst of the current scandal, which reads “selecting ‘Friends Only’ did not prevent their information from being shared with third-party applications their friends used.” Additionally, while
That turmoil in France and the Netherlands likely prompted
The U.S., U.K., Australia and FTC are all investigating
More information will likely come over the next few weeks as several groups dig into the controversy.
As the investigation continues, additional details will likely become available. Currently, it’s unclear exactly how the data was used, which campaigns the data was used in, and if those campaigns had any major impact. Cambridge Analytica is claiming no wrongdoing.
Facebook claims it was deceived
While the information wasn’t stolen in a hack-like breach, Zuckerberg called the mishandling of data a breach of trust.”This was a breach of trust between Kogan, Cambridge Analytica and
Andrew “Boz” Bosworth, the company’s vice president of augmented and virtual reality and the former vice president in advertising, said
This isn’t the only questionable practice Cambridge Analytica is accused of
While misuse of user data is at the heart of the scandal, that’s not all Cambridge Analytica is facing. British undercover reporters set up several meetings with the company and recorded CEO Alexander Nix suggesting creating a sex scandal to discredit an opponent. Cambridge Analytica has cried foul and said it never intended carrying out those suggestions.
ABC News also reports that the company is facing legal action from the Federal Election Commission and Department of Justice. The legal complaints suggest that the company allegedly broke election laws that say only U.S. citizens can participate in political campaigns. According to the complaints, a lawyer warned the firm of the laws back in 2014. Cambridge Analytica is based in the U.K.
Users can revoke authorization to third-party apps
While even the former owner of WhatsApp is calling for users to delete Facebook, there are settings users can adjust to limit shared data and view which third-party apps have been authorized. This may not prevent illegal access to data if someone finds a way to access information outside of Facebook’s rules, but it’s a start for users who would rather not cut all ties with
As the investigation continues, we will update this post with additional information.
Updated on April 5: Added
- Reels are about to show up in yet another Facebook feature
- Trump campaign used Cambridge Analytica data to suppress Black vote, leak shows
- Facebook sued by Australian privacy regulator over Cambridge Analytica scandal
- Facebook teaches us all how web privacy works with Messenger Kids
- The Off-Facebook Activity tool lets you take control of your shared data