The Cambridge Analytica scandal was a massive embarrassment for Facebook. It brought the issue of data privacy into sharp focus for the general public. The scandal has had both immediate and long-term effects on Facebook's public image, and it has affected how societies and legislators view social media ever since.
An app designed by a data scientist from Cambridge University was used to harvest the data. Cambridge Analytica arranged for several hundred thousand Facebook users to complete a short survey for academic use. This included obtaining their informed consent. However, because of the way that Facebook is designed, the app was able to access the personal data of friends of the survey respondents, as well as the respondents themselves.
Of those, 70.6 million were United States citizens, 6.7 million of them from California. Facebook sent messages to users that it believed had been affected by the hack, offering only vague details about what the information likely included. The data points listed by Facebook included the user’s public profile page, likes, birthday, etc., were relatively harmless. But they disguised the real magnitude of what had occurred.
With the data it had access to, Cambridge Analytica was able to create detailed psychographic profiles. They were able to characterize millions of Americans, most of whom had not consented to share their data. These profiles could then be used to determine what sort of advertising or messaging would be most effective at swaying people's votes towards a particular candidate or policy.
Amazon suspended Cambridge Analytica's access to its AWS cloud infrastructure. Governments in both India and Brazil demanded Cambridge Analytica to immediately report any instances of data from the breach being used to influence political campaigning in the respective countries. Meanwhile, lawsuits are progressing through a number of regional courts in the United States.
Facebook’s reputation has still not recovered from the scandal and potentially never will. Cambridge Analytica no longer exists, but all the main people involved in its inception and operation have escaped punishment. They are free to set up more businesses in the same mold and there are already reports that this is exactly what has happened.
Actually, it turns out that Facebook is still playing fast and loose with user data. And it is still making it far too easy for personal data to be extracted from the platform and then monetized, misused, or just left out in the open for anyone to find.
Following the Cambridge Analytica scandal, Facebook banned thousands of third-party apps as a security measure against any more data breaches occurring.
Facebook made a big deal out of the fact that it had removed thousands of apps from the platform. It had hoped to score a much-needed PR win. However, it was immediately cagey about exactly which apps it had suspended or why. There were also widespread reports of legitimate small-time apps being suspended.
Facebook has less than 90 days to consider its response. But the company has already indicated that it is likely to appeal.
If Facebook does reveal the information it has been compelled to, we may finally understand the true scope of third-party app abuse on Facebook. You can always delete your Facebook account, right? Given that Facebook also owns apps like Instagram and WhatsApp, it is vital that they are scrutinized properly. Especially when it comes to the personal data of their users.
Photo: Adam Berry / Getty Images
What Happened?
Beginning in December 2015, reports started to emerge that Cambridge Analytica was providing services for political campaigns using data harvested from Facebook users without their consent. However, this story didn't gain much traction at first, and Facebook would only say that they were investigating the matter. A year later further reports appeared. Finally, coordinated international reporting in March 2018 after the emergence of a whistle-blower brought the story into the mainstream.An app designed by a data scientist from Cambridge University was used to harvest the data. Cambridge Analytica arranged for several hundred thousand Facebook users to complete a short survey for academic use. This included obtaining their informed consent. However, because of the way that Facebook is designed, the app was able to access the personal data of friends of the survey respondents, as well as the respondents themselves.
How Many People Were Affected?
Initial reports suggested that the data set included information of around 50 million Facebook users. Cambridge Analytica disputed this and claimed that it had only collected the data for 30 million Facebook user profiles. Ultimately, Facebook themselves confirmed that 87 million were affected by the data breach.Of those, 70.6 million were United States citizens, 6.7 million of them from California. Facebook sent messages to users that it believed had been affected by the hack, offering only vague details about what the information likely included. The data points listed by Facebook included the user’s public profile page, likes, birthday, etc., were relatively harmless. But they disguised the real magnitude of what had occurred.
With the data it had access to, Cambridge Analytica was able to create detailed psychographic profiles. They were able to characterize millions of Americans, most of whom had not consented to share their data. These profiles could then be used to determine what sort of advertising or messaging would be most effective at swaying people's votes towards a particular candidate or policy.
What Were The Consequences?
What's the story broke properly in 2018, the most immediate effects were both public outcry and a serious knock to Facebook's share value. In the following days, $100 billion was wiped off Facebook market capitalization. When the initial apology tour did little to quell public discontent, Mark Zuckerberg had to testify before the United States Congress.Amazon suspended Cambridge Analytica's access to its AWS cloud infrastructure. Governments in both India and Brazil demanded Cambridge Analytica to immediately report any instances of data from the breach being used to influence political campaigning in the respective countries. Meanwhile, lawsuits are progressing through a number of regional courts in the United States.
Facebook’s reputation has still not recovered from the scandal and potentially never will. Cambridge Analytica no longer exists, but all the main people involved in its inception and operation have escaped punishment. They are free to set up more businesses in the same mold and there are already reports that this is exactly what has happened.
Tip of the Iceberg?
Facebook is a behemoth. It was easily able to shoulder the $5 billion fine from the Federal Trade Commission to settle their investigation into the scandal. The paltry $663,000 fine levied by the UK’s Information Commissioner’s Office made even less of a dent. With GDPR now in place, Facebook would face much harsher penalties if they were to repeat the same behavior today. Right?Actually, it turns out that Facebook is still playing fast and loose with user data. And it is still making it far too easy for personal data to be extracted from the platform and then monetized, misused, or just left out in the open for anyone to find.
Following the Cambridge Analytica scandal, Facebook banned thousands of third-party apps as a security measure against any more data breaches occurring.
Facebook Vs MA
A case is currently working its way through the Massachusetts court system. It could force Facebook to reveal much more about the third-party apps that were suspended from the platform in the wake of the Cambridge Analytica scandal. Facebook has fought hard up until now to keep many of the details about the apps it suspended secret.Facebook made a big deal out of the fact that it had removed thousands of apps from the platform. It had hoped to score a much-needed PR win. However, it was immediately cagey about exactly which apps it had suspended or why. There were also widespread reports of legitimate small-time apps being suspended.
Facebook has less than 90 days to consider its response. But the company has already indicated that it is likely to appeal.
If Facebook does reveal the information it has been compelled to, we may finally understand the true scope of third-party app abuse on Facebook. You can always delete your Facebook account, right? Given that Facebook also owns apps like Instagram and WhatsApp, it is vital that they are scrutinized properly. Especially when it comes to the personal data of their users.
Photo: Adam Berry / Getty Images