‘Utterly horrifying’: ex-Facebook insider says covert data harvesting was routine | News | The Guardian


This has grown to a huge story!

Hundreds of millions of Facebookusers are likely to have had their private information harvested by companies that exploited the same terms as the firm that collected data and passed it on to Cambridge Analytica, according to a new whistleblower.


  1. Tomi Engdahl says:

    Tony Romm / Washington Post:
    Senate Judiciary Committee chairman invites top Facebook, Google, and Twitter execs to an April 10 hearing on the “future of data privacy and social media”

    Congress wants to drag Google and Twitter into Facebook’s privacy crisis

    A panel of Senate lawmakers aims to grill the top executives of Facebook, Google and Twitter next month, the latest indication that the controversy surrounding Facebook’s data privacy practices now threatens to envelop the whole of Silicon Valley.

    The Senate Judiciary Committee’s chairman, Republican Sen. Chuck Grassley (Iowa), on Monday scheduled an April 10 hearing on the “future of data privacy and social media” — and the panel said it would explore potential new “rules of the road” for those companies.

  2. Tomi Engdahl says:

    Data breach exposes Cambridge Analytica’s data mining tools

    The exposed data shows Cambridge Analytica used software developed by Canadian firm AggregateIQ to benefit US campaigns.

    A Canadian political data firm called AggregateIQ (AIQ) left a large code repository downloadable online, according to a security researcher, exposing the political data and microtargeting tools that various Republican campaigns used to try to influence voters in the United States’ 2016 election cycle.

    The exposed data reveals AIQ’s ties to the embattled data analytics firm Cabridge Analytica — and, by extension, its ties to the campaigns of conservative Texas politicians Sen. Ted Cruz and Gov. Greg Abbott. As reported by Gizmodo, they also reveal AggregateIQ (AIQ)’s connection to Ukrainian steel magnate Serhiy Taruta, head Ukraine’s newly formed Osnova party.

    The data warehouse, discovered by UpGuard Director of Cyber Risk Research Chris Vickery, was hosted on a subdomain of AIQ and using a custom version of Gitlab, located at the web address gitlab.aggregateiq.com.

    The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

    The UpGuard Cyber Team’s latest discovery of a data leak, involving the exposed IT assets of a data analytics firm based in British Columbia, Canada, presents significant questions for society about how technology can be used. In this first installment of a multipart series titled “The AIQ Files,” we begin to explain the importance of the data revealed from a publicly exposed AggregateIQ repository, and how it relates to recent US political history.

    Coming amidst a firestorm of scrutiny about how political operations can use and harvest consumer information, including from social media networks like Facebook, the UpGuard Cyber Risk Team can now reveal that a large code repository originating from AggregateIQ, a Canadian political data firm active in the 2016 US presidential race, was left publicly downloadable online. Revealed within this repository is a set of sophisticated applications, data management programs, advertising trackers, and information databases that collectively could be used to target and influence individuals through a variety of methods, including automated phone calls, emails, political websites, volunteer canvassing, and Facebook ads.

    Cambridge Analytica, which is now being investigated for collecting the Facebook profiles of over fifty million users without their permission, has been reported to work closely with AggregateIQ in their efforts on behalf of clients, as will be further explained. In this first installment of “The AIQ Files,” we take a closer look at the suite of political data and microtargeting tools possessed by AggregateIQ and exposed in this data repository – in turn revealing the inner workings of the kind of influencing prowess in which Cambridge Analytica claimed expertise, to the campaigns of customers like Ted Cruz, Ben Carson, and Donald Trump.

  3. Tomi Engdahl says:

    How Trump Consultants Exploited the Facebook Data of Millions

    As the upstart voter-profiling company Cambridge Analytica prepared to wade into the 2014 American midterm elections, it had a problem.

    The firm had secured a $15 million investment from Robert Mercer, the wealthy Republican donor, and wooed his political adviser, Stephen K. Bannon, with the promise of tools that could identify the personalities of American voters and influence their behavior. But it did not have the data to make its new products work.

    So the firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history.

  4. Tomi Engdahl says:

    FTC to Probe Facebook Over Privacy Practices

    A US consumer protection agency said Monday it has opened an investigation into Facebook’s privacy practices, another blow to the social network, which is struggling to deal with a growing crisis on misuse of private data.

    The Federal Trade Commission (FTC) confirmed news reports from last week that it had opened an inquiry over the harvesting of data on tens of millions of Facebook users by the British consulting group Cambridge Analytica.

    While the FTC normally refuses to comment on its probes, it took the unusual step of confirming a “non-public investigation” into Facebook over whether it mishandled private data or violated a 2011 agreement which settled an earlier probe.

  5. Tomi Engdahl says:

    Fleeing Facebook app users realise what they agreed to in apps years ago – total slurpage
    Zuck takes out full-page ads to apologise as Tim Cook calls for ‘well-crafted’ privacy laws

    It was the weekend that had it all: promiscuous permissions dragged Google into the Facebook privacy row, Facebook apologised again while at the same time denying anything’s wrong with its Android apps, and Tim Cook was totally not smug when he chimed into the privacy debate.

    The data slurp included Facebook app users’ interactions with others who are not on Facebook – meaning people who never gave the Social Network™ permission for anything are probably profiled in its data troves anyway.

    This was already an issue for Web users, with the infamous Facebook cookie the subject of lawsuits in Belgium (Facebook won) and France (Facebook lost).

    Facebook has responded with a statement saying “uploading call and text history” was always opt-in (unless, of course, you’re not a Facebook user, in which case you had no say in the matter).

    Facebook’s other response to the escalating scandal was to take out full-page mea-culpa newspaper advertisements in the UK and USA.

    Over Mark Zuckerberg’s signature, the ad apologised for the 2014 quiz app at the bottom of the scandal, saying “we’re now taking steps to make sure this doesn’t happen again”.

    “We’ve worried for a number of years that people in many countries were giving up data probably without knowing fully what they were doing,” he added. Apple’s concern that data would be abused in the form of profiling, with an inevitable user backlash, was a prediction that “has come true more than once”.

  6. Tomi Engdahl says:

    Data row: Facebook’s Zuckerberg will not appear before MPs

    Facebook founder Mark Zuckerberg has said he will not appear before MPs investigating fake news, but will send one of his senior executives instead.

    The tech giant and data analytics firm Cambridge Analytica are at the centre of a dispute over harvesting personal data and whether it was used in Donald Trump’s presidential election campaign.

    Mr Zuckerberg has apologised for a “breach of trust”.

    His stand-in will give evidence to MPs after the Easter Parliamentary break.

    Steve Bannon, Donald Trump’s former chief strategist and a director on Cambridge Analytica’s board, did not care about creating that impression, said Mr Wylie.

    He was more interested in speaking at university events than sitting in posh offices so Mr Nix set up a fake office in Cambridge to present a more academic side of the company, Mr Wylie said.

    After that, Mr Bannon decided to call the company Cambridge Analytica, he said. “In his head, it was a very academic company,” he added.

    Cambridge Analytica denies any of the data acquired was used as part of the services it provided to the Trump campaign.

  7. Tomi Engdahl says:

    Facebook data misuse scandal affects “substantially” more than 50M, claims Wylie

    Facebook data misuse scandal affects “substantially” more than 50M, claims Wylie
    Natasha Lomas
    @riptari / 1 hour ago

    Chris Wylie
    Chris Wylie, the former Cambridge Analytica employee turned whistleblower whose revelations about Facebook data being misused for political campaigning has wiped billions off the share price of the company in recent days and led to the FTC opening a fresh investigation, has suggested the scale of the data leak is substantially larger than has been reported so far.

    Giving evidence today, to a UK parliamentary select committee that’s investigating the use of disinformation in political campaigning, Wylie said: “The 50 million number is what the media has felt safest to report — because of the documentation that they can rely on — but my recollection is that it was substantially higher than that. So my own view is it was much more than 50M.”

  8. Tomi Engdahl says:

    Firefox Rolls Out New Extension To Block Facebook From Leaking Personal Data

    IFLScience logo

    Firefox Rolls Out New Extension To Block Facebook From Leaking Personal Data
    Firefox Rolls Out New Extension To Block Facebook From Leaking Personal Data

    ALIYAH KOVNER 27 MAR 2018, 20:45

    In light of the uproar over online privacy that was kicked into high gear by this month’s Cambridge Analytica scandal, Internet browser company Mozilla has released a new Firefox extension that limits the extent to which Facebook can track your web activity.

    Given the name “Facebook Container”, this browser add-on does just that – it blocks the social media app from associating the data in your Facebook account and your actions on the site from what you choose to do on other websites, ultimately reducing the barrage of targeted messages and advertisements that appear on your feed.

  9. Tomi Engdahl says:

    Mozilla Isolates Facebook with New Firefox Extension

    Mozilla today unveiled the “Facebook Container Extension”, a new browser extension designed to help Firefox users reduce the ability of Facebook to track their activity across other web sites.

    The new extension, Mozilla says, will help users gain more control over their data on the social platform by isolating their identity into a separate container. Because of that, Facebook would find it more difficult to track users’ activity on other websites via third-party cookies.

    The Facebook Container Add-On was launched in the light of news that Facebook at one point allowed applications to harvest large amounts of data on users and their friends and follows Mozilla’s announcement that it has paused Facebook advertising until the social network improves the privacy of its users.

  10. Tomi Engdahl says:

    Pink-haired Whistleblower at Heart of Facebook Scandal

    Instantly recognizable with his pink hair and nose ring, Christopher Wylie claims to have helped create data analysis company Cambridge Analytica before turning whistleblower and becoming “the face” of the crisis engulfing Facebook.

    Carole Cadwalladr, the Guardian journalist who worked with Wylie for a year on the story, described him as “clever, funny, bitchy, profound, intellectually ravenous, compelling. A master storyteller. A politicker. A data science nerd.”

    The bespectacled 28-year-old describes himself as “the gay Canadian vegan who somehow ended up creating Steve Bannon’s psychological warfare tool,” referring to Trump’s former adviser, whom the report said had deep links with Cambridge Analytica (CA).

    With Wylie’s help, Cadwalladr revealed how CA scooped up data from millions of Facebook users in the US.

    They then used the information to build political and psychological profiles, in order to create targeted messages for voters.

    Facebook insists it did not know the data taken from its site were being used, but the revelations have raised urgent questions over how data of 50 million users ended up in CA’s hands.

    Shares of the tech giant have since tumbled, with $70 billion (56 billion euros) wiped off in 10 days.

    “I helped create that company,” he said of CA in an interview with several European newspapers.

    “I got caught up in my own curiosity, in the work I was doing. It’s not an excuse, but I found myself doing the research work I wanted to do, with a budget of several million, it was really very tempting,” he told French daily Liberation.

    Initially, he enjoyed the globetrotting lifestyle, meeting with ministers from around the world.

    But the job took a dark turn when he discovered that his predecessor had died in a Kenyan hotel. He believes the victim paid the price when a “deal went sour”.

    “People suspected poisoning,” he told a British parliamentary committee investigating “fake news” on Tuesday.

    His appearance before MPs saw him swap his usual loud T-shirts for a sober suit and tie, producing hours of testimony against the firm that he left in 2014.

  11. Tomi Engdahl says:

    Canadian Firm Linked to Cambridge Analytica Exposed Source CodeCanadian Firm Linked to Cambridge Analytica Exposed Source Code

    Source code belonging to Canada-based digital advertising and software development company AggregateIQ has been found by researchers on an unprotected domain. The exposed files appear to confirm reports of a connection between AggregateIQ and Cambridge Analytica, the controversial firm caught in the recent Facebook data scandal.

    On March 20, Chris Vickery of cyber risk company UpGuard stumbled upon an AggregateIQ subdomain hosting source code for the company’s tools. The files, stored using a custom version of the code repository GitLab, were accessible simply by providing an email address.

    The exposed information included the source code of tools designed for organizing information on a large number of individuals, including how they are influenced by ads, and tracking their online activities. The files also contained credentials that may have allowed malicious actors to launch damaging attacks, UpGuard said.

    The nature of the exposed code is not surprising considering that the firm is said to have developed tools used in political campaigns around the world, including in the United States and United Kingdom.

    AggregateIQ has been linked by the press and a whistleblower to Cambridge Analytica, a British political consulting and communications firm said to be involved in the presidential campaigns of Donald Trump and Ted Cruz, and the Brexit “Vote Leave” campaign.

  12. Tomi Engdahl says:

    FTC to Probe Facebook Over Privacy Practices

    A US consumer protection agency said Monday it has opened an investigation into Facebook’s privacy practices, another blow to the social network, which is struggling to deal with a growing crisis on misuse of private data.

    The Federal Trade Commission (FTC) confirmed news reports from last week that it had opened an inquiry over the harvesting of data on tens of millions of Facebook users by the British consulting group Cambridge Analytica.

    While the FTC normally refuses to comment on its probes, it took the unusual step of confirming a “non-public investigation” into Facebook over whether it mishandled private data or violated a 2011 agreement which settled an earlier probe.

    Acting FTC consumer protection chief Tom Pahl said the agency will look into whether Facebook violated its privacy promises or failed to comply with the US-EU agreement on data protection known as the Privacy Shield.

    The agency also will also determine if Facebook engaged “in unfair acts that cause substantial injury to consumers in violation of the FTC Act.”

  13. Tomi Engdahl says:

    Sarah Frier / Bloomberg:
    Sources: Facebook will not unveil its smart speakers at F8 while it deals with data misuse scandal, but still plans to launch speakers later this year — Social network had hoped to show off devices at F8 in May — Company still plans to launch products later this year

    Facebook Delays Home-Speaker Unveil Amid Data Crisis

    Social network had hoped to show off devices at F8 in May
    Company still plans to launch products later this year

    Facebook Inc. has decided not to unveil new home products at its major developer conference in May, in part because the public is currently so outraged about the social network’s data-privacy practices, according to people familiar with the matter.

    The company’s new hardware products, connected speakers with digital-assistant and video-chat capabilities, are undergoing a deeper review to ensure that they make the right trade-offs regarding user data, the people said. While the hardware wasn’t expected to be available until the fall, the company had hoped to preview the devices at the largest annual gathering of Facebook developers, said the people, who asked not to be named discussing internal plans.

    The devices are part of Facebook’s plan to become more intimately involved with users’ everyday social lives, using artificial intelligence — following a path forged by Amazon.com Inc. and its Echo in-home smart speakers. As concerns escalate about Facebook’s collection and use of personal data, now may be the wrong time to ask consumers to trust it with even more information by placing a connected device in their homes.

  14. Tomi Engdahl says:

    Charles V. Bagli / New York Times:
    Fair housing groups sue Facebook, saying its ad targeting tools still allow discrimination against certain groups, including disabled veterans, single mothers

    Facebook Vowed to End Discriminatory Housing Ads. Suit Says It Didn’t.

    Fair housing groups filed a lawsuit in federal court on Tuesday saying that Facebook continues to discriminate against certain groups, including women, disabled veterans and single mothers, in the way that it allows advertisers to target the audience for their ads. The suit comes as the social network is scrambling to deal with an international crisis over the misuse of data belonging to 50 million of its users.

    Facebook, an advertising behemoth with more than two billion users a month, provides advertisers with the ability to customize their messages and target who sees them by selecting from preset lists of demographics, likes, behaviors and interests, while excluding others.

  15. Tomi Engdahl says:

    It’s Possible that the Facebook App is Listening To You, Cambridge Analytica Whistleblower Says

    During an appearance before a committee of U.K. lawmakers today, Cambridge Analytica whistleblower Christopher Wylie breathed new life into longstanding rumors that the Facebook app listens to its users in order to target advertisements. Damian Collins, a member of parliament who chaired the committee, asked whether the Facebook app might listen to what users are discussing and use it to prioritize certain ads.

    “That’s probably a question for Facebook,” Wylie said. But, Wylie said in a meandering reply, it’s possible that Facebook and other smartphone apps are listening in for reasons other than speech recognition.

    Wylie: It’s possible that the Facebook app is listening to you
    But it’s probably not using speech recognition.

    “Apps that pull audio, it’s for environmental context. It’s to understand… where you are, to improve the contextual value of the advertising itself… are you outside, are you watching TV, what are you doing right now?”
    Christopher Wylie

  16. Tomi Engdahl says:

    Cambridge Analytica’s leak shouldn’t surprise you, but it should scare you
    Facebook is not alone in making everyone’s data available for whatever purpose.

  17. Tomi Engdahl says:

    Three Facebook users sue over collection of call, text history

    Three users of the Facebook Messenger app sued Facebook (FB.O) on Tuesday, saying the social network violated their privacy by collecting logs of their phone calls and text messages, in the latest legal challenge facing the company.

    Facebook, which is reeling from a scandal over its handling of personal data, on Sunday acknowledged that it had been logging some users’ call and text history but said it had done so only when users of the Android operating system had opted in.

  18. Tomi Engdahl says:

    Palantir confirms a staff link with Cambridge Analytica

    Turns out there is a link between Peter Thiel’s secretive big data analytics firm, Palantir, and Cambridge Analytica — the political consulting firm at the center of the current Facebook data misuse scandal.

  19. Tomi Engdahl says:

    “Want To Freak Yourself Out?” Here Is All The Personal Data That Facebook/Google Collect

    Instead, the backlash to these revelations – which has been justifiably focused on Facebook – is so severe because the public has been forced to confront for the first time something that many had previously written off as an immutable certainty: That Facebook, Google and the rest of the tech behemoths store reams of personal data, essentially logging everything we do.

    In response to demands for more transparency surrounding user data, Facebook and Google are offering users the option to view all of the metadata that Google and Facebook collect.

  20. Tomi Engdahl says:

    It was not consent, it was concealment

    Facebook’s response to the clutch of users who are suddenly woke — triggered to delve into their settings by the Facebook data misuse scandal and #DeleteFacebook backlash — to the fact the social behemoth is, quietly and continuously, harvesting sensitive personal data about them and their friends tells you everything you need to know about the rotten state of tech industry ad-supported business models.

  21. Tomi Engdahl says:

    Facebook Limits App Access to Users Data

    Facebook has announced a series of changes to its developer platform to implement tighter user privacy controls and limit how apps can access to user data.

    The changes were initially mentioned last week, when the social platform came under fire after reports emerged that millions of Facebook users’ personal data was harvested by British firm Cambridge Analytica.

    Facebook CEO Mark Zuckerberg apologized for the incident last week and said tighter controls would be coming. Also last week, Facebook paused app review in preparation for the upcoming changes to its developer platform.

    The first of the announced privacy improvements have been already implemented, but more are planned for the near future.

    “These are critical steps that involve reviewing developers’ actions for evidence of misuse, implementing additional measures to protect data, and giving people more control of their information,” Facebook now says.

    The first major change Facebook made toward improved user privacy was to prevent applications from “seeing” a person in one’s friends list unless both users have decided to share their list of friends with the app.

  22. Tomi Engdahl says:

    Facebook is cutting third-party data providers out of ad targeting to clean up its act
    Facebook says it’s going to stop using data from third-party data providers like Experian and Acxiom

  23. Tomi Engdahl says:

    Facebook Have Secretly Guessed Your Political Beliefs. Find Out Here If They Got Yours Right.

    Facebook has a lot of information on you. Even if you don’t think you give away your political leanings on Facebook (e.g. you make a point of not sharing or liking political posts, for fear of upsetting a relative with opposing views), it can still make guesses about you based on the likes and preferences of other users who do express those beliefs.

    If you like something from a comedian, for instance, you could very easily give away your political beliefs. Or if you like a page

  24. Tomi Engdahl says:

    Facebook Delays Home-Speaker Unveil Amid Data Crisis

    Social network had hoped to show off devices at F8 in May
    Company still plans to launch products later this year

  25. Tomi Engdahl says:

    Here’s Cambridge Analytica’s plan for voters’ Facebook data

    More details have emerged about how Facebook data on millions of US voters was handled after it was obtained in 2014 by UK political consultancy Cambridge Analytica for building psychographic profiles of Americans to target election messages for the Trump campaign.

    The dataset — of more than 50M Facebook users — is at the center of a scandal that’s been engulfing the social network giant since newspaper revelations published on March 17 dropped privacy and data protection into the top of the news agenda.

    A UK parliamentary committee has published a cache of documents provided to it by an ex CA employee, Chris Wylie, who gave public testimony in front of the committee at an oral hearing earlier this week. During that hearing he said he believes data on “substantially” more than 50M Facebookers was obtained by CA.


  26. Tomi Engdahl says:

    Facebook will cut off access to third party data for ad targeting

    In a surprise change, Facebook will give up one major data source that the company uses to help advertisers target relevant users on the platform. The company just announced that it will end a feature called Partner Categories, launched back in 2013 out of a partnership between Facebook and major data brokers.

    The decision comes at the same time that Facebook is facing a lot of scrutiny and ire over third-party data mishandling. But it is also coming ahead of GDPR regulations and the ePrivacy Directive both coming into effect in Europe, which were already leading to the company making changes to its privacy policies, even before the Cambridge Analytica scandal even came to light.

  27. Tomi Engdahl says:

    How To See And Block All The Apps Tracking You On Facebook

    Most people forget that when they download an app or sign into a website with Facebook, they are giving those companies a look into their Facebook profile. Your profile can often include your email address and phone number as well as your work history and current location. And most people don’t realize that if you’re sharing that data with friends, then apps used by those friends can see that data as well!

  28. Tomi Engdahl says:

    The Cambridge Analytica Con
    How media coverage misses the mark on the Trump data scam

    Recent reports fail to explain that the Cambridge Analytica scandal is standard practice for companies like Facebook. / The Baffler

  29. Tomi Engdahl says:

    It’s Not Just Facebook That Knows A Horrifying Amount Of Stuff About You

    Following the recent Cambridge Analytica scandal, many people are expressing concern about Facebook and how much it knows about them.

    A poll by Reuters found that trust in the social media giant has plummeted recently, with 51 percent of people saying they don’t trust the company to obey the laws protecting our personal information. What’s more, many people have been investigating how much data Facebook has on them, and are horrified by the results.

    As everyone keeps telling you (ironically through the medium of social media): If the product is free, you are the product. If they’re making money, they probably have a lot of your data to sell.

    Google is pretty much the master of collecting and monetizing big data.

    Apple knows a lot about you too. As well as tracking your location, it tracks your speed using GPS, stores all the messages you’ve sent over iMessenger as encrypted data, and stores everything you’ve ever said to your robot buddy Siri, the Huffington Post reports.

    TomTom obviously has a lot of data on where you’ve traveled that’s useful to everyone from city planners to governments.

    Alexa is always listening. The microphones in Echo are always on.

    Twitter isn’t quite the money-making machine that Facebook is, in part due to its unwillingness or ineffectiveness when it comes to monetizing your data. Nevertheless, last year they updated their privacy policy in order to collect more data

    Facebook, the company that has made people panic about their data over the last week, has quite a lot of personal data, given how people use it as a place to talk about their private lives. Depending on your privacy settings, it can collect data on things like messages you’ve sent, your contacts, and even calls that you’ve made from your phone.

  30. Tomi Engdahl says:

    Another chapter on Facebook’s privacy woes is being written in Latin America

    The abuse of Facebook’s platform for political purposes is a problem that doesn’t stop at the U.S border. Governments around the world are continuing to wrestle with the implications of Cambridge Analytica’s acquisition of Facebook user data from the heart of Europe to the capitals of Latin America’s most populous nations

    Facebook, Cambridge Analytica and South America: a recap

  31. Tomi Engdahl says:

    Facebook In Turmoil: Employees In Uproar Over Executive’s Leaked Memo

    Facebook’s problems are just getting worse, and now investors can add worker morale to the (bucket) list of problems as the New York Times reports that employees furious over a leaked 2016 memo from a top executive seeking to justify the company’s relentless growth and “questionable” data harvesting – even if it led to terrorists attacks organized on the platform.

    “Maybe someone dies in a terrorist attack coordinated on our tools.”

    On Friday, the fallout from Bosworth’s leaked memo – following several weeks of outrage over the company’s data harvesting practices, has Facebook employees in an uproar, according to The Times.

  32. Tomi Engdahl says:

    Why (almost) everything reported about the Cambridge Analytica Facebook ‘hacking’ controversy is wrong

    If you follow the Guardian or the New York Times, or any major news network, you are likely to have noticed that a company called Cambridge Analytica have been in the headlines a lot.

    The basic story as reported is as follows:

    A shady UK data analytics company, with the help of a 24 year old tech genius developed an innovative technique to ‘hack’ facebook and steal 50 million user profiles. Then they used this data to help the Trump and Brexit campaigns psychologically manipulate voters through targeted ads. The result was Vote Leave ‘won’ the UK’s Brexit referendum and Trump was elected president in the US.

    Unfortunately, almost everything in the above summary is false or misleading.

    First, There was no hack.

    The data collected was scraped from Facebook user profiles, after users granted permission for a third party app to access their data.

    None of what I just described involves ‘hacking’ Facebook or exploiting a bug. Instead, it all revolves around the use of a feature that Facebook provided to all developers and (at least) tens of thousands took advantage off.
    The data collected was not internal Facebook data. It was data that developers (s̵c̵r̵a̵p̵e̵d̵ ) accessed* from the profiles of people who downloaded their apps (and their friends). Facebook has a lot more data

    So where does Cambridge Analytica come in to the story?

    Well, they paid Kogan to collect those 50 million profiles. Whose idea that was originally is currently a matter of ‘he said, she said’. Kogan says Cambridge Analytica approached him and Cambridge Analytica says Kogan came to them. Whatever the case may be, this is the part of the story where there was an actual breach; not of Facebook’s internal data but of Facebook’s data sharing policies. Developers were permitted to collect all the user data they wanted from their apps, but what they were not allowed to do — even back in 2014 — was take that data and sell it to a third party.

    The fact that there were (at minimum) tens of thousands of developers with access to such information meant that it was inevitable that data harvested on Facebook was being sold, or otherwise provided, to a wide array of third parties

    why is Cambridge Analytica receiving so much media attention?

    The answer to this seems to primarily be how journalists, particularly Carole Cadwalladr at the Observer, have framed the story.

    The majority of coverage has pushed two angles. First, that a whistleblower from Cambridge Analytica revealed ‘a major breach’ of Facebook’s data, an issue covered above, and second, that this ‘breach’ was linked to the success of Trump’s presidential campaign.

    No one is totally immune to marketing or political messaging but there is little evidence that Cambridge Analytica is better than other similar PR or political canvassing companies at targeting voters. Political targeting and disinformation campaigns, including those promoted by Russia, certainly had an impact on recent elections but were they the critical factor? Did they have a bigger impact than Comey announcing he was ‘reopening’ the Hillary email investigation the week before the US election? Or Brexiteers claiming that £250 million was being stolen from the NHS by the EU every week? Colour me skeptical.

  33. Tomi Engdahl says:

    Would Facebook and Cambridge Analytica be in Breach of GDPR?

    The Cambridge Analytica (CA) and Facebook accusations over the U.S. 2016 presidential election campaign, and to a lesser extent between CA and the UK’s Brexit VoteLeave campaign, are — if proven true — morally reprehensible. It is not immediately clear, however, whether they are legally reprehensible. The matter is currently under investigation on both sides of the Atlantic.

    On March 26, both Apple and IBM called for more regulatory oversight on the use of personal data. “I’m personally not a big fan of regulation because sometimes regulation can have unexpected consequences to it, however I think this certain situation is so dire, and has become so large, that probably some well-crafted regulation is necessary,” said Apple chief Tim Cook on March 24, 2018.

    “If you’re going to use these technologies, you have to tell people you’re doing that, and they should never be surprised,” IBM chief executive Rometty said on March 26, 2018. “(We have to let) people opt in and opt out, and be clear that ownership of the data does belong to the creator,” he said.

    Such regulatory oversight already exists in Europe under national data protection laws, and this will potenyially become global when the European General Data Protection Regulation (GDPR) comes into effect on May 25, 2018. The question is whether Facebook and/or CA would have been in breach of GDPR were it already operational, and therefore whether GDPR will prevent any future repetitions of this sort.

    “From Facebook’s perspective,” MacRoberts LLP senior partner David Flint told SecurityWeek, “the only good point is that the maximum fine under the [current UK] Data Protection Act is £500,000; after 25 May 2018 it would be 4% of Facebook worldwide turnover ($40bn in 2017) — a potential $1.6bn fine! That’s before damages claims.”

    The user profile collection

    At this stage we have to stress that everything is just a combination of accusation and denial, with nothing yet proven in a court of law. Nevertheless, the accusation is that a Cambridge University academic, Dr. Aleksandr Kogan, developed a Facebook personality quiz app (called ‘thisisyourdigitallife’) that collected data from some 270,000 app users on Facebook; and also collected their friends’ data. Kogan’s firm was known as Global Science Research (GSR).

    Concerns about the relationship between Facebook user data, GSR, CA, and the U.S. presidential election are not new.

  34. Tomi Engdahl says:

    Facebook Details Election Security Improvements

    While under heavy fire for the user privacy blunder involving U.K. firm Cambridge Analytica, Facebook took its time this week to present some of the steps it is taking to protect elections from abuse and exploitation on its platform.

    The United States this month announced sanctions against Russia for supposed attempts to influence the 2016 US presidential election, after it charged 13 Russians for their role in a campaign supposedly aimed at tilting the vote.

    The United States, however, wasn’t the only country hit by such attacks: Canada, France, and Germany (and possibly other countries too) were hit as well. These cyber-attacks prompted the launch of Google’s election security solutions, but Facebook is now looking to strengthen protections against other types of election meddling.

    “By now, everyone knows the story: during the 2016 US election, foreign actors tried to undermine the integrity of the electoral process. Their attack included taking advantage of open online platforms — such as Facebook — to divide Americans, and to spread fear, uncertainty and doubt,” Guy Rosen, VP of Product Management, notes.

    There are four main election security areas Facebook plans to improve: combating foreign interference, removing fake accounts, increasing ads transparency, and reducing the spread of false news.

  35. Tomi Engdahl says:

    Josh Constine / TechCrunch:
    Facebook debuts new feature in settings that makes it easy for users to bulk remove third-party apps and an option to delete posts from those apps

    Facebook launches bulk app removal tool amidst privacy scandal

    Following the Cambridge Analytica scandal, users have flocked to their Facebook privacy settings to sever their connection to third-party apps that they no longer wanted to have access to their data. But deleting them all took forever because you had to remove them one by one. Now Facebook has released a new way to select as many apps as you want, then remove them in bulk. The feature has rolled out on mobile and desktop, and Facebook also offers the option to delete any posts those apps have made to your profile.

    Facebook confirmed the launch to TechCrunch, pointing to its Newsroom and Developer News blog posts from the last few weeks that explained that “We already show people what apps their accounts are connected to and control what data they’ve permitted those apps to use. In the coming month, we’re going to make these choices more prominent and easier to manage.”

    Cracking Down on Platform Abuse

  36. Tomi Engdahl says:

    Facebook admits Cambridge Analytica hijacked data on up to 87M users

    Facebook will warn 87 million users, mostly in the U.S, that their data “may have been improperly shared with Cambridge Analytica by apps that they or their friends used”, the company just announced. Facebook CTO Mike Schoepfer tells TechCrunch that Facebook will warn these users with a notice atop the News Feed with information about what data of theirs might have been attained, and what they should do now.


  37. Tomi Engdahl says:

    Facebook restricts APIs, axes old Instagram platform amidst scandals

    Facebook is entering a tough transition period where it won’t take chances around data privacy in the wake of the Cambridge Analytica fiasco, CTO Mike Schroepfer tells TechCrunch. That’s why it’s moving up the shut down of part of the Instagram API.

  38. Tomi Engdahl says:

    Cambridge Analytica denies accessing data on 87M Facebook users…claims 30M

    Cambridge Analytica is refuting a report by Facebook today that said Cambridge Analytica improperly attained data on up to 87 million users. Instead, it claims it only “licensed data for no more than 30 million people” from Dr. Aleksandr Kogan’s research company Global Science Research. It also claims none of this data was used in work on the 2016 U.S. presidential election when it was hired by the Trump campaign, and that upon notice from Facebook immediately deleted all raw data and began removing derivative data.

    The he-said-she-said of the scandal seems to be amplifying as Facebook continues to endure criticism about weak data privacy policies and enforcement that led to the Cambridge Analytica fiasco that’s seen Facebook’s market cap drop nearly $100 billion.

    Facebook has used Cambridge Analytica as an example of abuse it’s trying to combat, and as a justification for cracking down on developers both malicious and benign around the world.

  39. Tomi Engdahl says:

    Facebook drops a bombshell and says most of its 2 billion users may have had their personal data scraped

    Facebook revealed Wednesday that “malicious actors” had scraped the personal data of most of its users by using a search feature to find their profile pages.
    The company also revealed that the Cambridge Analytica data leak was potentially much bigger than first estimated; the data firm may have gotten access to the data on up to 87 million users.
    The revelations come as the company is still reeling from and responding to the Cambridge Analytica scandal.

    “Most” of Facebook’s 2 billion users may have had their personal data skimmed from the site by “malicious actors,” the company said in a blog post by Chief Technology Officer Mike Schroepfer. Facebook said it has disabled the feature in its site’s search function that enabled the data scraping


  40. Tomi Engdahl says:

    Josh Constine / TechCrunch:
    Highlights and audio from Mark Zuckerberg’s conference call with reporters on Cambridge Analytica scandal, Boz memo, GDPR, and more — “This is going to be a never-ending battle” said Mark Zuckerberg . He just gave the most candid look yet into his thoughts about Cambridge Analytica …

  41. Tomi Engdahl says:

    Tim Burrowes / Mumbrella Asia:
    Facebook statistics show data from 3.6M+ users in Asia, ~1M in UK, and 700K+ in Mexico may be among the 87M who had information analyzed by Cambridge Analytica

    3.6m Asian Facebook users may have had harvested data passed on to Cambridge Analytica

  42. Tomi Engdahl says:

    Josh Constine / TechCrunch:
    Cambridge Analytica denies Facebook’s claim that it accessed data on 87M Facebook users, claims it “licensed data for no more than 30M people”

    Cambridge Analytica denies accessing data on 87M Facebook users…claims 30M

    Cambridge Analytica is refuting a report by Facebook today that said Cambridge Analytica improperly attained data on up to 87 million users. Instead, it claims it only “licensed data for no more than 30 million people” from Dr. Aleksandr Kogan’s research company Global Science Research. It also claims none of this data was used in work on the 2016 U.S. presidential election when it was hired by the Trump campaign, and that upon notice from Facebook immediately deleted all raw data and began removing derivative data.

  43. Tomi Engdahl says:

    Makini Brice / Reuters:
    Mark Zuckerberg to testify before Senate Judiciary and Commerce committees on April 10 and the House Energy and Commerce Committee on April 11

    Facebook’s Zuckerberg to testify before Congress on April 10-11

  44. Tomi Engdahl says:

    Josh Constine / TechCrunch:
    Mark Zuckerberg refutes earlier reports, says Facebook will make GDPR controls available globally, notes different markets, laws may require different formats

    Zuckerberg says Facebook will offer GDPR privacy controls everywhere

    Mark Zuckerberg refuted a Reuters story yesterday that said Facebook would not bring Europe’s General Data Protection Regulation privacy safeguards around the world. “Overall I think regulations like this are very positive” Zuckerberg said on a conference call with reporters today. “We intend to make all the same controls available everywhere, not just in Europe.”

    Zuckerberg noted that “Is it going to be exactly the same format? Probably not. We’ll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we’re going to make all the same controls and settings available everywhere, not just in Europe.”


Leave a Comment

Your email address will not be published. Required fields are marked *