It is no secret that Facebook tracks the data of its users, as anyone who has seen an advertisement related to some topic that has just published can attest. But the illegal collection of data from up to 87 million users by Cambridge Analytica has raised new concerns about the security of personal information stored on social networks.
Recently published documents suggest that Facebook knew about the Cambridge Analytica scandal much sooner than we thought.
The documents indicate that Facebook was aware of the compilation three months before the press revealed the use of personal data to target specific advertising to voters during the 2016 elections, which determined the triumph of Donald Trump, reports CNBC.
Internal emails suggest that the social network had concerns about Cambridge Analytica, as well as other companies that used data in a way that potentially violated Facebook's policies in early September 2015.
These documents indicate that Facebook employees planned to contact the companies in question to determine how they were using their users' data. An e-mail sent on September 30, 2015 speculates that “the data scraping activity of these applications“ probably does not comply ”with the aforementioned policies.
WHAT HAPPENED ABOVE
Facebook has released widespread changes on data privacy and access to third-party applications. But, with the case of Cambridge Analytica, a company that managed social media campaigns related to the presidential candidacy of Donald Trump, in addition to the vote of Brexit in the United Kingdom, the scrutiny will probably continue for some time.
After Mark Zuckerberg broke his silence and shared a message detailing what happened, explaining how several of those changes had already been put in place, Facebook shared an updated data policy, while launching several limitations on the use of third-party applications.
Facebook says that users affected by data misuse will be notified, adding that the list of security changes announced this week is only the beginning, and that there will be more adjustments. For its part, Cambridge Analytica says they have done nothing illegal, and so far seems to cooperate with the investigations.
At a press conference held on April 4, Zuckerberg said the company initially did not have a broad enough view of how the network could be abused. "We don't focus enough on preventing abuse, and think about how people can use these tools to do harm," said the CEO of the social network. "That applies to fake news, foreign interference in elections, hate speech, In addition to developers and data privacy. We did not take a broad enough view of our responsibility, and that was a big mistake. It was my mistake".
On Monday, March 26, the Federal Trade Commission confirmed an investigation into Facebook's privacy policies. In addition to mentioning the current privacy laws, the statement also mentions that companies with previous agreements with the FTC must also comply with the orders, and Facebook has already faced public scrutiny for a similar list of claims in 2011.
WHAT YOU SHOULD KNOW
So, what should Facebook users know about the privacy and use of their data?
This is what we know so far:
1- Most of the affected users did not download an app or authorize access to their data
Some of the user data was obtained through the application “this is your digital life”(This is your digital life), from Global Science Research, a supposed personality analysis app, which stated that the information was anonymous and will only be used for research. The application was also powered by Amazon Turk, a program that pays users to complete surveys and other online tasks.
Generally, when granting access to a third-party application, a pop-up screen appears indicating what data the app could obtain, which requires the user to accept the terms before allowing access. Global Science Research allegedly sold that information to Cambridge Analytica, who in turn used it to send specific ads with personalized information obtained illegally, to more than 50 million people.
Only about 270,000 people accessed the application, but the app did not stop there: it also collected data on the friends of those users, and friends of their friends, until they had access to information from more than 50 million accounts, such as It is detailed in The New York Times. This means that the vast majority of users whose data has been stolen have never authorized the application to access their accounts, which has led to the consequent controversy and the prohibition of Facebook for Cambridge Analytica to continue using its platform .
2- Apps can no longer access your friends' data, and Facebook continues to work on more privacy features
Facebook states that, for years, the platform does not allow third-party applications to access your friends' information. This change was made in 2014 when Facebook removed the API (Application Programming Interface) that allows developers to access contact data in a user's network.
Zuckerberg says they will continue to take several measures to further protect their users' data. Third-party applications will now only remain connected for three months, which prevents single-use apps from continuing to view your data.
The network is also launching an audit of all applications that used friend data before 2014, and will eliminate anyone who does not cooperate, as well as apps that used the data in an illegal way. And although currently each user can see in the configuration which applications have access to their data, Facebook place that tool in the news feed during the next month, so that approved applications can be easily verified.
3- Facebook saba about the misuse of data since 2015
Facebook discovered the misuse of the data of journalists in 2015. The creator of the application, Dr. Aleksandr Kogan, said they were using them for an academic study, and insists that he did not think he was doing something wrong.
When Facebook discovered that the application was collecting that information in 2015, it asked Global Science Research to remove them, and thought the company did. When Facebook received reports suggesting they did not, they suspended the platform company and launched an investigation. A lawsuit filed by investors said Facebook should have disclosed this information.
4- Facebook is losing money, and that could be a good thing for you
Advertisers often choose Facebook because the company can target its customers with specific products, using publicly shared legal information. For example, sending diaper announcements only to new parents. However, this scandal is affecting the value of the company. In just the first two days, the company's shares lost about $ 60 billion dollars ($ 60 billion) in value.
While that is not good news if you are an investor in Facebook shares, for the average user, that impact could be a good sign: Facebook will not stand still while losing billions of dollars. Social media platforms are companies driven by economic income, and a threat to financial results can cause a rapid change of course. Just see how quickly YouTube changed its advertising policies, when advertisers boycotted the platform after seeing their ads inserted in racist or controversial videos.
5- This is not the first time that Facebook is under the spotlight for the privacy of its users
In 2011, Facebook faced a list of complaints from the Federal Trade Commission about user privacy. One of those complaints said that “Facebook claimed that the third-party applications that users installed will have access only to the information they needed to operate. However, applications can access almost all personal data of users, including data that applications did not need. ”
A second complaint on the list sounds familiar in the midst of the current scandal, which says that "selecting the list of" Only friends "does not prevent personal information from being shared with third-party applications that your friends used." In addition, although Facebook claimed to verify that the participating applications were secure, the FTC said this was not true. Facebook resolved the complaint, agreed to obtain user approval before allowing applications to access the data, and allowing privacy auditors.
In 2017, Facebook faces fines in France and the Netherlands for violating the privacy protection laws in those countries. At that time, government organizations said Facebook did not allow enough privacy controls, and that the platform also used browser history without the user's consent.
This situation probably prompted Facebook to announce a new Privacy Center, designed to help users understand how their data is used. However, the Privacy Center has not yet been launched, but Facebook said it plans to launch it in May this year.
6- The United States, the United Kingdom and the FTC are investigating the situation
As the investigation continues, more details are likely to be available, as several groups investigate the controversy. According to the reports, Facebook met with Congress for two days after the scandal. The social network hired a private investigation firm, but the Office of the Information Commissioner of the United Kingdom asked the group of analysts hired to withdraw, while continuing its own investigation. The FTC is also conducting its own research regarding the use of information, according to Bloomberg.
Currently, it is not clear exactly how the data was used, in what campaigns they were used, and if those campaigns had any significant impact. Cambridge Analytica denies doing anything illegal.
7- Facebook says they were cheated
While Zuckerberg and the chief operating officer, Sheryl Sandberg, generally rush to publish a public apology for the incidents involving the platform, the two have been unusually quiet, until finally this week the CEO announced his position. A Facebook representative said that this is because the two are "working day and night," and said the platform is "outraged because we were deceived," and that measures are being taken to protect user information.
Although the information was not stolen in a hack-like violation, Zuckerberg described the mishandling of the data as a breach of trust. "This was an abuse of trust between Kogan, Cambridge Analytica, and Facebook," he said. “But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that. ”
8- This is not the only accusation against Cambridge Analytica for questionable practices
While the misuse of Facebook user data is at the center of the scandal, it is not all that Cambridge Analytica faces. British reporters organized several meetings with senior executives of the company, with hidden cameras and posing as potential investors, and recorded CEO Alexander Nix suggesting to create a sexual scandal to discredit an opponent. Cambridge Analytica said it never intended to carry out those suggestions, and the CEO was suspended as an alleged internal investigation is conducted.
9- Users do not have to delete their Facebook account to protect their privacy
Although there is a campaign asking users to delete their Facebook account, the truth is that there are privacy settings that can be adjusted to limit shared data and see what third-party applications have been authorized. This may not prevent illegal access to data, if someone finds a way to access information outside the rules of the social network, but it is a good start for users who prefer not to cut all ties with Facebook.
Andrew Bosworth, director of the company's augmented reality and virtual department, and former vice president of advertising, said Facebook is set up so that personal data is not sold to other companies. "Yes, developers can receive data that helps them provide better experiences to people, but we don't earn money directly from that, and we have set it up in a way that nobody sells personal information to businesses," he wrote on Facebook.
“We can show better ads when we know more about people, so giving them information is the opposite of a good strategy. In addition, if people do not have a positive experience of connection with companies and applications, then everything is broken, ”Bosworth explained. "Our interests are aligned with users when it comes to protecting data."
As research continues, we will update this publication with additional information.
10 – More transparency
Given what happened, Zuckerberg has ordered his team to show the 87 million affected users how their information was used by the applications to which they gave access.
In an attempt to offer more transparency, affected users will receive notifications about the type of information that has been accessed.
After several weeks of being in the spotlight for the use of personal information of users, the social network reveals that it believes that up to 87 million people, the majority in the United States, will have been victims of improper use of data. The information was released in a press release published on his blog.
The second most affected country according to Facebook would have been the Philippines, followed by Indonesia, the United Kingdom and Mexico. In this last country, it is estimated that 789,880 users were affected. Facebook's problems began at the time of the presidential elections in the United States that took place in 2016. Now, a non-profit organization has accused the British firm of having violated electoral laws in the United States.
* Article updated on April 9 by Estefania Oliver.