FacebookTwitterLinkedIn

The Facebook and Cambridge Analytica Saga: Where it currently stands

Karolis Liucveikis Written by on

Since the dawn of social media platforms privacy rights experts have been warning the public as to the dangers such platforms may have. These warnings tend to be summarily ignored till now. Facebook is not immune to scandal and has successfully navigated a few to become the behemoth of social media platforms. In all likelihood, it will limp through this latest scandal where data was abused by Cambridge Analytica in an attempt to swing both the last US Election as well as the Brexit referendum. The story that has erupted since Christopher Wylie revealed to the press that the data from 50 million individual Facebook users were used to influencing elections has snowballed since the beginning. The article that follows attempts to summarise what has happened so far and what is known.

Who is Cambridge Analytica?

Before both the New York Times and The Guardian published their articles exposing the extent to which Cambridge Analytica went to use personal data in influencing the elections mentioned above very little of the public at large even knew such a company existed. The company is based in the UK and is marketed as a data analytics company whose parent company is Strategic Communication Laboratories. Cambridge Analytica helps political campaigns reach potential voters online. The firm combines data from multiple sources, including online information and polling, to build "profiles" of voters. The company then uses computer programs to predict voter behavior, which then could be influenced by specialized advertisements aimed at the voters.

facebook cambridge analytica story

Cambridge Analytica does not deal with small amounts of data either. The company says it has “5,000 data points on over 230 million American voters”, considering that there are an estimated 250 million people of voting age in the US that stat is particularly impressive. From a recent Channel 4 expose it is not only data that is analyzed for their clients but lies and blackmail are also employed by the company to swing elections. This has obviously resulted in a fair amount of criticism and both Governments in the UK and US are wanting answers.

Did a data breach occur affecting Facebook?

According to the New York Times, they characterized this as a data “breach” and says it's “one of the largest data leaks in the social network's history.” Facebook, however, disputes that the incident was a data breach because the information was accessed through normal means. Perhaps the more important question is how did Cambridge Analytica get access to the data? Enter a Cambridge University lecturer Aleksandr Kogan. Kogan reportedly created an app called “thisisyourdigitallife” that ostensibly offered personality predictions to users while calling itself a research tool for psychologists. The app asked users to log in using their Facebook account. As part of the login process, it asked for access to users' Facebook profiles, locations, what they liked on the service, and importantly, their friends' data as well.

Facebook maintains that Kogan then sent this user data to Cambridge Analytica without user permission which would be against Facebook policy. Although this is against the Facebook policy the data was not stolen and would not then be considered taken as part of a data breach as the New York Times contends. According to Facebook information policies Kogan was supposed to hold on to the information himself, not hand it over to Cambridge Analytica or anyone else for that matter.

Despite whether a breach occurred or not, critics have been quick to point out that Kogan was able to do what he allegedly did because Facebook allowed app developers to request and receive access to the data of users' friends. This policy was changed in 2015 to prohibit such access to data but this may be a case of too little too late.

Mark Zuckerberg Apologises

After five days after the story was latched onto by almost every media house across the globe, the Facebook CEO broke his silence and apologised. Stating in a press release Zuckerberg went on to say “a breach of trust between Facebook and the people who share their data with us and expect us to protect it”. Further, he wrote “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you…We also made mistakes, there’s more to do, and we need to step up and do it,”

To back up his sentiment Facebook has stated that it is changing the way it shares data with third-party applications. Exactly what measures will be taken to hopefully protect user data and their right to privacy is unclear. However, it may not be up to Facebook to decide how best to do this as government agencies are wanting answers. Facebook could face an investigation by the Federal Trade Commission over whether it violated a 2011 consent decree. The consent decree required that Facebook must get users to agree to and be notified about the social network sharing their data. While in Europe, where regulators have traditionally taken a tough stance on social media and privacy, the president of the European Parliament, Antonio Tajani, tweeted that EU lawmakers “will investigate fully, calling digital platforms to account.” In the UK, Damian Collins, the chair of Parliament's committee overseeing digital matters, said that Zuckerberg needs to stand up and answer questions directly.

In the meantime calls for users to delete Facebook are gaining momentum albeit briefly with Brian Acton, co-founder of the WhatsApp messaging service acquired by Facebook in 2014 for $19 billion, publicly stating “It is time, #deletefacebook,” It is unlikely such movements will gain any massive traction with the public given Facebook’s share hold over social media. The movement would have to place a significant dent in Facebook’s user base before advertisers even began to reconsider using Facebook as a platform to market whatever they are selling. Given that despite the scandal and resultant bad press Facebook will probably continue on as it has, modifying its policy somewhat and moving on to the next scandal.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal

Top Removal Guides
Latest News
Blog