Cambridge Analytica, the UK-based data firm employed by Donald Trump’s presidential campaign in 2016, harvested millions of Facebook profiles of US voters and used them to build powerful software for both predicting and shaping choices at the ballot box.
On Saturday (March 17), The Guardian and The New York Times published explosive reports accusing Cambridge Analytica of acquiring data of more than 50 million Facebook users without their knowledge. Here’s what you need to know right now about Cambridge Analytica and the response from Facebook.
Cambridge Analytica is a company that helps political parties and businesses to “change audience behavior.”
The firm, initially led by Steve Bannon and funded by Republican mega-donor Robert Mercer, uses a technique it calls “psychographic profiling.” It collects data from a wide range of sources, which include social media platforms such as Facebook, and its own polling.
Among other clients, Cambridge Analytica worked with the Vote Leave campaign in the run-up to the UK’s Brexit referendum, as well as Trump’s team during the 2016 US election. In both cases, it created psychographic profiles of Facebook users that were utilized for targeted political ads.
Alexander Nix, the head of the company, has repeatedly claimed that Cambridge Analytica had collected all information lawfully and had not used any private data of Facebook users. Only last month, he appeared before the UK’s Electoral Commission to deny any wrongdoing.
However, Christopher Wylie, who helped found Cambridge Analytica and worked there until late 2014, blew the whistle claiming the company had covertly obtained millions of Facebook users’ personal information. Besides Wylie, The New York Times and The Guardian conducted interviews with multiple other former employees and contractors and a review of the firm’s emails and documents. The investigation revealed that Cambridge Analytica not only had relied on private Facebook data but still kept most or all of the trove.
Facebook reportedly found out about the leak in 2015. Despite that, it failed to alert users at the time and took only limited action to retrieve and protect the private information of more than 50 million people. It requested that Cambridge Analytica destroy the data and provide certification that it no longer exists, but the recent reports disclose that the company did not delete all the data.
Wylie revealed that the company had been able to assemble a vast database very quickly from an app developed by a Cambridge academic Aleksandr Kogan. The app snatched data from Facebook users who agreed to fill out a personality survey, together with their friends and contacts — a process of which most were uninformed.
According to Wylie, the company then used the information, including Facebook users’ friends, “likes” and hometowns, to sway the behavior of potential voters.
Astonishingly, Facebook’s terms of service at the time allowed apps to collect data not only from the users who consented to it but also from their friends who had no idea about it. On top of that, Kogan misrepresented the whole point of the app. Users who thought they were taking a simple online quiz were handing over a load of personal data that in the end was used for political purposes.
Facebook said it had suspended Cambridge Analytica from its platform, even though it had initially denied any leak had taken place. Paul Grewal, the social network’s vice president and deputy general counsel, told the New York Times: “No systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”
Cambridge Analytica and Facebook are already at the center of an inquiry into politics and data by the British Information Commissioner’s Office. The Electoral Commission is running a separate investigation on the role Cambridge Analytica performed in the EU referendum.
On Tuesday (March 20), the Information Commissioner Elizabeth Denham announced she was seeking a court warrant to search the offices of Cambridge Analytica. She took the measure after the firm missed her Monday deadline to provide access to its databases and servers.
After the latest revelations, several US lawmakers have also expressed concern over the privacy breach. Facebook faced fresh calls for regulation from Democratic senators on Saturday and was flooded with questions about personal data safeguards, but it was unclear whether the Republican-controlled Congress would act.
The Democratic senator Mark Warner said data harvesting on such a great scale for political targeting stressed the need for Congress to build on existing controls. “Whether it’s allowing Russians to purchase political ads, or extensive micro-targeting based on ill-gotten user data, it’s clear that, left unregulated, this market will continue to be prone to deception and lacking in transparency,” he said.
This case illustrates the massive influence Facebook and other tech giants hold – even on events as significant as the US presidential elections. Although social networks wield this immense power, they don’t seem to cope with the responsibility that comes with it.
While lawmakers across the Atlantic are trying to figure out how to stem the kind of political manipulation we’ve seen in this case, social media users should be extra careful when providing personal information.
We recommend revoking access to applications that are no longer in use, as well as suspicious apps that offer you to get “likes,” followers or view private accounts on Instagram. For more tips on securing your social media profiles, read this article covering all major privacy concerns.
If you feel you can no longer trust Facebook with the security of your private data, deleting your account is also an option to consider.