Facebook has been making headlines due to a data breach affecting as many as 50 million users.
What’s the story?
On March 17, 2018 a New York Times article was published drawing some interesting parallels between a massive data breach and the potential repercussions of this information in the wrong hands. Since then, Facebook has been facing a lot of criticism.
The article reported that a political data firm, Cambridge Analytica, had improperly obtained access to private data from millions of Facebook users. Of course, accessing private information illegitimately and without consent is questionable, but the real drama of this story has come from the power of this information and its potential to shape our culture. Especially since Cambridge Analytica was the political data firm hired by Trump’s presidential campaign in 2016.
Why is this an issue?
Cambridge Analytica obtained the data in question by violating Facebook’s rules. It was a grey area in the app development process that allowed app developers to access data from app users and their friends without consent. In 2015, Facebook demanded that Cambridge Analytica delete the data in question. Facebook considered the matter closed. Long story short – Facebook never followed up to confirm the data was deleted and it was not.
How was the data used?
We don’t exactly know. While it is not clear that the data Cambridge Analytica had was useful to them or even used, it is believed that this data could have been used to give the Trump campaign an unfair advantage of targeting voters online leading up to the election. Especially since the data was paired with tools that could identify personalities and potentially influence behaviour. Christopher Wylie, the whistleblower in this story, has gone on the record to the Observer to say that:
“We exploited Facebook to harvest millions of people’s profiles and built models to exploit what we knew about them and target their inner demons. That was the basis that the entire company was built on.”
Cambridge Analytica denies these allegations and called Wylie a “part-time employee who left in 2014.”
To make matters worse…
Facebook CEO, Mark Zuckerberg, didn’t comment on the matter for 5 days which added a lot of speculation and doubt into an already tense PR crisis. The Federal Trade Commission and British Authorities are investigating the case, Zuckerberg is being called to testify and in the meantime, Facebook stock is plummeting.
Is Facebook to blame?
This story is revealing how Facebook can use our history of likes, dislikes, private messages and personal photos to target us with vacation destinations, clothing and services, but also shape the news of our world in a way that we would never notice. Regardless of what kind of breach this is considered – what happened with the data and did it really shape our thoughts and opinions?
#DeleteFacebook has been trending. But beyond deleting your Facebook account, there is a bigger issue that is reaching a tipping point. This scandal is an overdue reckoning over the power of global corporations and their responsibility to protect our personal data.
If you are a business or operate a website that collects personal information, being trusted with that information is paramount.
10 January - Blog
Your Guide to Objective-Based Penetration Testing
14 December - Blog
2022 in Review and Our Predictions for 2023: Cyber-Threat Landscape
05 December - Blog
Choosing a Penetration Testing Company: Methodology & Certifications