Facebook-Cambridge Analytica scandal: All we need to know

Everything you need to know about the biggest data breach in Facebook's history.

 |  7-minute read |   20-03-2018
  • ---
    Total Shares

Facebook is in the news again, and sadly not for a good reason. Over the last few days, the Menlo Park-based social media giant has had to face harsh criticism over its alleged role in influencing the 2016 US presidential elections, changing public opinion at the time of UK's Brexit referendum and even helping Nitish Kumar's JDU achieve a landslide victory in the 2010 Bihar Assembly polls.

After The New York Times and The Observer published scathing reports on the developments, lawmakers across the two countries have now demanded action against Facebook for helping a voter-profiling company illegally get its hands on the personal user data of 50 million users. 

The case has once again given rise to calls for greater scrutiny over data privacy, and Facebook's role in collecting and controlling vast amounts of personal data. It has also served as a PR disaster for Mark Zuckerberg — his firm Facebook's stocks plunged in the aftermath of this news and saw it losing about $40 Billion in market cap.

Indian link

In its section on India notes, CA has revealed that way back in 2010, under the name of its parent company, Strategic Communications Laboratories (SCL), its team conducted an "in-depth electorate analysis for the Bihar Assembly Election in 2010". It further boasts of how its efforts helped its client Janata Dal (United) achieve a “landslide victory, with “over 90 per cent of total seats targeted by CA” being won.


Who is Cambridge Analytica

In the eye of the storm is British voter profiling firm Cambridge Analytica (CA), which claims to "use data to change audience behaviour". The firm, which has been part of carrying out digital political campaigns across the globe, offers its clients necessary data and insights for winning their political campaigns. According to the company, it does so by "combining predictive analytics, behavioural sciences, and data-driven advertising technology".

Further, the company uses vast amounts of user data to predict voter behaviour and then tries to influence it using targetted ads and campaigns across multiple social media and digital platforms.

Though CA has played a role in election campaigns in many countries such as Kenya, Malaysia and even India, its biggest achievement has been the work it did for the Republican Party during the 2016 US presidential election. The company is believed to have been instrumental in identifying and pushing swing voters in favour of Donald Trump's campaign. CA also has strong links with the party as the company has ties with Steve Bannon and Republican mega-donor Robert Mercer. 

How did it influence voter opinion? 

The voter profiling company claims its work on political campaigns is powered by the vast troves of legitimately procured personal data it has on individuals. In the case of the US polls, CA claims to have used "5,000 data points on over 230 million American voters" – of an estimated 250 million people of voting age in the US – to create their accurate profiles so that it could later reach out to them through targeted ads.


Facebook's role

Despite CA's claims, it has emerged that most of its data on individual users could have been procured through nefarious means. Per the exposé by the New York Times and The Observer, CA "harvested private information from the Facebook profiles of more than 50 million users without their permission" thus making it the single biggest data leak in the history of Facebook.

The data breach was all but confirmed after Facebook suspended CA from using its platform after it found the voter-profiling firm to have violated its data privacy policies. Facebook, in its diktat, has banned CA and its parent group SCL from buying buy ads on its platform or handling Facebook pages of its clients.

Facebook has also responded by hiring a digital forensics firm to investigate this unprecedented leak. In a statement, Facebook said that forensics firm Stroz Friedberg would "conduct a comprehensive audit of Cambridge Analytica" and that the company had agreed to comply and provide access to its servers and systems.

Facebook's fault

Though Facebook has tried extremely hard to shrug off responsibility in the data leak, its efforts have not deflected focus from the real issue at hand. The manner in which CA harvested personal data of the 50 million users has exposed the shortcomings in Facebook's privacy policy. 

Cambridge Analytica acquired this data quite easily after it used an application developed by a company called Global Science Research (GSR). In 2014, GSR launched a personality quiz app called "thisisyourdigitalife" that was marketed as an experiment used by "psychologists".

The application, downloaded by 2,70,000 people in total, was granted access by Facebook, which gave it access to the users' data. This was essentially their location, their Facebook friends lists, their pictures and their likes — data used by Cambridge Analytica to build user profiles. 

The application blatantly violated Facebook's developer policies and as a result, should have been taken to task by Facebook. However, instead of stopping the application from stealing and then selling of the data of these users, Facebook, because of its poorly formed privacy policies, allowed the application to dig into the entire user data of the friends of each of these 2,70,000 individuals, thus giving GSR and — by proxy — CA the access to the private information of more than 50 million users without their permission. 


Facebook's cover-up

It is important to mention here that Facebook has been in the know of the data breach for some time now. However, as the NYT report explains, the social media giant chose not to acknowledge it publicly. Instead, it approached CA through its lawyers to secure the data – efforts for which continued as recently as August 2016. At the time, CA assured Facebook that it had deleted the data in question, but as the NYT report now exposes, copies of it still remain with CA.

Besides failing to recognise this massive data breach, Facebook, in its better judgment, allowed CA to continue using its platform for carrying out political campaigns and to buy ads to influence millions of voters across the globe.  


Also read: How Indira Gandhi gagged the media during Emergency


Sushant Talwar Sushant Talwar @sushanttalwar

Tech journalist, DailyO

Like DailyO Facebook page to know what's trending.