Technology: Facebook’s rules for accessing user data lured more than just Cambridge Analytica - France-The Quai d'Orsay seizes the "manipulations of information" - PressFrom - US

Technology Facebook’s rules for accessing user data lured more than just Cambridge Analytica

09:36  20 march  2018
09:36  20 march  2018 Source:

Facebook suspends Trump-linked data firm Cambridge Analytica

  Facebook suspends Trump-linked data firm Cambridge Analytica Late Friday night, Facebook has announced it's suspending Strategic Communication Laboratories (SCL) from its site. While you may not have heard of SCL, its political analytics firm Cambridge Analytica has made headlines in the last few years due to its work for the Trump campaign and the Brexit initiative. According to former US Magistrate and current Facebook Deputy General Counsel Paul Grewal, this move is occurring because an app "thisisyourdigitallife" pulled in personal information of the 270,000 people who used it as well as information from their friends.

FILE - This July 16, 2013, file photo shows a sign at Facebook headquarters in Menlo Park, Calif. © AP Photo/Ben Margot, File FILE - This July 16, 2013, file photo shows a sign at Facebook headquarters in Menlo Park, Calif. Cambridge Analytica broke Facebook’s rules by obtaining the data under the pretense of academic use. But experts familiar with Facebook’s systems and policies say that the greater problem was that the rules for accessing the social network’s information trove were so loose in the first place.

Facebook chief executive Mark Zuckerberg in 2007 invited outside developers to build their businesses off Facebook’s data, giving them ready access to the friend lists, “likes” and affinities that connect millions of Facebook users. Practically any engineer who could persuade a Facebook user to download an app or to sign into a website using Facebook’s popular “log-in through Facebook” feature would have been able to access not only the profile, behavior and location of that Facebook user but also that of all the user’s Facebook friends, developers said.

Facebook says it's on the hunt for another Cambridge Analytica

  Facebook says it's on the hunt for another Cambridge Analytica In a series of interviews, Sheryl Sandberg says the company is looking for more bad actors, but hasn't found any so far.Load Error

Such information can be extremely valuable to marketers and political campaigns for tailoring messages, ads and fundraising pitches. As long as the developers didn’t misrepresent themselves, Facebook allowed the data to be stored on developers’ databases in perpetuity.

Subscribe to the Post Most newsletter: Today’s most popular stories on The Washington Post

Facebook changed its policy in 2015 after concerns about misuse of data by third parties and a shift in strategy tied to its relationships with developers.

The question of what Facebook permitted — and how everyday users understood those permissions — is under a new spotlight in the wake of the Cambridge revelations.

On Monday, Facebook said it will audit Cambridge Analytica to determine whether the company had deleted the data it took inappropriately.

Ex-Cambridge Analytica employee to cooperate with DOJ probe

  Ex-Cambridge Analytica employee to cooperate with DOJ probe The computer expert who alleges a trove of Facebook data was improperly used to help President Donald Trump's campaign in the 2016 election says he will cooperate with a Justice Department investigation.Christopher Wylie is a whistleblower and former employee of the data mining firm Cambridge Analytica, which has come under criticism over reports that it swiped the data of about 50 million Facebook users to sway elections.

Cambridge Analytica did not respond to requests for comment Monday. Over the weekend, the firm said it “fully complies with Facebook’s terms of service.”

Congressional calls for Facebook officials to testify on Capitol Hill grew louder and more bipartisan Monday as lawmakers demanded that the tech giant explain how Cambridge Analytica obtained its data. The increasingly sharp and personal tenor of the requests, many of which sought an appearance by Zuckerberg, raised the odds of a fresh round of potentially contentious hearings — after Facebook defended itself in fall hearings about Russian ma­nipu­la­tion of its site connected to the 2016 election.

“While Facebook has pledged to enforce its policies to protect people’s information, questions remain as to whether those policies are sufficient and whether Congress should take action to protect people’s private information,” Sens. Amy Klobuchar (D-Minn.) and John Neely Kennedy (R-La.) wrote in a joint letter to Sen. Charles E. Grassley (R-Iowa), chairman of the Senate Judiciary Committee.

Mexico data protection body to investigate possible links to Cambridge Analytica

  Mexico data protection body to investigate possible links to Cambridge Analytica Mexico's data protection body said on Monday it had opened an investigation into whether companies possibly linked to political consultancy Cambridge Analytica broke the country's data protection laws.INAI, the transparency and data protection regulator, said it was looking at Mexican companies that worked with cellphone app, which gives users free top-ups in exchange for receiving ads and completing surveys.

A spokesman for Grassley said the senator had not decided whether to hold a hearing.

Facebook’s shares closed down 6.8 percent on Monday, at their lowest price in several weeks.

Cambridge Analytica obtained the data through a psychological testing app, called Thisis­yourdigitallife, that offered personality predictions and billed itself on Facebook as “a research app used by psychologists.” Facebook said 270,000 people downloaded the app. That allowed the collection of data on 50 million “friends,” the New York Times and the Observer of London have reported.

“Facebook made it easy for app developers to collect users’ friends’ data,” said Nick Soman, an entrepreneur who collected the locations of Facebook users’ friends to enhance his social app LikeBright, which no longer exists.

Facebook did not conduct an audit of Cambridge Analytica in 2015 when the violations were first discovered, according to Facebook. Instead, it asked Cambridge, the psychologists and an affiliate company to promise it would delete the ill-gotten information.

Cambridge Analytica might have accessed private Facebook messages

  Cambridge Analytica might have accessed private Facebook messages Facebook just began notifying people if their information was accessed by Cambridge Analytica today. Soon after, the social media company created a Help Center page that you can check to see if you were one of the affected members who logged into quiz app This Is Your Digital Life. Apparently, doing so not only shared your News Feed, timeline and posts, but also your private messages. Facebook confirmed to Wired that the app used a read_mailbox permission, which, unlike other sensitive permissions that Facebook phased out a in April of 2015, didn't fully deprecate until October of that same year. Wired reports that while users would have needed to give their permission for the app (and hence Cambridge Analytica) to access their message inboxes, the request would have likely been hidden in with a bunch of other permission requests, which users may have missed when "agreeing" to share their data. Facebook says that a total of 1,500 people gave This Is Your Digital Life permission, though the total of actual users affected is unknown. The problem goes beyond those that granted permission to share; if you in some way messaged with any of those users, you might be also impacted.

“The model was to build and grow and figure out monetization,” said Sandy Parakilas, a former Facebook operations manager who oversaw developers’ privacy practices until 2012. “Protecting users did not fit into that.” Parakilas, as well as a contractor who worked on these issues at Facebook until 2016, said that Facebook did not conduct a single audit of developers during their tenures.

The Federal Trade Commission and European regulators had reviewed and were familiar with the company’s data policies at the time, Facebook said Monday. The company says that any user who downloaded an app or used the sign-on feature had to agree to a permissions screen that said, “This app will receive the following info: your public profile, friend list, birthday, groups, current city, photos, and personal description and your friends’s birthdays, photos, and likes.”

But two former FTC officials said that Facebook’s allowing the psychologist to take so much data about a person’s friends could constitute a violation of a 2011 consent decree with the agency.

Under that agreement, Facebook is required to notify and get explicit permissions from users before data about them is shared beyond the privacy settings that they have established. The fines for breaking the consent decree are $40,000 per violation, which could add up to billions of dollars if the estimated 50 million users whose data was taken by Cambridge were taken into account. The FTC declined to comment.

Cambridge Analytica ex-CEO refuses to testify in UK

  Cambridge Analytica ex-CEO refuses to testify in UK The chair of the British Parliament's media committee says Alexander Nix said he will no longer testify at an upcoming session on fake news.Nix had been recalled by the committee to testify Wednesday following testimony by whistleblower Christopher Wylie on the use of data by some 87 million Facebook users in the campaign for Donald Trump's presidential election.

Facebook has denied violating the consent decree. “We reject any suggestion of violation of the consent decree,” Facebook said in a statement to The Washington Post late Saturday. “We respected the privacy settings that people had in place. Privacy and data protections are fundamental to every decision we make.”

David Vladeck, a former director of the FTC’s Bureau of Consumer Protection, said that because the practice of collecting friend data went well beyond Cambridge, “that in itself may be a serious problem, especially given the language of the consent decrees, which differentiates between users and others.”

Sen. Richard Blumenthal (D-Conn.) urged the FTC on Monday to investigate Facebook. “FTC should immediately investigate and sanction apparent breach by Facebook of its 2011 agreement guaranteeing protection of consumer info - now a hollow promise,” Blumenthal wrote on Twitter.

Facebook once appeared to acknowledge that some data collection by developers ran counter to the expectations of Facebook users. In a 2014 news release announcing new restrictions to its developer policies, a Facebook executive wrote, “We’ve heard from people that they are often surprised when a friend shares their information with an app.” That admission may indicate that people had not been given adequate understanding of how their data and their friend’s data were used by third parties.

Facebook “goes into this endless hairsplitting that people should have known,” said Marc Rotenberg, president and executive director of the Electronic Privacy Information Center, a nonprofit advocacy group that has brought privacy cases before the FTC. “No one could have known that their friends were disclosing their personal data on their behalf. It’s entirely illogical, and it breaks the consent law.”

Facebook has the ability to ban, sue, warn or audit developers of apps who break their policies. The social network has occasionally cracked down: In 2014, Facebook blocked two advertising partners, HasOffers and Kontagent, for violating policies on retaining customer data and failing to notify partner companies about their data collection practices.

In 2011, Carol Davidsen, director of data integration and media analytics for Obama for America, built a database of every American voter using the same Facebook developer tool used by Cambridge, known as the social graph API. Any time people used Facebook’s log-in button to sign on to the campaign’s website, the Obama data scientists were able to access their profile as well as their friends’ information. That allowed them to chart the closeness of people’s relationships and make estimates about which people would be most likely to influence other people in their network to vote.

“We ingested the entire U.S. social graph,” Davidsen said in an interview. “We would ask permission to basically scrape your profile, and also scrape your friends, basically anything that was available to scrape. We scraped it all.”

FarmVille’s developer, Zynga, and Tinder did not immediately respond to requests for comment.

Cambridge Analytica files for Chapter 7 bankruptcy after scandal .
Cambridge Analytica, the political intelligence firm whose tactics came under fire and sparked a whirlwind of scrutiny over Facebook data, has submitted papers in the U.S. to begin liquidating. The move comes less than three weeks after Cambridge Analytica announced it would shut down.The company filed late Thursday to enter Chapter 7 bankruptcy in a widely expected decision after the firm had already started similar proceedings in United Kingdom courts.

—   Share news in the SOC. Networks

Topical videos:

usr: 1
This is interesting!