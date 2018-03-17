Did Cambridge Analytica Harvest 50 Million Facebook Profiles? (theguardian.com) 33
Slashdot reader umafuckit shared this article from The Guardian: The data analytics firm that worked with Donald Trump's election team and the winning Brexit campaign harvested millions of Facebook profiles of U.S. voters, in one of the tech giant's biggest ever data breaches, and used them to build a powerful software program to predict and influence choices at the ballot box... Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer: "We exploited Facebook to harvest millions of people's profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on."
Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals... On Friday, four days after the Observer sought comment for this story, but more than two years after the data breach was first reported, Facebook announced that it was suspending Cambridge Analytica and Kogan from the platform, pending further information over misuse of data. Separately, Facebook's external lawyers warned the Observer on Friday it was making "false and defamatory" allegations, and reserved Facebook's legal position...
The evidence Wylie supplied to U.K. and U.S. authorities includes a letter from Facebook's own lawyers sent to him in August 2016, asking him to destroy any data he held that had been collected by GSR, the company set up by Kogan to harvest the profiles... Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was travelling, nor did it follow up with forensic checks on his computers or storage, he said. "That to me was the most astonishing thing. They waited two years and did absolutely nothing to check that the data was deleted. All they asked me to do was tick a box on a form and post it back."
Wylie worked with Aleksandr Kogan, the creator of the "thisisyourdigitallife" app, "who has previously unreported links to a Russian university and took Russian grants for research," according to the article. Kogan "had a licence from Facebook to collect profile data, but it was for research purposes only. So when he hoovered up information for the commercial venture, he was violating the company's terms...
"At the time, more than 50 million profiles represented around a third of active North American Facebook users, and nearly a quarter of potential U.S. voters."
No, Republicans only try to believe that.
Regardless, data theft is a criminal enterprise, conspiracy to defraud is a criminal enterprise, violation of US election laws by involving foreign nationals is a criminal enterprise, government agencies conspiring to defraud the electorate is - essentially - treason, and Cambridge Analytics violated EU data protection laws on top of all that.
Fine, arrest everyone who is guilty of such a crime, throw the lot in a SuperMAX and never let them see the light of day again
This is a "Breach"? (Score:4, Insightful)
If your Facebook Profile is set to "Public" then all the "Public" can see it. This is a "breach"? Maybe of the Facebook TOS, but those are meaningless.
Re:This is a "Breach"? (Score:5, Interesting)
The same way a restaurateur can refuse to serve a customer who previously made a mess of your dining room.
Facebook may be 'facing the public' but its still a private service and it can decide not to provide service, or do business with anyone it wants pretty much for any reason, at any time. The ToS maybe "bullshit", but its not even necessary... they don't have to wait until you violate the ToS they can decide they just don't like your face, without any ToS at all.
I have preached from the beginning that the only right a Facebook member has is to leave.
It includes private data. The app used to take everything.
And, yes, it is a breach. It doesn't matter what you set public, if you operate in the EU (and Cambridge is still in there), you abide by EU Data Protection laws. You are forbidden from collecting personal data without both a license and permission (they had neither) and you are forbidden from reselling it to a nation with weaker data protection laws (the U.S. included).
Every last one of those 50 million can sue Data Analytics. And they should. Even
In the EU, that doesn't matter. Data protection act.
I'm more concerned about shadow profiles (Score:4, Insightful)
Given I closed my Facebook account several years ago, I'm more worried about whether these bad actors managed to access Facebook's shadow profiles - since, unfortunately, most of my family is on Facebook.
For people who are actually on Facebook - including my family - I say "don't pretend to be outraged since you voluntarily decided to hand them all your personal information".
Slashdot commenters want to have it both ways:
- Users are too dumb to know what they are signing up for. #sheeple
- Users knew what they were signing up for, no use crying over it now.
I'm reminded of the silly disclaimers floating around a few years back (paraphrase): "By way of this post to Facebook, I hereby forbid Facebook to use my personal information and posts for any reason."
If you posted stuff on facebook for the general public to read (which is the sole reason to post stuff on facebook as far as I can tell) then what's the problem with the general public reading it?
I don't see any reason why this is any kind of breach of privacy or a surprise.
Perhaps facebook's problem here is that they didn't negotiate a sufficiently high service charge or license fee for the third party use of their data but that's their problem to solve, nothing to do with the folks who entered their data
The "internet" can see what is part of a site.
A lot of different search services transverse the internet.
So the only thing he did that made Facebook take action was violate their ToS. They're making it seem as if this is some generous act on their part, their tools did exactly what they were meant to do but they're upset he didn't grease their palms first.
Well this is it. Trump's campaign is finished.
There's little evidence that CA did anything better than guessing. These stories just burnish the reputation of a scam company.
Hell, where's the story on Theranos getting pulled out of Walgreen's because they're cutting too much into their profit margin.
