Private data of 87 million Facebook users was exposed to Cambridge Analytica: what you need to know and do

social-media Privacy of up to 87 million Facebook users has been compromised as Cambridge Analytica, a UK-based data analysis company, covertly harvested their personal data and used it for political campaigns. Facebook announced an increased number of users affected only on Wednesday, April 4, adding up to the previously reported 50 million.

A flashback to where it all started

This massive privacy violation came to light on March 17, when The New York Times and The Guardian published reports blaming Cambridge Analytica for collecting data of millions of Facebook users without them knowing about it. The scandal quickly took over media headlines.

So there are two key players in this story: Cambridge Analytica, a British political consulting and data analysis firm, and Facebook, who let Cambridge Analytica acquire users’ data or at least didn’t do anything to stop it.

Cambridge Analytica was founded in 2013 by the Strategic Communication Laboratories Group (SCL) and funded by Robert Mercer, a US right-wing mega-donor. The consulting business of Cambridge Analytica is based on data the company collects from various sources, including social media sites, such as Facebook, and their own polling. Having a vast amount of data on its hands, Cambridge Analytica then employs a method called “psychographic profiling” to run targeted political ads.

This was exactly what Cambridge Analytica did during the 2016 US presidential election when working for Donald Trump’s team, as well as in the run-up to the UK’s Brexit referendum collaborating with the Vote Leave campaign. In both cases, based on the data collected, the company constructed the psychographic profiles of Facebook users and served voters with highly-targeted advertisements to sway public opinion.

According to Alexander Nix, the now-suspended head of Cambridge Analytica, the data was collected without breaking any laws. When he appeared before the UK’s Electoral Commission this February, Nix denied using data from Facebook and said that the social media giant was used only as a platform to conduct surveys.

Here is where Christopher Wylie, the key whistleblower in this story, steps in. Christopher Wylie is a scientist who participated in building Cambridge Analytica and left the company in July 2014. He spoke up claiming that company had secretly acquired personal data of millions of Facebook users.

And he’s not the only one to state so. The investigation by The New York Times and The Guardian, which included interviews with former employees and a review of company’s documents and emails, revealed that Cambridge Analytica not only had utilized private Facebook data but also still had it in its possession.

Even though Facebook reportedly found out about the data leak in 2015, only limited actions were taken to protect the personal data of millions of users. The social media giant requested Cambridge Analytica to delete all the data it had collected over the years. However, recent reports show that it wasn’t done.

How did they gather the data?

What looked like an ordinary Internet quiz to determine one’s personality characteristics, actually served as a streamline to obtain users’ private information. The quiz app developed by a Cambridge academic Aleksandr Kogan was designed to look trustworthy and completely legitimate. Little did users know that the app would not only define their personality traits but also snatch their and their Facebook friends’ personal data without asking.

What was this data used for? According to Wylie, users’ personal data, including friends, hometowns, and “likes,” was utilized in political campaigns to influence voters’ behavior.

Surprisingly, at that time, it didn’t violate Facebook’s terms of service. When collecting data from users who gave their consent, apps were also allowed to grab data of their friends who had no idea about it.

After the massive data collection came into light, Facebook suspended Cambridge Analytica from its platform. To everyone’s surprise, Mark Zuckerberg, the CEO of Facebook, remained silent during the first days of the scandal. He spoke up by sharing a post where he explained the situation from his point of view and introduced planned changes to the platform.

What happens now?

Both Facebook and Cambridge Analytica are at the center of investigations for their role in political campaigns in the US and UK.

Meanwhile, Facebook has announced steps to prevent situations like this from happening again. To fight off platform abuse, Facebook is making changes to its API and giving users more control over their data. A new setting called “Access Your Information” is expected to roll out anytime soon. The new security feature will let users access and manage their profile and timeline information, for example, old posts, comments, likes, search data, etc.

Moreover, new restrictions are to be placed on third-party apps that seek to access users’ profiles. Facebook said it would limit developers’ access to user profiles, allowing apps to see only user name, profile photo, and email address. Also, advertisers will no longer be allowed to import data collected by data brokers to target Facebook users with ads.

What can you do right now to protect your data on Facebook?

The Cambridge Analytica scandal left people angry and disappointed with how poorly their personal information was handled and how easy it was for third parties to collect Facebook users’ data without their consent and use it for political purposes. Some users choose to ditch Facebook by joining the #DeleteFacebook movement, while others give the social media giant a second chance.

If you decide to continue to use Facebook, here’s what you need to do to protect your privacy:

  1. Look at your Facebook security settings. Review the permissions given to each app you have connected to Facebook.
  2. Be vigilant every time you are asked to log in to apps or online services with your Facebook account. Sometimes apps that require users to login via Facebook are designed with malicious intentions to collect users’ data.
  3. You can download a copy of the data Facebook has on you by going to the General Account Settings tab. Depending on how active you have been on Facebook, the file with your data may happen to be really large. If you decide to download it anyway, keep in mind that storing this file on your computer may compromise your privacy even worse if it gets accessed by hackers.