CyberScout

So, you took one of those Facebook Personality Quizzes. Now What?

So, you took one of those Facebook Personality Quizzes. Now What?

Who is Cambridge Analytica?

Cambridge Analytica is a voter profiling consulting firm that used data mining and psychographic targeting for political campaigns, most notably for Donald Trump’s 2016 campaign. Cambridge Analytica is in the hot seat for harvesting data from a personality quiz, where the personal data of 87 million users was mined and deployed without their consent.

What kind of information was collected and how was it acquired?

The data was originally collected by Aleksandr Kogan, a psychology professor from University of Cambridge, who obtained user information from a personality quiz featured on his app “thisisyourdigitallife.” Those who downloaded the app had to give Kogan permission to collect data on their location, their friends and content they had “liked” on The Social Network. Kogan then passed the information to Cambridge Analytica. Even more worrying was that private texts, phone numbers and emails were collected, as well as the code for recognizing faces in photographs. The big picture: User data was “scraped” on a grand scale.

So, was Facebook hacked, or were they complicit?

Facebook was not hacked, but it is complicit and certainly not a victim here. Facebook boasts that it is a “community,” and it is, but it is also the largest advertising firm in the world. When you join for “free,” you become the product. The price: your privacy. At the end of the day, the Facebook/Cambridge Analytica story is about privacy, trust and corporate responsibility.

How long has Facebook known about this?

Facebook says it learned of Cambridge Analytica’s private database in 2015, but it failed to disclose that to the public or the affected users. Facebook admitted the data leak had occurred only after media reports that more than 50 million Facebook users had been compromised. That happened in March 2018.

What is Facebook doing in response?

Facebook has announced that those 87 million users whose personal information ended up in the hands of Cambridge Analytica will be notified. The notification will appear at the top of the user’s newsfeed, along with a button for changing your privacy settings and also showing “Apps and Websites” controls. Additionally, Facebook has banned Cambridge Analytica from its platform, and has booted data analytics company CubeYou and Aggregate IQ for misusing data.

What is the FTC doing about it?

The FTC is investigating Facebook for its failure to protect consumer data. Facebook's threat to user privacy with the Cambridge Analytica scandal affecting 87 million users and the disclosure by FB that its search tools were used to collect data on most of its 2.2 billion users could potentially trigger record fines and create new legal vulnerability for not having prevented risks to user data. Some members of Congress and privacy advocates are pushing the FTC to look into whether this matter violates the 2011 consent decree in which Facebook said it would uphold a number of privacy protections.

What could happen to Facebook?

Facebook could be slapped with major fines by the FTC and C-suite members could be forced to resign. We have seen this happen with Yahoo!

Why should I care about this?

The public should care about who has access to their data, and consumers should strive to be the champions of their own privacy and security.

How can we find out what Facebook knows about us?

It’s important to read Facebook’s privacy policy to understand what information Facebook collects. You can download all the information collected from your Facebook activity (that The Social Network allows you to see) in the Privacy section of your Facebook settings.

How can we find out what Cambridge Analytica knows about us?

It is possible to buy full reports from data brokers.

Can Facebook users revoke authorization to third-party apps?

FB has released a new feature on both its desktop and mobile versions where users can delete third party apps in bulk, instead of one by one.

It’s impossible to clear the Internet of all of the information you've already put out there, so what can you do?

Unlike in Europe, where consumers have the “right to be forgotten,” Facebook users in the U.S. have very little recourse. Consumers can use a VPN or Virtual Private Network, which hides your browser data, enable ad blockers, opt out of permissions you don’t need and make sure you lock in privacy settings.

We've traded our information in exchange for not paying to use social networks, like Facebook. Does this come down to just not participating in social media at all if we don’t want to share our information?

There is a “delete Facebook” movement, but problem is that Facebook owns Instagram and WhatsApp, so their tentacles are everywhere. It also gives companies like Twitter and Snapchat a pass. The better strategy is to stop oversharing on social media. Don’t click on every link you see or like people you don’t really know. Disable geotags and location services to prevent being tracked. Not only does oversharing make you a target for data harvesting by third parties, it could make you a target for identity theft since fraudsters glean personal information for tax-related fraud as well as both criminal and medical identity theft.

What information should we never share online?

Try to cut down on pics of your children. Don’t flash your new driver’s license, credit card or your home address. Post vacation pics when you have returned. Don’t leave digital breadcrumbs for a criminal. Don’t share what could be answers to security questions like your birthday, or mother’s maiden name or a favorite pet.