San Francisco: After suspending Strategic Communication Laboratories (SCL), along with its political data analytics firm Cambridge Analytica, for violating its policies and commitments, Facebook has denied any data breach as claimed by some media reports.
Whistleblower unravels ‘data breach’
A whistleblower revealed to the Observer how the firm used personal information taken without authorisation in early 2014 to build a system that could profile individual US voters, in order to target them with personalised political advertisements. “We exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on,” Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer. Explaining why it suspended Cambridge Analytica and SCL Group from Facebook, Grewal on Friday said, “In 2015, we learned that a psychology professor at the University of Cambridge, Aleksandr Kogan, lied to us and violated our platform policies by passing data from an app that was using Facebook Login to SCL/Cambridge Analytica.” “He also passed that data to Christopher Wylie of Eunoia Technologies, Inc.,” Grewal added. But it did not amount to data breach, according to Facebook.
How did data breach happen?
“Aleksandr Kogan requested and gained access to information from users who chose to sign up to his app, and everyone involved gave their consent,” Grewal said in an update. “People knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked,” he added. Like all app developers, Kogan requested and gained access to information from people after they chose to download his app. His app, “thisisyourdigitallife,” offered a personality prediction, and billed itself on Facebook as “a research app used by psychologists”. Approximately 270,000 people downloaded the app. “In so doing, they gave their consent for Kogan to access information such as the city they set on their profile, or content they had liked, as well as more limited information about friends who had their privacy settings set to allow it,” Grewal said in late on Friday. “By passing information on to a third party, including SCL/Cambridge Analytica and Christopher Wylie of Eunoia Technologies, he violated our platform policies,” Facebook said.
Facebook removes app that breached data
When Facebook learned of this violation in 2015, it removed the app. “Cambridge Analytica, Kogan and Wylie all certified to us that they destroyed the data. But not all data was deleted,” said the social networking giant, adding that it is suspending SCL/Cambridge Analytica, Wylie and Kogan from Facebook, pending further information. “We are committed to vigorously enforcing our policies to protect people’s information. We will take whatever steps are required to see that this happens. “We will take legal action if necessary to hold them responsible and accountable for any unlawful behaviour,” Facebook said.
Facebook denies data breach
“The claim that this is a data breach is completely false,” Paul Grewal, Vice President and Deputy General Counsel at Facebook said on Saturday. On the same day, the Guardian reported that in one of the tech giant’s biggest ever data breaches, the data analytics firm that worked with Donald Trump’s election team harvested millions of Facebook profiles of US voters and used them to build a powerful software programme to predict and influence choices at the ballot box. Owned by the hedge fund billionaire Robert Mercer, Cambridge Analytica was headed at the time by Trump’s key adviser Steve Bannon.