The Facebook/Cambridge Analytica debacle explained simply

The Cambridge Analytica debacle is the perfect example that demonstrates why you really need to stop installing Facebook apps you don’t trust.

In 2013, a Russian-American academic named Aleksandr Kogan wrote a Facebook app, a personality test named “thisisyourdigitallife” and popped it onto the Facebook app platform. Like all Facebook apps, “thisisyourdigitallife” wanted access to certain information about a user when it was installed. In total, 270,000 Facebook users willingly installed the Facebook app and took the test.

Back then, such apps could also scrape information from the friends of those who installed the app. Kogan’s app did exactly that, and by the time it was done, his app had scraped information on approximately 50 million Facebook users. (Facebook has since limited the information apps can glean from the accounts of friends of those who install them. More on that later.)

So far, none of this is particularly unusual. Facebook users – in their millions – routinely install Facebook apps from developers they don’t know all of the time, despite our continual warnings not to. From “what type of kitchen utensil is your soul mate” to “what Pokémon character are you?”. Such apps regularly request access to information on a Facebook account before they will install, and the user (presumably curious to see if they’re cosmically aligned with a toaster, or something) duly agrees and accepts, and boom, the Facebook app – and its developer – has access to information associated with that account.


Sponsored Content. Continued below...




What makes this case different (or perhaps not that different if other revelations comes to light) is what happened to the data Kogan’s app scraped from those 50 million Facebook users. Facebook has restrictions on what can or cannot be done with information that apps scrape from Facebook users. And handing over that information to a political consulting firm (enter Cambridge Analytica) is a big no-no.

But now, of course, we know that is exactly what Aleksandr Kogan did. And now Cambridge Analytica have been accused of using that large trove of information to target US voters with tailored political adverts in a bid to help influence the 2016 presidential campaign.

Was this a data breach? In the traditional sense of the term, no. Facebook users willingly consenting to having their information scraped by Kogan’s app, and Facebook (back then) explicitly allowed such apps to scrape the accounts of their friends, too. No “hacking”. No social engineering-induced leaks. It all worked like it was supposed to. Facebook claiming the data shouldn’t have been given to a political consulting firm sounds more like a data misappropriation, as opposed to breach.

So on one side of the fence, Facebook assert the information was mishandled by Kogan who shouldn’t have given that information to a political firm in the first place. On the other side, industry insiders claim Facebook’s knowledge or interest in what happens to user’s information once in the hands of developers is severely lacking, and this type of misappropriation is inevitable.


Sponsored Content. Continued below...




And we also have ex-employees of Cambridge Analytica who assert Facebook knew about this years ago and did little; merely requesting the information be deleted, which it may or may not have been.

Naturally, everyone blames everyone else. Which is why Facebook users need to ensure that their settings (and approach to online privacy) doesn’t put them at risk to these types of incidents.

Stop installing Facebook apps you don’t trust

We wouldn’t keep saying it if it wasn’t important. The reality is that you don’t know or trust many developers of apps on Facebook, so how do you know they will treat your information responsibly?

Look at the permissions of apps you install

Facebook apps you do install will lay down what permissions and information they want. Look at them before you agree to install them. Are they asking for too much information than they need? Then deny them permission.

Look at apps you’ve already installed.

If you haven’t done it already, it’s now time to look at those apps you’ve already installed, and remove any you don’t need or trust. Go to your main settings and click Apps. You can see a full list of apps there.

Limit the information friends apps can scrape

Facebook limited the information that the apps friends can use can obtain about you since this Cambridge Analytica debacle kicked off, but there is still an option where you can disable apps from getting your information. Open Facebook on a desktop browser, head to Settings, Apps and click the option Apps Others Use and ensure all the checkboxes are unchecked.

Limit public information

Privacy 101 – limit the information about you that is public. All your posts, photos etc. should be friends only. The same applies to any About Me information. Go to your profile and select the option to view it as a stranger (the public) to see if any information about you is still visible. More information on locking down your account here.

Consider turning off the Facebook app platform

If you don’t use Facebook apps, considering turning off the platform altogether. In Settings, Apps, select the Apps, Websites and Plugins option and click Disable Platform.

Sadly, it’s up to Facebook users to ensure their data is as hard to reach as possible. Big business has proved time and time again that they’re simply not up to the task. As news of the extent of this incident continues to take up much of the news cycle, is it time to consider your future relationship with companies like Facebook? Let us know your thoughts.