Cambridge Analytica Isn’t Facebook’s Fault

Posted on March 23, 2018 by Mehedi Hassan in Social with 109 Comments

This week, we learned that Cambridge Analytica, a data mining firm, stole personal data of 50 million Facebook users. The story hit Facebook hard, and it has raised new privacy concerns about the social network. And it was widely reported that a former Cambridge Analytica employee claimed that the data “stolen” from Facebook users was used to manipulate users through micro-targeting for the U.S. presidential election. Cambridge Analytica was also allegedly involved in manipulating the public during the Brexit referendum in the United Kingdom, as well as during multiple different political events in Kenya, Brazil, Mexico, and other countries around the world.

Cambridge Analytica reportedly used data collected by a personality quiz app on Facebook developed by a Cambridge University researcher. The data was used to predict voter behavior and then manipulate voters with propaganda. The data was also used by the firm to help political parties design their campaigns, help their leaders design speeches to talk about what people want to hear, and help political leaders take pride in what they do best: making false promises.

All of this is obviously wrong in many different ways. But contrary to what you may have read elsewhere, none of this is Facebook’s fault.

Facebook’s apps platform is built to let third-party apps gain access to your personal data on the social network. But the social network has implemented multiple measures over the years to make sure that nefarious companies like Cambridge Analytica don’t misuse its users’ data. When a user gives a third-party app access to their personal data, Facebook specifically informs users of the exact type of data they are sharing The company even lets users limit the access of the third-party apps to their personal data with the single click of a button.

The process is incredibly straight-forward. But many Facebook users never bother to read the simple notice when they give a random third-party app access to their personal data. That’s become a major problem for the company, and its founder Mark Zuckerberg confirmed earlier that the firm is taking steps to limit third-party apps’ access to its users’ personal data. It will also provide users with new tools that make it easy for users to revoke access to their personal data for certain apps. And apps that they don’t use for 3 months will automatically have their access revoked in wake of the recent revelations.

The press is blaming Facebook for all of this. But Facebook shouldn’t be held responsible for its user’s actions. You see, once a Facebook user gives a third-party app access to their personal data, the third-party can do anything they want with the data. Improper use of the data is explicitly against Facebook’s terms of service — but for Facebook, it’s immensely difficult to constantly monitor all the millions of apps on its platform and how they are actually using its users’ data. Ultimately, it is up to you—not Facebook—-to determine whether to trust third parties with your data.

Yes, there are some things Facebook could have done to help prevent this type of event. The company found out about Cambridge Analytica’s wrongdoings in 2015, and it ordered the data mining firm to destroy the data because it was violating the Facebook terms of service. But instead of doing a complete audit to confirm Cambridge Analytica has destroyed all of the data, Facebook company was satisfied by a legal certification.

Problem is, Cambridge Analytica is full of vile culprits, ones that use sex workers to orchestrate outrageous strategies for its customers—mostly political parties—-to take down their client’s competitors. And The New York Times, the UK’s Channel 4 and The Guardian—some of the world’s most prestigious publications—all claim that Cambridge Analytica never did delete the Facebook user data they had gathered.

Facebook, the world’s largest and most profitable social network, should also have been more cognizant of the privacy implications of sharing its users data with third-parties. And that’s true even if the firm is technically not responsible for what their users decide to share. The company could have enabled different mechanisms to automatically limit third-party apps’ access to user data after a period of inactivity or suspicious activities, for example. Even better, it could have made it completely impossible for third-parties to access unnecessary information, such as a user’s friends lists or posts unless the app developer goes through some sort of verification process.

Facebook has a lot of work to do to rebuild trust with its users. In the interim, its executives will be busy meeting with government regulators while its engineers and security researchers work to protect its platform from other the Cambridge Analyticas out there.

The takeaway from this entire scandal for us—the billion-plus regular users who make up Facebook’s customer base—should be to increase our personal awareness about who we share our personal data with, which companies we trust, and the companies that deserve to use our personal data. Data mining is a dirty but hugely-profitable business, and we should be more protective of our own privacy instead of relying on companies like Facebook to do the right thing.

Tagged with , ,

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (111)

111 responses to “Cambridge Analytica Isn’t Facebook’s Fault”

  1. maethorechannen

    All of this is obviously wrong in many different ways.


    Is it really? How different is it from asking people in the UK what newspaper they read in a survey that has nothing to do with politics? Maybe combined with some poling data to see how good/bad a policy will be recieved.


    Cambridge Analytica's real crime was working for the wrong team.

    • derylmccarty

      In reply to maethorechannen:


      Concur, EXCEPT, it's only the "wrong" team to some (mostly the media and Paul, Brad and Mehedi). Perhaps, the Thurrott team ought to stick to commenting on what you know extremely well - the state of Microsoft, Apple, Google et al, and their product offerings, current and projected - not comment on political subjects about which you know no more than the next guy or gal.


      In fact, maybe less - since few if any commented negatively in 2012 for FB data use in electing President Obama. Quite the opposite, it was brilliant, they said. The future of politics and the net, they said.


      Once more we are in the "whose ox is gored" realm and forgetting that politico's have three laws they NEVER break: the law of gravity, the law of averages, and the law of unintended consequences - about which Paul should be writing profusely.

  2. Nic

    Headline states why it's not Facebook's fault, and then lists multiple reasons why it's Facebook's fault.

  3. pderosa

    This article is disgusting. People are angry so they obviously did not think they consented to this. Users think that when they mark something as private that it is actually private. When it is not we are basically mocking them for trusting us and our industry. If I interact with any other industry they do not expect me to understand their intricacies. In the information technology world even the professionals struggle some days or with unfamiliar tools. Why then do we not see more empathy for people who do NOT devote their lives to understanding technological garbage?


    I would be really surprised if Paul and Brad agree with your stance. This type of thinking is completely out of line with moving towards a world in which WIndows 10S makes sense. Do we want to protect customers or do we expect eternal and perfect vigilance from them?


    It was really disappointing to read this here. Normally I read this site at the end of the day while I relax and today it just made me really angry. This article is corporate apologist garbage and it is really out of place on this site because Paul offers the most evenhanded coverage of a technology giant that I can find.

  4. fuzzsdad

    Get rid of Facebook. I watch as my family fights on Facebook over silly politics. Friends become enemies. Young people are ostracized by their peers. No one talks anymore. Fake news, fake facts and all the other nonsense. People spend the bulk of their day on it. Data? They know EVERYTHING about you. I just don't.

    • edlin

      In reply to fuzzsdad:

      I feel the solid resolve you present in your words mean little to nothing to your audience. I agree with you, but I think they don't believe you. Laziness dwarfs logic and concern about personal privacy. So we have to watch these vacuous souls learn the writing that is already on the walls. It is they who will not believe anything they read. As a culture, we can only move as fast as the slowest hiker.

  5. pfrandsen

    What a bunch of ...

    Users have no idea of what facebook collects about them; have no idea what it means that data is shared with an app; have no idea that it can affect their friends and family; etc. etc. Its facebook that knows and they need to live up to their responsibility. I am REALLY glad that EU is pushing for data privacy and much stricter consent - in a very short time facebook WILL be responsible for what companies they share data with do with that data. This monster need to be tamed.

  6. robsanders247

    I have to disagree. When a third party is able to gather the information of 50M users of Facebook when 270k users take part in some kind of quiz or game, then that’s a big problem of the underlying platform. It’s like a colleague handing out your personal phone number and home address to a stranger, because that colleague thinks that stranger can be trusted.


    It has been mentioned many times, but companies like Cambridge Analytica are the real customers of Facebook. And Facebook will go to great lengths to protect that, as showcased by not disclosing this infraction for over two years, as this disrupts the ability for Facebook to make money. It’s also why none of Facebook’s executives have offered an apology and have been generally giving the impression this is all a big inconvenience for them. They should feel very lucky this is coming out before the GDPR comes into effect, I’m sure the EU will have a field day collecting the fines for not properly handling the private data of EU citizens and residents.


    It’s kind of ironic how we in the Netherlands voted against a law giving the Dutch Intelligence Services more permissions (and rightfully so), but continue to hand over our data to Facebook and others.

  7. red.radar

    This article ignores the history of Facebook abusing their customer data and doing this exact thing.


    A paper was published in 2014 thorugh the National Academy of Sciences discussing Experimental Evidence of Massive-Scale Emotional contagion through Social Networks. The goal of the experiment was to see if people’s emotional state would sync up or match the nature of their news feed in Facebook. In other words, if the news feed was filled with primarily positive content would the user of Facebook post equally positive content, or if the news feed was filled with negative content would the user primarily post negative content. More importantly does the semantics of the content show a correlation and show a connection that can be transferred from the social network to the user.   The study initiated by Facebook; subjected 700,000 users to intentionally manipulated content to see if the emotions of people could be controlled.  They fed one group of user’s negative messages to see if they could stimulate negative responses, and they fed neutral and positive messages to test if they could equally stimulate those responses. The study found that emotional contagion with content existed in the Facebook News Feed. Additionally, the study found that removing emotional content caused people to withdraw from the network.


    The study created a controversy because they violated the "common rule" which is a policy that is encoded by the US Department of Health and Human Services for the Protection of Human Research Subjects.  As such, people who were subjected to negative posts were intentionally being manipulated to negative emotional states against their knowledge and will.  


    While the Naitonal Acdemy of Science retracted their legal objections. The whole thing was viewed as unethical.


    So...now we find out that a 3rd party was doing the same thing. There is a systematic culture of abuse of user data at facebook and it has been in place a long time.


    Its time to #deletefacebook



  8. evox81

    Every single comment below disagreeing with the article are avoiding the one key piece of this article: the users clicked a button agreeing to allow the app to have their data.


    I literally watch people do this every day to find out what they would look like as the opposite gender, or what they'll look like when they're older, or what their name means in an ancient language. People on Facebook don't care about their data and they will click to give that data away without a second thought. That someone gave their data to CA is not the fault of Facebook.


    However... The ability of an app to get the contact information for an individual's friends, even with disclosure, should never be/have been allowed.

    • wright_is

      In reply to evox81:

      No, in this case, it was a friend of the user who used the app. Only 270,000 people used the app, but due to Facebook giving access to all the information of the friends of the user of the app, CA managed to get data on around 50,000,000.

      That means that around 49,730,000 of those people DID NOT give their permission for their data to be shared with CA.

  9. Chris_Kez

    Just to clarify for some folks, there are important differences between what Cambridge Analytica did and what the Obama campaign did. The Obama team made a Facebook app for supporters to donate, learn about voting, and find places to canvass. Supporters were asked to scan their photos, friend lists and news feeds-- and most of them did. Users were knowingly participating in a political campaign. The Obama team then leveraged this data to have users spread the Obama message. They were able to identify good advertising targets and actually asked users to reach out to specific friends. Again, users were explicitly aware of what they were doing-- which was to be an active part of the Obama campaign.

    Cambridge Analytica sourced their data from an app that users were told was a personality quiz for use by Cambridge University. They had no idea their data would be used for political purposes. A researcher at Cambridge sold that data (against the Facebook terms of service) to Cambridge Analytica. When Facebook found out what happened, they asked both the university and the consulting group to delete the data; clearly that didn't happen. CA combined the survey results with Facebook data to create psychographic profiles, then sold that information to political campaigns who were able to target the app users and their friends. No one was a willing participant, and users were no longer mediating the relationship between their friends and the campaigns.

    So did both Obama and CA use a broad range of Facebook data to target potential voters? Yes, but they gathered and deployed that knowledge in very different ways. One was above-board and one was creepy AF.


    • Markld

      In reply to Chris_Kez:
      Good points.
      If I went to work at CA, I would want to come home and take a bath everyday.
      I never liked Obama, never voted for him, never will, but it is the truth that he ran a cleaner political campaign... Cleaner than most from Chicago. He was not the dirty politicians from Chicago. But, you might want to do some research on the history of Chicago politics. Which he was part of. Oh darn, I got to end it there.
      Still your points well taken.
  10. Stooks

    How does Facebook, a Free product, pay for its 25,000 employees (wiki), data centers around the world full of servers using lost of power, and all the bandwidth it must purchase to support its Billion plus users?


    Your information monetized.


    Seriously do I have to say more? They knew and DID NOT CARE because the money is rolling in. If you are Facebook user in 2018 you are either stupid (don't know they are selling your info) or weak.


    SSDD for Twitter, SnapChat, Instagram (owned by Facebook), Google Search, Gmail, Youtube and all other Free services that sell no real tangible products otherwise. YOU ARE THE PRODUCT.


    Are we clear?

    • aparlette

      In reply to Stooks:
      YOU ARE THE PRODUCT.

      Bingo. It all makes more sense when you realize that is the relationship. It even applies to traditional sources like TV news. Someone else is the buyer, usually advertisers, and the ones with the power.

  11. prichindel

    Sorry Mehedi, but you couldn't be more wrong.

    That's like saying that it's not a bank's fault or responsibility if it loses your money. They can do whatever they like with it because you've agreed that they can keep it. That's just not right.

    Handlers of user information should be held responsible, not praised, especially when they make a profit from you.

  12. bassoprofundo

    While this is admittedly an oversimplification, at it's heart, this is the age-old issue of "How far do we go to protect people from themselves?"


    On one end (and to use tired tech metaphors), you have the Apple-esque "We know what you need better than you do" approach where one's options are intentionally limited to a subset of the potential possibilities with the assumption that the average person is never going to fully understand and shouldn't need to do so.


    On the other end, you have the Android/Windows-esque approach of "Here are the keys to the castle. Figure out how to defend it." where you get the full capabilities of a powerful platform just thrown out to users with an understanding that its up to the individual to figure out how best to use it & to understand the implications if one does not.


    There are parallels to this on the political spectrum that I won't make here, but the answer as always is somewhere in the middle. An overall shift to an "opt in" approach on all privacy fronts would fix this from a user perspective in that it would truly give them the ability to claim that they give users the choice while not sharing the data by default. However, that's (obviously) bad for business. We have to reach a point where enough businesses default to a "safe enough" approach by default and continue to encourage tech literacy.

  13. Patrick3D

    Shocking, liberal news rags claim a conservative company didn't do something, no bias there. A company doing research to figure out how best to target advertising? We all know that every vote is determined by the ads you read, right? Certainly no one bothers to have discussions with their neighbors regarding anything political, I mean, you might just get attacked in your own yard if you do that.

  14. mmcpher

    Wow, why didn't you just post "Leave Facebook a--------l---------o----------n---------e---------"? FB exists to manipulate and monetize its user's private information. Best case, they got sloppy and allowed a third party to do what they themselves usually do. Facebook has earned less-than-zero credibility by the way it dismissed and ridiculed the reports that it was part of the problem, then by the ways it begrudgingly and incrementally "came clean" about how it had been "used" and how it had profited. Obviously Z has lost control of not only the narrative but the downstream uses of the things he and Facebook have appropriated. And I'm supposed to feel all busted up inside for the guy and this godawful company?

  15. bftcpa

    Balderdash. Facebook is absolutely at fault here. They took the information, they didn't protect it properly, people used it in violation of their EULA, and they're responsible. They shared data inappropriately with advertisers and others to get market share in mobile ads - our privacy was pimped out to give them more market share. It was successful - and now they're pleading "mistakes were made" with giant Oliver North tears (if you're under 40, google it). The only problem that Facebook and the press has with Cambridge Analytica is that their tools/methods were used more effectively by someone who didn't support Hillary. If Hillary had won, nobody would have cared about her dirty tricks people like Sidney Blumenthal et al - and Susan Rice's unmasking scandal, the Clinton Foundation, and many other items are still as of yet not under investigation.


    As to the public outrage, let's remember what a "genius" Barack Obama was in 2008 and 2012 when he used micro-targeting, and how he and his campaign staff were praised at the time for their adept use of social media. Fast forward to 2016, and there's a Hillary/Fusion GPS style "dirty tricks" outfit funded by a right wing billionaire in one of the most divisive campaigns in history, and now, it's an outrage which must be stopped.


    The real issue with Facebook here is that it brews discontent, drama, and outrage on a massive scale at the same time it filters and prioritizes content based on what will keep the person on Facebook for the longest time. This constant reinforcement of whatever the user thinks creates an echo chamber where people don't hear any dissent from their personal orthodoxy. Since there's no personal experience with anything outside their opinions, people start to think that there's some conspiracy going on, and if there's not, someone makes something up and it is accepted as truth. Companies like Facebook, Google, Twitter, and others have more influence in our lives than the New York Times and CBS/ABC/NBC could ever have dreamed of having thirty years ago. Facebook is a bad habit that has gotten out of control and needs to be pared back.

    • jimchamplin

      In reply to bftcpa:

      I was with you right up to where you said Facebook needs to be pared back.


      It needs to be sawed off at the roots and eliminated. Use Zuck’s last paycheck to find new jobs for everyone. He can live without three new yachts this year.

    • Bluesman57

      In reply to bftcpa: Hear, hear bftcpa! Exactly right. The only reason this is an issue is that the wrong person got elected, and the people angry about it are going to hound anyone and anything they think is responsible to death.
      I agree that organizations like Cambridge Analytica are vile, but most people just don't understand what they open themselves up to by using Facebook.


      • wright_is

        In reply to Bluesman57:

        It has nothing to do with elections, it is abuse of trust and misuse of data. It is irrelevant who used the data and for what ends, they shouldn't have had access to the data in the first place - especially as 95% of the data was given to the app creator without the permission of those affected (the friends of the people who took the quiz).

        That is absolutely Facebook's fault. They should never have allowed apps access to data about people who never consented to give information to the app maker! They have since closed this loophole, but that was a grave mistake by Facebook, whether an implementation error or an error of judgement.

    • lvthunder

      In reply to bftcpa:

      Facebook can't control what a 3rd party does with data they have obtained. It's the users that gave their data away when they took the stupid quiz.

      • wright_is

        In reply to lvthunder:

        No, the problem is, only 270,000 people took the quiz and Facebook gave the app creator the information for 50,000,000 (the data for the 270,000 plus the data for a further 49,230,000 friends of those that took the quiz). Those 49,230,000 people did not take the quiz and did not chose to have their data shared with the app creator, who then sold it to CA.

      • bftcpa

        In reply to lvthunder:

        If Cambridge Analytica shouldn't have had download access, then Facebook should have made sure that happened. The issue with the downloads isn't the data from the people who took the quizzes - they're lemmings. The issue for Facebook is that they let the quiz makers get access to the data for the friends of the quiz-takers. Facebook has the data, they're at fault, it got out, and was used in contravention of the FB EULA. They are responsible, and it's their problem.

  16. mburgun

    I'm sorry, but this post is premised on a total misunderstanding of governance in the modern corporate world. Ignorance of the idea that how a company operates as long as it makes a profit has resulted in some of the worst collapses and failures in the finance industry as well as the collapse of public/private infrastructure developments and events like the Grenville tower fire in the UK. The fact that people choose to be ripped off with loans or choose to live in a fire hazard does not mean that they should not be protected from cowboys interested only in self-enrichment. The same goes when we click on the accept box in Facebook. We rightly have cracked down on financial organisations and builders to protect the public interest (though it is questionable whether we have gone far enough) and should examine a framework for governance of social networks. It won't be easy, but all organisations operate with a social framework that needs to balance private gain with public good. The fact that private gain is predicated upon the predictability and stability of the rule of law, and institutions such as government and education ensures their profits and leads directly to them needing to adjust their behaviour. And don't get me started on their attitude to taxes ...

  17. wright_is

    The other point is, they didn't steal the data sets, the professor legally downloaded them and then sold them to CA (which he shouldn't have done).

    They did receive a request from Facebook to delete the data, which they said they had done, but Facebook never checked to make sure.

  18. neteru1920

    Blame falls on FB as well, only 275k gave permission to use their data through Cambridge’s app, 50 million users had their data exposed and exploited. This is a platform issue, let’s keep the blame where it belongs

  19. Markld

    Started reading the article and I agree with others, that using the word stolen to describe how the data was procured, is misleading... Really, stolen?

    Facebook is an Orwellean nightmare! It's doesn't have my best interest at heart. Neither does Cambridge Analytica. They are sleazy people.

    I did spend 1 minute signing up for Facebook in 2009. I opened up Facebook a day later, I browsed for a minute, I read the privacy and user policy agreements. Wow did not anyone notice you could drive a semi truck through the holes in Facebook's privacy policy?

    I also got a chuckle when I read that God forbid people were manipulated. Happens all the time. What do you think data miner receivers, advertisers, political hacks, professors or lecturers at many universities, and spokes(public relations) holes, do everyday?

    I wanted to say something about how this article had a political bent to it, but I am leaving that alone.

    Thurrott.com needs to stay out of politics, don't mind discussions about net neutrality, or on the pros and cons regarding Smartphones, or how Social Media is stupid or not, or similar.

  20. Waethorn

    Everybody is to blame. In 2013, Zuckerberg made a statement that said "we don't share data with third-party companies....except for those that users gave us permission to". What they don't do is tell users exactly WHY they provide or otherwise sell the data, and how much a user's privacy is worth to them. Cambridge Analytica has connections to British intelligence agencies, and has provided data to not only Trump, but also Obama during his election campaigns. They have data, and political parties will buy it from them. It's a prime example of "Big Data". Users are to blame for not reading Facebook's terms of use and privacy policies. Is Facebook transparent?? Hell, no! And users shouldn't be so naive about feeding the machine with their demographics info either.


    This is why I never signed up for Facebook.

  21. nbplopes

    I think naivety on top of profit its a difficult point to be made.


    The fact is the Facebook is setup for users to share their personal information and to maximize this for Facebook profit. Not to protect user data. In fact, data protection is mostly a nuisance for them, there is nothing to profit from that in their business model. Nothing!


    We need to consider that where Facebook is, is unexplored territory. No companies ever been there. No users have been there. For sure mistakes will be made. People are sharing their data with no idea how and for what it will be used! People are given explanations about it for emotional purposes only, nothing else. For instance, if Facebook says that user data will be used to improve the service offering greater value, for sure does not include being used by a third party for a different objective altogether. But that is where the core value of the business is, particularly at a MASSIVE SCALE, and that is precisely what is happening. The entire Facebook business model is built on that promise. That is why their shares are down!


    The same thing for Google by the way. The user agreement for free Google Services its not much different.


    The idea that the provider has no fault because in the end of the day the consumer can always decide otherwise its not true (freedom). If that is true, why drug dealers and producers are to blame for users addiction? Why smuggling guns illegal? You see, that is not the basis of Freedom or Democracy, its only part of it.


    Don't be naive Paul. Mark Zuckerberg himself, covers is webcam while working ;)


    I'm not saying that Facebook is evil or anything. I'm just pointing out that a clear cut POV in this situation its nothing but naive.

  22. ozaz

    Facebook were in charge of what app developers could and could not do. They should have never allowed apps to gain access to data about the friends of users who choose to use that app. This was a massive violation of user trust that Facebook was ultimately responsible for.


  23. Matt Lohr

    Thurrott.com swerving out of its lane again. I do not subscribe to subsidize your political commentary.

  24. wright_is

    What you don't mention, Mehedi, is that the app was installed by 270,000 people and through that, the company, or rather the professor running the app, managed to syphon off the data for around 50 million users!

    That part of the equation is totally Facebook's fault (and they did tighten that up after they found out it was being abused). The App could not only get the information about the person who had agreed, but it could also syphon off all the information about the app user's friends! Without gaining permission from those friends first. That is the abhorrent part.

    I am not stupid enough to use one of those apps, heck, I don't even use Facebook, but if one of my friends was stupid enough to use one of these apps, the app owner would still have received my information.

    As I said above, this loophole has since been closed by Facebook (and in time for GDPR, where it would have cost them a couple of billion dollars in fines), but this is something that should never have been allowed in the first place. This was a fundamental design error, whether an implementation error or an error in judgement by Facebook, it is still Facebook's error and their sole responsibility.

  25. rameshthanikodi

    but the app which users gave consent to showed no indication that their info would be used for political purposes...

  26. peterh_oz

    When you give your data to Facebook, they own the data. That is what you, the user, allow. Facebook determines what the T&Cs are, Facebook profits from the sale of that data, and Facebook is responsible for policing its T&Cs. Yes the user is responsible for allowing such access in the way you have mentioned, but Facebook, and Facebook alone, is responsible for ensuring that such data is used in the ways permitted. If the data was used in other ways, and especially if Facebook knew this in 2015, then Facebook is responsible for fixing the problem. Is it my fault, or the bank's, for my money which is deposited with that bank being used for nefarious activities?

  27. Pargon

    So saying that Paul, who runs this website is a huge lib and I was waiting for an article exonerating Facebook is worth deleting my comment? And yet we should be afraid of trump....instead of the thought police of liberal tech bloggers?

    • skane2600

      In reply to Pargon:

      I don't recall Paul declaring himself a liberal on this site (I assume that's what you meant by "lib"). I have to laugh when people assume that tech companies are bastions of liberal thought. For the most part they aren't left-leaning or right-leaning, they're profit-leaning. However since many conservatives tend to believe in "anything goes" in business, profit-leaning often is in alignment with right-leaning. In any case, Paul isn't the author of the article and I doubt he stands over his co-contributors dictating what they can write.

      • Pargon

        In reply to skane2600:

        For months after and running up to the election he took a shot at the president in almost every article he wrote or just cried about it. The tech companies are bastions of liberal thought, why else would they pay massive amounts to try to keep the borders open or champion gun control. They all do it, but go ahead and pretend otherwise. I know Paul is liberal, I still like his site for the news.


        What I find ridiculous is my simple comment got deleted. Someone said that the real crime cambridge committed was being on the wrong team and I said "I was waiting for the exoneration of facebook from this site".


        That's heresy to have a different opinion apparently and it must be purged from tech blog comments lol. The original comment I replied to was deleted as well. We welcome our technological overlords!

        • skane2600

          In reply to Pargon:

          A lot of people, even some conservatives weren't happy about Trump. I don't think Trump truly embodies the conservative POV but I'll let that judgement lie with them.


          "open borders" is just a talking point. Name one tech executive who has called for open borders. A lot of tech companies do like H-1B visas, not because they're liberal, but because it helps hold down labor costs. Of course Trump had no problem with his wife getting an EB-1 "genius" Visa yet I don't think he's for open borders either.


          Given the wide popularity among the US population for some limits on rapid-fire weapons, it's not credible that favoring gun control is strictly a liberal idea.


          Finally, it's worth remembering that the tech world consists of a lot more than the big names everybody knows and Silicon Valley isn't the only place where the tech business resides. I started as a developer in 1981 and I've never worked there.


  28. aelaan

    If you drive on a highway stating the speedlimit and you go over by 30 kilometers or miles knowingly doing so, it this your problem, or are you going to blame the car manufacturer or maybe the people that build such a fantastic highway?

    If you sign up for Yahoo mail and your mail identity gets stolen, are you blaming your ISP, or the inventor of the internet?

    The application was in compliance with Facebook rulings at the time, it did more data mining but is it any different than scraping in Twitter? The data analytics was used brilliantly, the users that accepted the EULA of Facebook are to blame. Don't hide behind the builders of the highway, there are enough barriers around it and be fair, who ever reads these annoying warning pop-ups if the pop up even shows up through an ad blocker.


    I too have only a very small footprint on Facebook, only for my family. I have friends plenty, real ones that I go drink a pint with, of and I am a conservative through and through, in case you also think I am liberal... lol Real journo's don't care about politics, they care about reporting the truth, stop hiding behind the walls of Facebook and take ownership of your online identity!

  29. Jim Clarke

    The thing is that the Guardian report that all information about all of the friends of people who used the app was shared. They gave no explicit permission.

  30. hrlngrv

    the billion-plus regular users who make up Facebook’s customer base

    Classic mistake.

    Facebook users are the product. Advertisers, the entities which actually pay Facebook, are Facebook's customers.

    • skane2600

      In reply to hrlngrv:

      You're right, of course, but there's a bit more to the story. Just as a TV network can collapse if not enough people ("products") are watching to justify advertisement revenue, the same holds true for social networks. So a social network has to consider the users, not just the advertisers to stay viable.

  31. Daekar

    I respectfully disagree. The default Facebook privacy settings are appalling, and that IS their fault, just like it's their fault that they don't have dialogues informing users about the implicates of what they're agreeing to. Cambridge Analytica using the data that their users consented to give them isn't theft. People might not LIKE when their data is used, but if they consented to it then it's not illegal.


    You've got to love how the Obama campaign's use of social media data was praised, and when it's used against the political/media establishment they add it to the list of nonsense they complain about.

  32. duncanator

    Sure, you agree to the terms and volunteer your information, but what could they really do? Who is swayed by an opinion by someone on Facebook? Does that actually work on anyone? I'm more worried by the Equifax data breach far more than some Facebook thing that has no real way of impacting my life.

  33. BMcDonald

    Not sure how you cannot blame Facebook - as they could care less about their users. Their prime directive has been and always will be to monetize your personal data to it's max.


    And anyone who is part of this facade (which is basically every FB user worldwide) should not be surprised when their data was harvested, sold and analyzed as planned.


    If FB actually kept private user data private (as in - never allowing anyone to use it) - they wouldn't be in this mess.



  34. markbyrn

    Best article I've seen on this political kerfuffle: "Funny, When Obama Harvested Facebook Data On Millions Of Users To Win In 2012, Everyone Cheered"

  35. skane2600

    The correct answer is "yes".

  36. Jules Wombat

    But then you cannot really accuse Cambridge Analytica of 'stealing' the data. Facebook made the data available just like it does to all their advertisers. So Facebook can be accused of being loose with allowing Apps to access its data. Your argument basically implies that it is Facebook Users who were too gullible in not reading all the fine print of any App that uses Facebook. Facebook are being two face on this, as all their profits rely upon targeted ads based upon the same type of user data they are accusing Cambridge Analytica of stealing.

    Blaming Facebook Users is NOT satisfactory answer, Facebook should have been a lot more responsible with protecting its users data, and this is their fault.

  37. werneral

    Strikes me as a tyranny of the default* issue. FB chose the easy way out until locking things down in 2015. If FB was on the right side of this I wonder why they stopped allowing access.


    * credit SGGRC

  38. JSkardzius

    Well written and I agree. Except, you are writing to an audience that is technically literate. They get it. Most of the population using Facebook would not use even the most rudimentary of tools. The safeguards must be implemented for the lowest common denominator. Its all on Facebook and others who use 3rd party applications. The whole business model must change.

  39. Yaggs

    I don't really get this whole story, and don't get me wrong... I haven't fully studied this, it sounds like this place was using data provided by the end user through Facebook or some kid of 3rd party thing using Facebook to send them targeted ads about political campaigns... or targeted stories, or whatever... but how is that any different than Google digging through you info and showing you ads about stuff you want to buy, or YouTube showing you recommended videos based on the data it has from your viewing history... watch a few political videos on YouTube your whole recommended section is just full of that kind of crap. How is this "influence" any different than a commercial on TV for a candidate or something like that? All ads are targeted somehow now. The Facebook/social network users are just lot easier to target since they are willing to tell the whole world everything about themselves.


    If users are willing to blindly accept these privacy and usage agreements and are willing to put every little thing about their life out on Facebook, Instagram, Google, etc then this is the kind of thing they are agreeing to.

  40. david.thunderbird

    So now you are an apologist for FB?

  41. Chris_Kez

    I'd like to see Facebook provide a paid option. Allow people to pay some small recurring charge, and all of their data is off-limits. I'd like to see this from Google as well.

  42. dallasnorth40

    This country began it's spiral into the toilet on November 8, 2016 with no relief in sight. Facebook is largely responsible for that debacle. They don't deserve a free pass.

  43. RobertJasiek

    "once a Facebook user gives a third-party app access to their personal data, the third-party can do anything they want with the data." is wrong. Facebook and third parties have to obey the laws. Currently, data mining companies THINK they might do anything they want with the data. However, they may not ignore the laws and assume the role of legislations.

    • pzeman3

      In reply to RobertJasiek:

      I'm sorry, I missed it...what law are you referring to?

      • RobertJasiek

        In reply to pzeman3:

        Each law in each country and federation of countries.

        E.g., in a few weeks the EU basic data protection law starts to apply and requires by default(!) minimally(!) necessary storage by companies of individuals' private data etc. E.g., German constitutional law provides the basic right to informational self-determination and the basic right to confidentiality and integrity of information-technical systems (such as computers). Etc.

      • pfrandsen

        In reply to pzeman3:
        I do not know about USA but many European countries have quite strict privacy laws - and in two short month Facebook will have to obey GDPR in EU.


        • Waethorn

          In reply to pfrandsen:

          How strict is it? EU mothership gets access to all citizens in member states?

          • RobertJasiek

            In reply to Waethorn:

            What the EU calls a regulation is in fact a law. EU law applies to, and overrides national law of, all EU member countries, with certain exceptions, such as right to legislation not granted by a member country to the EU (e.g., Germany has not granted to let the EU violate the core of the German constitutional law, such as human dignity and being a state under the rule of law; e.g., some countries may have a king / queen despite the basic right to equality of all human beings).

  44. Jeffery Commaroto

    This is a very premature response. We know what has been publicly said about the situation from different sources with varying reputation and many biases and interests. I don't know how many facts we have just yet.


    There are legal issues surrounding this and it could turn out Facebook is in fact "to blame" if it is found they violated their 2011 consent decree with the FTC. We don't know yet who knew what, when, how they dealt with it, etc. There are accusations, there are rebuttals, there isn't much else. Remember Facebook has a long history now of declaring something isn't an issue only to have information trickle out over weeks and months before they change their story.

  45. NateInSLC

    I respectfully disagree. Facebook's default settings leave everyone's user data hanging out in the breeze. Yes, we, as users, should review the settings to keep our data safe. But Facebook intentionally stacks the deck against it's users in order to maximize their ability to sell access those user profiles every chance they get. This issue is also on them for not building some privacy into the default settings, especially those involving third party apps.

  46. Jaxidian

    I have to disagree. I stopped using Facebook around 2011 for two reasons:

    1) It was toxic for relationships

    2) Their privacy practices were TERRIBLE!


    Simply add this to Zuck's own timeline and you absolutely cannot say this is not Facebook's fault! Sure, Cambridge Analytica was the malicious actor here and has more than their share of blame. However, Facebook created a system where one user installing an app gave that app personal data to EVERY. SINGLE. FRIEND. without those people explicitly granting that application access to their data! THAT is where Facebook's fault lies.


    Sure, this is not a data breach in that Facebook was hacked. Rather, Facebook intentionally leaked out data in a very irresponsible way (according to Zuck, they did this for at least a year!) and that is what set this entire conversation up! Your article seems to focus on the assumption that "I gave my data away willingly to Cambridge Analytica because I installed their survey app" but this isn't true! The claim that you have to make is that "I gave my data away willingly to Cambridge Analytica because some guy I went to high school with 20 years ago installed their survey app". The fact that this was possible absolutely is Facebook's fault and you cannot hold them blameless for such an irresponsible decision!

  47. aparlette

    I can't help but to see this as the new normal. Am I concerned? Sure, everyone should be concerned about privacy. But am I surprised or outraged that this happens? No. Sales & Marketing have been using psychographics for a long time. Before it might have been what magazine subscriptions I had. Now I'm profiled based on what I post or browse online. It's obvious that I'm "sold" things this way all the time, why would I think politics are any different? When Obama collected a huge database on everyone during his elections, was I to think that the information wasn't used for strategic purposes? Part of the strategy is the messaging.


    I do think that this is a serious topic and needs to be understood and thought about. Like you I don't "blame" Facebook. But, nor do I blame Cambridge Analytica or think that they aren't doing with other companies (and candidates) are trying to do with data that is out there. Maybe they're just doing it better, or maybe we're just mad because it was Trump.

  48. hgndtn

    Wow what a terrible article. No one should be apologizing for Facebook. they continue to do the wrong thing over and over again and when they are caught, its one more "we're sorry".

  49. johncon50

    I'm sorry... what?!

    It's Facebook's bed. Why are they lying about instead of laying in it?

    Facebook, true, is giving users more power over their content and privacy, however, it is not the default. It is not how it was built and it's not how Facebook makes money. Facebook makes it's money on all the games and apps that are played in exchange for .... your data and all those lovely targeteds ads, built from your preferences and likes.


    I've lost track of the number of games/apps/questionnaires that state out right, by clicking here you give us authority to access your data and the data of ALL your friends. This is the built in default acceptance!! How in earth can you trust a company that's first level of access is setting it up so you (the user) are responsible for the information of everyone you know? Shouldn't your friends have their individual right to say no thank?


    Facebook's initial privacy settings for all the 3rd party companies is your data and all your friends. Cambridge was just caught being highly successful. So the next time you play Candy Crush, just remember that time you said 'yes'. You said 'yes' to you and all your friends. Thanks Facebook.

  50. lordbaal1

    No one stole anyones data. They used it the same way Obama used it back in the 2012 election.

    The only thing they may have done wrong, is to buy the data. But it was not stolen.

    Facebook knew Obama people used it. But did not say anything.

    I'll bet if democrats used it, no one would say anything. Only that Trump hired the company is why people are complaining.

  51. Greg Green

    A little late but SFGate has an interesting story: Facebook could face record fines, say former FTC officials


    The three former officials, all of whom were at the Federal Trade Commission during the privacy investigation that led to a 2011 consent decree with Facebook, said the company's latest mishap may violate the decree's provisions requiring the implementation of a privacy program.


    “"Is it possible that this episode is also a violation of the consent decree? I would say yes," said Vladeck, now a Georgetown University law professor.


    “He predicted that Facebook may face fines of $1 billion or more for this and a previously reported mishap in which a political consultancy, Cambridge Analytica, improperly gained access to information on up to 87 million Facebook users...”


    The story didn’t even mention the 2012 Obama campaign authorized (by Facebook) heist of even more user data.


Leave a Reply