The world’s greatest social media network! The greatest collector of personal information in history of mankind! The greatest surveillance machine ever created! All this can be said of Facebook. But when you screw up it quickly becomes equally great.
Facebook knew its security was weak.
Facebook’s Chief Information Security Officer, Alex Stamos argued that the amount of data Facebook was collecting made it a target for hackers, spies and hostile state actors.
In an audio recording leaked to ZDNet, Stamos was heard telling his security team that he had warned management “that we have the threat profile of a Northrop Grumman or a Raytheon or another defense contractor, but we run our corporate network, for example, like a college campus, almost.” Executives inside Facebook were not happy.
Stamos argued for more openness about how Russian agents used Facebook to influence the 2016 presidential election and beyond. From the inside Stamos fought for organizational changes that would at least minimize the use of misinformation. Again, Facebook executives resisted his efforts. As a result Stamos is planning to depart Facebook by August.
Between 2011 and 2012 former Facebook platform operations manager, Sandy Parakilas, was responsible for policing data breaches by third-party software developers. According to the Guardian he warned senior executives at the company that poor data security measures were a major vulnerability.
“My concerns were that all of the data that left Facebook servers to developers could not be monitored by Facebook,” said Parakilas, “so we had no idea what developers were doing with the data.”
Parakilas went on to say that Facebook had terms of service and settings that “people didn’t read or understand.” Parakilas went on to accuse Facebook of failing to use any enforcement mechanisms at its disposal, including audits of external developers, to ensure data was not being misused. Basically Facebook was warned by its own employees of the coming danger.
Facebook basically lost control of the personal data of over 50 million users. The data was then used to target American voters with misinformation, fake news and other highly manipulated information by Cambridge Analytica.
Professor Aleksandr Kogan a psychology professor at the University of Cambridge, requested user data from Facebook. Kogan created a research app to be used by psychologist entitled “thisisyourdigitallife.”
Some 270,000 Facebook users downloaded the app. Each user consented to allow Kogan’s app access to their personal information provided by Facebook. The data included their “Likes,” the city they live in, etc. But what users were not consenting to was giving up the same information on their friends.
According to Facebook Kogan assured the company that the data would be cleansed of identifying information and only used for research purposes. This turned out not to be the case. Kogan shared the dataset with Christopher Wylie of Euonia Technologies and possibly others. Wylie is the whistleblower who blew up the whole scam. More on him later. The two men formed a third company, Global Science Research that, once again, assured Facebook that the data would be anonymized. Global Science Research then proceeded to build out SCL and Cambridge Analytica’s (CA) voter profiles using the data.
Kogan has spoken out claiming that he is being scapegoated. Kogan told BBC Radio 4 Today program of an environment of permissive data-gathering and lax privacy policies. “We thought we were acting perfectly appropriately. We thought we were doing something that was really normal,” said Kogan. “My view is that I’m being basically used as a scapegoat by both Facebook and Cambridge Analytica.”
Lets get one thing straight before we go any further, CA could easily take the title of Department of Dirty Tricks. They are not the innocent data analysis firm they would have you believe.
According to the TheGuardian.com CA was caught bragging about using honey traps, fake news campaigns and operations with ex-spies to swing election campaigns around the world. CA executives were recorded on hidden camera by British news reporters talking about the dirty tricks they used to help clients.
CA CEO Alexander Nix was recorded telling reporters: “It sounds a dreadful thing to say, but these are things that don’t necessarily need to be true as long as they’re believed.” In addition Nix was known to refer to black clients as “niggers” in internal emails. Emails that were encrypted and programmed to self-destruct.
Nixon has since been suspended from the company and is under investigation.
Now if you want to know how dirty this whole thing gets a former employee of CA told CNN former White House chief strategist Steve Bannon presided over a program at CA who’s purpose was collecting Facebook data to create voter profiles. CA was a prime data provider to the campaigns of Ted Cruz and Donald Trump. Trump political appointee, Kelly Rzendzian, also worked at Cambridge Analytica.
Now remember that the original number is still only 270,000 users. Cambridge Analytica took it to the next level by hiring workers on Amazon Mechanical Turk (AMT). This platform allows gig workers, known as turkers, to complete small online tasks for near minimum wage or less. Turkers have been described as “volunteer slave labor.” CA hired these people to complete an online survey. According to the The Intercept’s investigation last year this system worked for Cambridge Analytica. Basically, Cambridge Analytica tricked turkers into a downloading a tool on Facebook that exposed both the worker, and their friends, in exchange for $1 or $2 to complete an online survey. According to the New York Times this trick was a massive success exposing over 50 million Facebook users to data collection.
Now back to Facebook. Andrew Zuckerberg’s company knew about this activity in 2015. The Guardian reported in 2015 on Cambridge Analytica’s work on U.S. election campaigns. It revealed that the company drew on research “spanning tens of millions of Facebook users, harvested largely without their permission.” Kogan denied this was happening.
This was not a great concern for Facebook until 2015. That year Facebook updated its third-party API. An API or application programming interface is just a piece of software that allows two software programs to talk to each other. Facebook moved to block access to the kind of massive data sets that Cambridge Analytica was collecting. Although it drastically limited the data third party apps could access Facebook said nothing to users about the API misuse. Facebook also clamped down on any third-party app requesting more than the usual amount of data like public profile, list of friends, and email addresses from its users. But it all came too late.
After The Guardian published its article, Facebook demanded Global Science Research delete the data taken from Facebook users. Facebook has the right to delete data gathered by any app deemed to be “negatively impacting the platform.” Facebook believed that Kogan and SCL complied. They had not and no one from Facebook followed up.
Christopher Wylie blew the lid off the Facebook/Cambridge Analytica data scandal. Wylie is being cheered for revealing how CA, according to the New York Times and the The Observer of London, of improperly using and manipulating the Facebook data to influence elections. Wylie told the Observer “We exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons.” According to Wylie himself he was the gay Canadian vegan who somehow ended up creating “Steve Bannon’s psychological warfare mindfuck tool”.
Now you know.