Canadian Security Magazine

Facebook’s Zuckerberg admits mistakes, outlines fixes

By The Associated Press   

News Data Security data security donald trump facebook Mark Zuckerberg risk assessment social media

NEW YORK — Breaking more than four days of silence, Facebook CEO Mark Zuckerberg admitted mistakes and outlined steps to protect user data in light of a privacy scandal involving a Trump-connected data-mining firm.

Zuckerberg said Wednesday that Facebook has a “responsibility” to protect its users’ data and if it fails, “we don’t deserve to serve you.”

Zuckerberg and Facebook’s No. 2 executive, Sheryl Sandberg, have been quiet since news broke Friday that Cambridge Analytica may have used data improperly obtained from roughly 50 million Facebook users to try to sway elections.

Facebook has already taken the most important steps to prevent such a situation from happening again, Zuckerberg said. For example, in 2014, it reduced access outside apps had to user data. However, some of the measures didn’t take effect until a year later, allowing Cambridge to access the data in the intervening months.

Zuckerberg acknowledges that there is more the company needs to do.

Advertisement

In a Facebook post on Wednesday, Zuckerberg said it will ban developers who don’t agree to an audit. An app’s developer will no longer have access to data from people who haven’t used that app in three months. Data will also be generally limited to user names, profile photos and email, unless the develop signs a contract with Facebook and gets user approval.

Earlier Wednesday, an academic who developed the app used by Cambridge Analytica to harvest data said that he had no idea his work would be used in Donald Trump’s 2016 presidential campaign.

Alexandr Kogan, a psychology researcher at Cambridge University, told the BBC that both Facebook and Cambridge Analytica have tried to place the blame on him for violating the social media platform’s terms of service, even though Cambridge Analytica ensured him that everything he did was legal.

“My view is that I’m being basically used as a scapegoat by both Facebook and Cambridge Analytica,” he said. “Honestly, we thought we were acting perfectly appropriately, we thought we were doing something that was really normal.”

Authorities in Britain and the United States are investigating the alleged improper use of Facebook data by Cambridge Analytica, a U.K.-based political research firm. Facebook shares have dropped some 9 per cent, lopping more than $50 billion off the company’s market value, since the revelations were first published, raising questions about whether social media sites are violating users’ privacy.

The head of Cambridge Analytica, Alexander Nix, was suspended Tuesday after Britain’s Channel 4 News broadcast hidden camera footage of him suggesting the company could use young women to catch opposition politicians in compromising positions. Footage also showed Nix bragging about the firm’s pivotal role in the Trump campaign.

Nix said Cambridge Analytica handled “all the data, all the analytics, all the targeting” for the Trump campaign, and used emails with a “self-destruct timer” to make the firm’s role more difficult to trace.

“There’s no evidence, there’s no paper trail, there’s nothing,” he said.

In a statement, Cambridge Analytica’s board said Nix’s comments “do not represent the values or operations of the firm, and his suspension reflects the seriousness with which we view this violation.”

Facebook itself is drawing criticism from politicians on both sides of the Atlantic for its alleged failure to protect users’ privacy.

Sandy Parakilas, who worked in data protection for Facebook in 2011 and 2012, told a U.K. parliamentary committee Wednesday that the company was vigilant about its network security but lax when it came to protecting users’ data.

He said personal data including email addresses and in some cases private messages was allowed to leave Facebook servers with no real controls on how the data was used after that.

“The real challenge here is that Facebook was allowing developers to access the data of people who hadn’t explicitly authorized that,” he said, adding that the company had “lost sight” of what developers did with the data.

On Tuesday, the chairman of the U.K. parliament’s media committee, Damian Collins, said his group has repeatedly asked Facebook how it uses data, but company officials “have been misleading to the committee.”

The committee summoned Facebook CEO Mark Zuckerberg to testify. Facebook sidestepped questions on whether Zuckerberg would appear, saying instead that the company is currently focused on conducting its own reviews.

Meanwhile, Britain’s information commissioner, Elizabeth Denham, said she is pursuing a warrant to search Cambridge Analytica’s servers. She has also asked Facebook to cease its own audit of Cambridge Analytica’s data use.

Denham said the prime allegation against Cambridge Analytica is that it acquired personal data in an unauthorized way, adding that data protection laws require services like Facebook to have strong safeguards against misuse of data.

Leading Democrats in the U.S. Senate also called on Zuckerberg to testify. Sen. Dianne Feinstein of California, the top Democrat on the Senate Judiciary Committee, called Facebook’s latest privacy scandal a “danger signal.” She wants Zuckerberg’s assurances that Facebook is prepared to take the lead on measures to protect user privacy — or Congress may step in.

Kogan’s work involved modeling human behaviour through social media. In collaboration with Cambridge Analytica, he developed a Facebook-based personality survey called “This Is Your Digital Life” and paid about 200,000 people to take part. As a result, participants unknowingly gave the researchers access to the profiles of their Facebook friends, allowing them to collect data from millions more users.

Kogan said Cambridge Analytica approached him to gather Facebook data and provided the legal advice that this was “appropriate.”

“One of the great mistakes I did here was I just didn’t ask enough questions,” he said. “I had never done a commercial project; I didn’t really have any reason to doubt their sincerity. That’s certainly something I strongly regret now.”

He said the firm paid some $800,000 for the work, but it went to participants in the survey.

“My motivation was to get a dataset I could do research on; I have never profited from this in any way personally,” he said.

— Barbara Ortutay, Danica Kirka and Gregory Katz (Danica Kirka and Gregory Katz reported from London).

News from © Canadian Press Enterprises Inc. 2018


Print this page

Advertisement

Stories continue below


Related

Leave a Reply

Your email address will not be published. Required fields are marked *

*