The feelings of confusion and frustration surrounding social media giant Facebook reached another peak this week with the revelation that even more users may have had their data secretly scraped by Cambridge Analytica. In fact, the actual number of data-mined users may be 87 million, 30 million more than initially stated.
The actual number of affected users is still in dispute. Cambridge Analytica claimed in an official statement that they “licensed data for no more than 30 million people from GSR, as is clearly stated in our contract with the research company. We did not receive more data than this.”
Buried in the announcements was the revelation that “most” of Facebook’s 2 billion users could have had their public profiles scraped by third-parties (including app developers and partners). Virtually any user who enabled a specific search function that allowed others to find them via email or phone number could have had their personal data collected and exploited.
In light of these new revelations, Facebook is making efforts to repair their reputation and their data policies. Facebook disabled the email and phone number search functions and has severely restricted third-parties access users’ data. Third-parties can no longer view or collect personal information including religion, political views, and relationship statuses. Facebook is also changing their account recovery practices.
Whether these efforts will be enough remains to be seen. Facebook founder Mark Zuckerberg spoke with Vox, and expressed a grounded optimism that his platform’s problems would be fixed but that it would take years to do so. He is scheduled to speak before Congress on data privacy and data mining on April 11. Since the Cambridge Analytica scandal came to light, Facebook has lost $100 billion dollars in market value.
There is some debate about the legal and ethical culpability, if any, of Facebook’s actions. Cybersecurity experts are split on the matter. While sharing users’ data with third-parties is part of the user agreement necessary to use Facebook, the potential use of that data to sway the 2016 U.S. Presidential via targeted fake news has potentially changed the ethical paradigm of the conversation. And this should be a warning to other enterprises on how they share user data.