:quality(70)/s3.amazonaws.com/arc-authors/irishtimes/2a429887-bb72-4814-bd40-0cbf79fe8d51.png)
As world leaders, including Taoiseach Leo Varadkar, express concern about the Facebook-Cambridge Analytica data-misuse scandal, this could be the case that finally forces change in the way people, governments and regulators view data privacy and data-collecting technology platforms.
The fast-unfolding saga reveals a complex tale about a company that, by secretively obtaining Facebook data about tens of millions of voters, may have influenced the Brexit referendum and the 2016 US presidential election, among other international events.
The story starts a few years ago with Aleksandr Kogan, a Cambridge academic who developed an app called thisisyourdigitallife, a “personality test” that gathered data from paid users through his company Global Science Research, in collaboration with the secretive Cambridge Analytica.
Although the original participants included about 250,000 Facebook users, the resulting trove was swollen with the profile information of 50 million unsuspecting people
As part of the user agreement to permit the data to be used, ostensibly, for university research, the app also gathered the data of participants’ Facebook friends. So, although the original participants included about 250,000 Facebook users, the resulting trove was swollen with the profile information of 50 million unsuspecting people.
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/JVK4BFNTB7R4VYTUMA2X42EZFA.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/EYYI4N4EMH7665PNMMDH3AJ4B4.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/HKYDTJCDFCR7VHBHJOMPCOUVJU.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/PC4TJV4AWRHDWKK5X524O3G3HI.jpg)
Using this dubiously obtained data, the companies developed a software tool they claimed could determine voter sentiment and influence voters by showing them highly targeted advertisements and stories via social media.
The interwoven strands of the story are intriguingly complex. Cambridge Analytica was employed by the Trump campaign, and one of its former directors was Steve Bannon, the founder of the alt-right platform Breitbart and a former special adviser to President Trump. The company is funded by the conservative hedge-fund billionaire Robert Mercer, who donated Cambridge Analytica’s services to Nigel Farage for the Brexit referendum campaign.
Those undisputed facts have transformed what might otherwise be a data-breach and -misuse story into a political maelstrom that may ultimately feed into the election-meddling investigation of Robert Mueller, the US special counsel.
Facebook’s response has been muted. Although it insists that Cambridge Analytica obtained and used its user-profile data improperly, as a commercial organisation, Facebook nonetheless allowed researchers to use vast databases of individual information – a condition of holding their accounts most Facebook users were probably unaware of.
In addition, Facebook for years allowed third-party developers to use apps it had distributed to stealthily harvest data from the Facebook friends of whoever was lured to participate in the platform’s ubiquitous third-party quizzes and games. Unwitting users rarely noticed that using such apps also granted access to their friends’ data.
Only when Max Schrems, the Austrian privacy activist, brought a case against Facebook and the Irish Data Protection Commissioner a few years ago – in part over exactly this type of data gathering by third parties without clear disclosure or his consent, ruled unlawful by the European Court of Justice – did the company change this practice.
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/NDRIE4Z7YDLO3NBATXA2O53BHE.jpg)
Already under intense scrutiny because of its role as a platform of choice for what is now widely accepted as the attempted Russian manipulation of the 2016 American presidential election, Facebook has been body-slammed by the new disclosures. An online campaign to persuade users to leave Facebook has picked up momentum, and financial markets have responded to the story by stripping billions from the company’s value.
The saga also has a significant Irish angle that has not yet played out. Although the Taoiseach has indicated that Irish referendums and elections could also be manipulated by such methods, the pressing questions at the moment sit with Facebook’s Irish regulator. In Europe the company falls under the scrutiny of the Irish Data Protection Commissioner, who must also ensure corporate compliance with EU law and the judgments of the European Court of Justice. The UK data commissioner is taking a key role in the investigation of Cambridge Analytica in that country, but the Irish commissioner, Helen Dixon, will have the far more comprehensive role as Facebook’s European regulator.
She’ll need to determine when, how and why Facebook data ended up in the hands of Cambridge Analytica. But her office likewise must come under scrutiny: why, under its watch, was Facebook able to take two years to comply with the EU court’s Schrems decision?
With Ireland the home to so many tech multinationals, including the most prominent social-media platforms, the Cambridge Analytica case and its knock-on effects on a data gatherer like Facebook must be taken as a warning that Irish and EU policy and regulation must be fit and well funded.
And, as a high-level EU report concluded last week that social-media giants like Facebook, Twitter and Google should be largely self-regulating, the Cambridge Analytica story confirms that what is needed is, rather, proper regulation and closer scrutiny.