In the wake of the horrifying data harvesting scandal, where one political consultancy obtained sensitive information on 50 million Facebook users without their consent, Facebook CEO Mark Zuckerberg and his right-hand woman Sheryl Sandberg have remained largely out of the public eye – but that hasn’t stopped more shocking details about the incident from unfolding.
In the most recent news, a former Facebook insider reveals how the company had been selling users private information to data brokers for years.
Whistleblower Gives More Insight on Data Breech
Sandy Parkilas, who worked as the operations manager for Facebook from 2011 to 2012, was largely responsible for preventing third-party developers from breaching the website’s data policy. In an interview with The Guardian, Sandy said that the company’s lax approach towards the protection of users’ data had always worried him and he had warned Facebook’s executives about the consequences of a major data breach which could put the company’s reputation in jeopardy.
According to the whistleblower, Facebook was not making any effort to monitor the data which left its servers and could be accessed by third-party software developers and potentially be passed on to other entities with a malicious intent – which is exactly what happened when data on 50 million users got into the hands of Cambridge Analytica. Sandy said that once the data left the servers, the company had no control over how it was being used.
Facebook Knew the Risks but Chose to do Nothing
Facebook could have used enforcement mechanisms to audit third-party developers in order to ensure that the data was not being wrongfully used but its decision to turn a blind eye on the data breech risks tells a great deal about how much the company cares about its users’ privacy.
Sandy, whose responsibility in the company was to audit outside developers, said that he had suspected a slew of data breech incidents during 2011 and 2012 but his superiors had failed to heed any of his warnings.
Parakilas, who now works as a product manager for Uber, said that the recent data crisis involving Cambridge Analytica could have easily been avoided if Facebook had done something about it.
He suspects that there exists a black market of sorts which trades in Facebook user data acquired from third-party developers. When he suggested auditing all the app developers who were able to access user data, the executives discouraged him from taking the approach because they were scared of what they would find if they looked deeper.
Selling Data to Third-Party Apps
According to Parakilas, the Facebook superiors believed that the less they knew about what was going on with the data outside the website’s servers, the better. The company feared that it would face legal action and lose the trust of its userbase if it invested further into the data harvesting issue and discovered that user information was being abused by external entities.
Parakilas has often criticized Facebook for its old policy of allowing third-party applications and games to access personal information of users as well as their social media friends. The ‘friends permission’ feature was widely exploited until 2012 by apps like Farmville which gave 30 per cent of its profits to Facebook in return for accessing data on millions of Facebook users.
The feature was finally terminated in 2014 when Facebook discovered that companies were accumulating massive troves of data from the social media site to create their own social networks.
Time for Accountability
On Monday, Facebook made an announcement that it was going to thoroughly investigate the recent data breech by Cambridge Analytica and that a digital forensic company has already been hired for that. Although, the social media giant’s delayed response to the crisis does raise an alarm about how little it cares about the privacy of its users.
The data acquired by Cambridge Analytica in 2014 was originally entrusted to the Global Science Research of Cambridge University run by a psychologist named Aleksandr Kogan. Kogan had created a personally app on the website and used Facebook’s friends access feature to amass data on 10 million users for research purposes – the information eventually ended up in the hands of a political firm, even though Cambridge Analytica maintains that it did nothing illegal in obtaining the data.