New Delhi: UK-based Cambridge Analytica has denied using data of Facebook users in India even as the social media giant has admitted that 5.62 lakh people in the country were potentially affected by the data breach, according to official sources.
In fact, Not only did Cambridge Analytica harvest 87 million Facebook users’ personal data but it also might have accessed the private inbox messages of those affected. On Monday, Facebook slipped this previously undisclosed detail into notifications, which began appearing at the top of the social networking site’s news feeds. These alerts let users know whether they or their friends had downloaded a personality quiz app called “This Is Your Digital Life”. It could have led to a collection of their data which could pass on to Cambridge Analytica.
“A small number of people who logged into ‘This Is Your Digital Life’ also shared their own News Feed, timeline, posts and messages which may have included posts and messages from you,” Facebook declared.
After contradictory replies from the two companies on potential data breach of Indian users, the Union government now plans to seek additional clarification from them, the sources said.
The central government had sought a reply from Cambridge Analytica over data breach charges by 7 April. The UK-based firm had sought additional time and is believed to have submitted its reply recently.
“Cambridge Analytica has denied using any data of Indians from Facebook. There are discrepancies when replies of Cambridge Analytica and Facebook were matched. (The) Government will write to both the companies for further clarification,” an official source said.
However, as far as the incident of last Monday is concerned, the app “This Is Your Digital Life” was designed by Cambridge University researcher Aleksandr Kogan to collect data on Americans on behalf of Cambridge Analytica’s British parent company, the British firm Strategic Communication Laboratories (SCL). SCL requested access to user inboxes through read_mailbox. While Facebook says it was no longer possible to access the names and further details of a targeted user’s friends after April 2015 unless the targeted user, as well as his/her friends, had read_mailbox installed, the intrusion did not end until October 2015.
To avoid making the targeted user grow suspicious about the app, even though the app gave the precondition that the user must let it peep into his/her inbox, the app added a whole lot of benign information, like birthdays and profile pictures, that it sought to the highly personal data.
Cambridge Analytica has been accused of mining personal information of millions of Facebook users illegitimately to help political campaigns and influence polls in several countries.
The Indian government had sent notices to both the companies seeking detailed explanation on any possible misuse of profile data of Indians to influence their voting behaviour.
The US-based Facebook last week admitted that 5.62 lakh people in India were potentially affected by the global data leak, involving Cambridge Analytica. Facebook has over 20 crore users in India.
Facebook has said it is “investigating” the specific number of people whose information was accessed, including those in India and also emphasised that the Cambridge Analytica’s use of such data did not have its consent.
Facebook had admitted that data of about 87 million people mostly in the US may have been improperly shared by research company GSR with Cambridge Analytica.
The UK-based firm, however, has denied the allegation saying that the company licensed data for no more than 30 million people from GSR.
“Our contract with GSR stated that all data must be obtained legally, and this contract is now a matter of public record. We took legal action against GSR when we found out they had breached this contract. When Facebook contacted us to let us know the data had been improperly obtained, we immediately deleted the raw data from our file server, and began the process of searching for and removing any of its derivatives in our system,” Cambridge Analytica said in response to Facebook’s announcement.
You can’t be sure you’re unaffected despite FB’s help
Facebook launched a tool on Monday, using which the user could know whether his/her security has been compromised. If you are an affected user, you must have been notified by Facebook by now.
But then, it can tell you only whether you have let Cambridge Analytica sneak into your friend’s classified information. It wouldn’t tell whether one or more of your hundreds or thousands of Facebook friends has/have let a third party into your private world.
Mark Zuckerberg pleads guilty
In the meantime, Facebook owner Mark Zuckerberg has admitted before US lawmakers that he was responsible for the breach of trust that 2 billion users worldwide had in Facebook. “We didn’t take a broad enough view of our responsibility, and that was a big mistake. It was my mistake, and I’m sorry,” Zuckerberg said in his written testimony, which was released by the House commerce committee.
The 33-year-old has testified before US Senators on Tuesday and House lawmakers on Wednesday.