Prosecutors Sue Facebook Over Cambridge Analytica

The US federal district of Washington DC is suing Facebook for Cambridge Analytica access to the individual data of millions of the site’s users without their permission being asked for.

Prosecutors said 852 D.C. users downloaded the misleading application provided by Cambridge Analytica but that a much larger portion of DC residents, approximately 340,000 people, had their data collected because they were friends of those initial users through Facebook. 

This could mean Facebook faces a fine of up to $1.7 billion if all 340,000 instances are considered “violations” under the statute.

However, it seems that this might just be the beginning of a major Facebook data sharing problem as there is now discussion over whether Spotify and Netflix have the options to read and or trash personal messages. Facebook also is being accused of using location-based advertising after a user has even blocked that company’s GPS access on their phones. 

“Facebook failed to protect the privacy of its users and deceived them about who had access to their data and how it was used,” the city’s attorney general, Karl Racine.

“Facebook put users at risk of manipulation by allowing companies like Cambridge Analytica and other third-party applications to collect personal data without users’ permission. Today’s lawsuit is about making Facebook live up to its promise to protect its users’ privacy.”

Facebook, has more than 2 billion active users around the world. Through a website and a mobile application which allows users to communicate and share content with personalised networks of “friends.”

An investigation earlier in 2018 found that Cambridge Analytica, which worked for Donald Trump’s political campaign, had collected Facebook profiles data of more than 50 million users without their permission. The DC attorney general said that this process exposed almost half of the district’s residents’ data to potential political manipulation in the 2016 presidential election. 

In a statement, Facebook said: “None of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.”

“Facebook does not use WiFi data to determine your location for ads if you have location services turned off. We do use IP and other information such as check-ins and current city from your profile. We explain this to people, including in our Privacy Basics site and on the About Facebook Ads site.”

However, there is no obvious combination of settings that users can employ to prevent their location from being used by advertisers to target them.

The district attorney said the maximum penalty under the act is $5,000 “per violation”. However, the law in not clear as to what may constitute a single violation according to the regulations.

Original News by CSI

You MIght Also Read:

The Cambridge Analytica Scandal 'highlights need for AI regulation':

 

« China’s Hackers Have Stolen EU, US & Global Secrets
Cyber Attacks On Business Are Surging »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

CIRCL

CIRCL

CIRCL is the national Computer Incident Response Center of Luxembourg

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

ioXt Alliance

ioXt Alliance

The ioXt Alliance is a group of manufacturers, industry alliances and government organizations dedicated to harmonizing best security practices in a highly connected world.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

Cognyte

Cognyte

Cognyte are a market leader in security analytics software that empowers governments and enterprises with Actionable Intelligence for a safer world.

QGroup

QGroup

QGroup has been re-designing the consultancy industry since 2012. We're a rapidly expanding group of consulting companies that deliver bespoke IT services including cybersecurity.

CerraCap Ventures

CerraCap Ventures

CerraCap Ventures invest globally into early-stage B2B companies in Healthcare, Enterprise AI and Cyber Security.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

ELK Analytics

ELK Analytics

ELK Analytics is a specialized Managed Security Services Provider (MSSP) that focuses on endpoint security and monitoring & alerting for any type of structured or unstructured data.