Prosecutors Sue Facebook Over Cambridge Analytica

The US federal district of Washington DC is suing Facebook for Cambridge Analytica access to the individual data of millions of the site’s users without their permission being asked for.

Prosecutors said 852 D.C. users downloaded the misleading application provided by Cambridge Analytica but that a much larger portion of DC residents, approximately 340,000 people, had their data collected because they were friends of those initial users through Facebook. 

This could mean Facebook faces a fine of up to $1.7 billion if all 340,000 instances are considered “violations” under the statute.

However, it seems that this might just be the beginning of a major Facebook data sharing problem as there is now discussion over whether Spotify and Netflix have the options to read and or trash personal messages. Facebook also is being accused of using location-based advertising after a user has even blocked that company’s GPS access on their phones. 

“Facebook failed to protect the privacy of its users and deceived them about who had access to their data and how it was used,” the city’s attorney general, Karl Racine.

“Facebook put users at risk of manipulation by allowing companies like Cambridge Analytica and other third-party applications to collect personal data without users’ permission. Today’s lawsuit is about making Facebook live up to its promise to protect its users’ privacy.”

Facebook, has more than 2 billion active users around the world. Through a website and a mobile application which allows users to communicate and share content with personalised networks of “friends.”

An investigation earlier in 2018 found that Cambridge Analytica, which worked for Donald Trump’s political campaign, had collected Facebook profiles data of more than 50 million users without their permission. The DC attorney general said that this process exposed almost half of the district’s residents’ data to potential political manipulation in the 2016 presidential election. 

In a statement, Facebook said: “None of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.”

“Facebook does not use WiFi data to determine your location for ads if you have location services turned off. We do use IP and other information such as check-ins and current city from your profile. We explain this to people, including in our Privacy Basics site and on the About Facebook Ads site.”

However, there is no obvious combination of settings that users can employ to prevent their location from being used by advertisers to target them.

The district attorney said the maximum penalty under the act is $5,000 “per violation”. However, the law in not clear as to what may constitute a single violation according to the regulations.

Original News by CSI

You MIght Also Read:

The Cambridge Analytica Scandal 'highlights need for AI regulation':

 

« China’s Hackers Have Stolen EU, US & Global Secrets
Cyber Attacks On Business Are Surging »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

Trend Micro

Trend Micro

Trend Micro is a leader in hybrid cloud, endpoint, and network security solutions.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Apricorn

Apricorn

Apricorn provides hardware-based 256-bit encrypted external storage products to companies and organizations that require high-level protection for their data at rest.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Global Resources

Global Resources

Global Resources' planning and management capabilities support city, regional, and national utility and infrastructure management, and information systems and cyber security service delivery.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Fusion Risk Management

Fusion Risk Management

Fusion Risk Management focuses on operational resilience encompassing business continuity, risk management, IT risk, and crisis and incident management.

Securonix

Securonix

Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats.

NVISO Security

NVISO Security

NVISO is a pure-play cyber security consulting firm, focused mainly on the Financial Sector, the Technology Sector, and Government & Critical Infrastructure.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.

Internet Watch Foundation (IWF)

Internet Watch Foundation (IWF)

Since the early days of the internet, our job has been to help child victims of sexual abuse by hunting down and removing any online record of the abuse.