Prosecutors Sue Facebook Over Cambridge Analytica

Uploaded on 2019-01-07 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, FREE TO VIEW

The US federal district of Washington DC is suing Facebook for Cambridge Analytica access to the individual data of millions of the site’s users without their permission being asked for.

Prosecutors said 852 D.C. users downloaded the misleading application provided by Cambridge Analytica but that a much larger portion of DC residents, approximately 340,000 people, had their data collected because they were friends of those initial users through Facebook. 

This could mean Facebook faces a fine of up to $1.7 billion if all 340,000 instances are considered “violations” under the statute.

However, it seems that this might just be the beginning of a major Facebook data sharing problem as there is now discussion over whether Spotify and Netflix have the options to read and or trash personal messages. Facebook also is being accused of using location-based advertising after a user has even blocked that company’s GPS access on their phones. 

“Facebook failed to protect the privacy of its users and deceived them about who had access to their data and how it was used,” the city’s attorney general, Karl Racine.

“Facebook put users at risk of manipulation by allowing companies like Cambridge Analytica and other third-party applications to collect personal data without users’ permission. Today’s lawsuit is about making Facebook live up to its promise to protect its users’ privacy.”

Facebook, has more than 2 billion active users around the world. Through a website and a mobile application which allows users to communicate and share content with personalised networks of “friends.”

An investigation earlier in 2018 found that Cambridge Analytica, which worked for Donald Trump’s political campaign, had collected Facebook profiles data of more than 50 million users without their permission. The DC attorney general said that this process exposed almost half of the district’s residents’ data to potential political manipulation in the 2016 presidential election. 

In a statement, Facebook said: “None of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.”

“Facebook does not use WiFi data to determine your location for ads if you have location services turned off. We do use IP and other information such as check-ins and current city from your profile. We explain this to people, including in our Privacy Basics site and on the About Facebook Ads site.”

However, there is no obvious combination of settings that users can employ to prevent their location from being used by advertisers to target them.

The district attorney said the maximum penalty under the act is $5,000 “per violation”. However, the law in not clear as to what may constitute a single violation according to the regulations.

Original News by CSI

You MIght Also Read:

The Cambridge Analytica Scandal 'highlights need for AI regulation':

 

« China’s Hackers Have Stolen EU, US & Global Secrets
Cyber Attacks On Business Are Surging »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Duo Security

Duo Security

Duo combines security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

NovaTech Automation

NovaTech Automation

NovaTech products and services make the world’s power grids and essential process industries more reliable, efficient, sustainable and secure.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

Otorio

Otorio

OTORIO delivers industrial cybersecurity and digital risk-management solutions and services. We help our customers to keep their revenue-generating operations resilient, efficient, and safe.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

ThrottleNet

ThrottleNet

ThrottleNet provides world-class managed IT services and cybersecurity to organizations in St. Louis and throughout Missouri.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.

Nicos AG

Nicos AG

Nicos AG specializes in secure, global data communication.

GetReal Security

GetReal Security

GetReal Security is the world’s leading authority on malicious digital content and deepfake protection.