Cambridge Analytica
Auto Added by WPeMatico
Auto Added by WPeMatico
While many of us in the tech world are familiar with Facebook’s business model, there is a common misconception among people that Facebook collects information about you and then sells that information to advertisers.
Zuckerberg wants everyone (especially the U.S. Senate) to know that’s not the case, and has laid forth the most simple example to explain it.
During his testimony, the Facebook CEO clarified to Senator John Cornyn that Facebook does not sell data.
There is a very common misconception that we sell data to advertisers, and we do not sell data to advertisers. What we allow is for advertisers to tell us who they want to reach and then we do the placement. So, if an advertiser comes to us and says, ‘Alright, I’m a ski shop and I want to sell skis to women,’ then we might have some sense because people shared skiing related content or said they were interested in that. They shared whether they’re a woman. And then we can show the ads to the right people without that data ever changing hands and going to the advertiser. That’s a very fundamental part of how our model works and something that is often misunderstood.
While, again, this may seem straightforward to many of us, Zuckerberg found himself having to explain more than once that Facebook does not sell data during his Senate testimony.
Powered by WPeMatico
Facebook didn’t ban Cambridge Analytica when it found out in 2015 that it had received user data from Dr. Aleksandr Kogan, and Zuckerberg called that a mistake during his testimony before the Senate. Cambridge Analytica has since been banned.
Zuckerberg explained that “I want to correct one thing that I said earlier in response to a question from Senator Leahy. He had asked why we didn’t ban Cambridge Analytica at the time when we learned of them in 2015. And I answered that what my understanding was was that they were not on the platform, were not an app developer or advertiser. When I went back and met with my team afterwards, they let me know that Cambridge Analytica actually did start as an advertiser later in 2015, so we could have in theory banned them back then, and made a mistake by not doing so.”
NEW YORK, NY – SEPTEMBER 19: CEO of Cambridge Analytica Alexander Nix speaks at the 2016 Concordia Summit – Day 1 at Grand Hyatt New York on September 19, 2016 in New York City. (Photo by Bryan Bedder/Getty Images for Concordia Summit)
When the Guardian informed Facebook about Kogan sharing user data to Cambridge Analytica, Facebook banned Kogan, and required Cambridge Analytica to formally certify that it had deleted all the improperly attained user data. Cambridge Analytica did so, Zuckerberg confirmed in his prepared testimony for today. But Facebook then stopped short of blocking Cambridge Analytica from buying ads on its platform. The company went on to work with the Trump campaign to help it optimize political messaging and ad targeting.
Had Facebook banned Cambridge Analytica at the time, it wouldn’t have been able to buy ads directly on behalf of political campaigns with which it worked. However, the company might still have been able to help these campaigns to optimize their ads, so a 2015 ban wouldn’t have necessarily prevented second-hand use of improperly attained data.
Powered by WPeMatico
Today during Mark Zuckerberg’s testimony before the Senate, the Facebook CEO reiterated that “there will always be a version of Facebook that is free.”
In the midst of the Cambridge Analytica scandal, in which the user data of up to 87 million people was sold by a third-party developer to Trump Campaign-linked firm Cambridge Analytica, there has been talk of Facebook potentially adding a subscription layer.
The scandal has brought to light the heart of a problem that many have been well aware of: if you’re not buying a product, you are the product.
Last week, when asked if there might be a way for users to opt out of being targeted for ads, Sandberg responded saying they’d have to pay for it.
“We have different forms of opt-out,” Sandberg replied. “We don’t have an opt-out at the highest level. That would be a paid product.”
Our own Josh Constine made an argument that ad-free subscriptions could save Facebook. And while there’s no word on an ad-free subscription, Zuckerberg did at least leave room for it in the future, noting that there will always be a version of Facebook that is free.
“How do you sustain a business model in which users don’t pay for your service?” Senator Orrin Hatch asked Zuckerberg.
“Senator, we run ads.”
Powered by WPeMatico
Today, Facebook CEO Mark Zuckerberg will begin two of the most publicly scrutinized days of his career.
This afternoon, members of the Senate will hear from Zuckerberg on data use, protection and privacy in the midst of the Cambridge Analytica scandal and Russian election meddling. While Zuckerberg’s prepared statement has already been released to the public, there are plenty of lingering questions to be answered.
We’ll be watching diligently and bringing you all the breaking news and analysis from the hearing. But if you want to watch along yourself, here’s what you need to know:
The hearing begins at 2:15 pm ET.
It’s a joint hearing held by the Senate Judiciary Committee and Senate Committee on Commerce, Science and Transportation.
The hearing will be live streamed right here.
Powered by WPeMatico
Earlier this week, the House Energy and Commerce Committee announced that Facebook CEO Mark Zuckerberg is slated to testify on the use and protection of user data in Washington D.C. on April 11. Turns out, Zuckerberg will have a busier week in D.C. than expected, with the Senate Judiciary and Senate Commerce Committees announcing a joint hearing with the Facebook boss.
The Senate hearing will go down on April 10, a day before Zuckerberg appears before the House Committee.
The hearing, convened by Senate Committee on the Judiciary Chairman Chuck Grassley (R-Iowa) and Senate Commerce, Science and Transportation Committee Chairman John Thune (R-S.D.), is titled “Facebook, Social Media Privacy, and the Use and Abuse of Data.”
The hearing will take place in the U.S. Capitol Visitors Center at 2:15pm ET.
Here’s what Senator Thune had to say in a prepared statement:
Facebook now plays a critical role in many social relationships, informing Americans about current events, and pitching everything from products to political candidates. Our joint hearing will be a public conversation with the CEO of this powerful and influential company about his vision for addressing problems that have generated significant concern about Facebook’s role in our democracy, bad actors using the platform, and user privacy.
Zuckerberg brought up the possibility of speaking to congress in late March, saying: “If it is ever the case that I am the most informed person at Facebook in the best position to testify, I will happily do that.”
Powered by WPeMatico
“This is going to be a never-ending battle,” said Mark Zuckerberg . He just gave the most candid look yet into his thoughts about Cambridge Analytica, data privacy and Facebook’s sweeping developer platform changes during a conference call with reporters today. Sounding alternately vulnerable about his past negligence and confident about Facebook’s strategy going forward, Zuckerberg took nearly an hour of tough questions.
You can read a transcript here and listen to a recording of the call below:
The CEO started the call by giving his condolences to those affected by the shooting at YouTube yesterday. He then delivered this mea culpa on privacy:
We’re an idealistic and optimistic company … but it’s clear now that we didn’t do enough. We didn’t focus enough on preventing abuse and thinking through how people could use these tools to do harm as well … We didn’t take a broad enough view of what our responsibility is and that was a huge mistake. That was my mistake.
It’s not enough to just connect people. We have to make sure those connections are positive and that they’re bringing people together. It’s not enough just to give people a voice, we have to make sure that people are not using that voice to hurt people or spread misinformation. And it’s not enough to give people tools to sign into apps, we have to make sure that all those developers protect people’s information too.
It’s not enough to have rules requiring that they protect the information. It’s not enough to believe them when they’re telling us they’re protecting information. We actually have to ensure that everyone in our ecosystem protects people’s information.
This is Zuckerberg’s strongest statement yet about his and Facebook’s failure to anticipate worst-case scenarios, which has led to a string of scandals that are now decimating the company’s morale. Spelling out how policy means nothing without enforcement, and pairing that with a massive reduction in how much data app developers can request from users makes it seem like Facebook is ready to turn over a new leaf.
Here are the highlights from the rest of the call:
On Zuckerberg calling fake news’ influence “crazy”: “I clearly made a mistake by just dismissing fake news as crazy — as having an impact … it was too flippant. I never should have referred to it as crazy.
On deleting Russian trolls: Not only did Facebook delete 135 Facebook and Instagram accounts belonging to Russian government-connected election interference troll farm the Internet Research Agency, as Facebook announced yesterday, Zuckerberg said Facebook removed “a Russian news organization that we determined was controlled and operated by the IRA.”
On the 87 million number: Regarding today’s disclosure that up to 87 million people had their data improperly accessed by Cambridge Analytica, “it very well could be less but we wanted to put out the maximum that we felt it could be as soon as we had that analysis.” Zuckerberg also referred to The New York Times’ report, noting that “We never put out the 50 million number, that was other parties.”
On users having their public info scraped: Facebook announced this morning that “we believe most people on Facebook could have had their public profile scraped” via its search by phone number or email address feature and account recovery system. Scammers abused these to punch in one piece of info and then pair it to someone’s name and photo. Zuckerberg said search features are useful in languages where it’s hard to type or a lot of people have the same names. But “the methods of react limiting this weren’t able to prevent malicious actors who cycled through hundreds of thousands of IP addresses and did a relatively small number of queries for each one, so given that and what we know to day it just makes sense to shut that down.”
On when Facebook learned about the scraping and why it didn’t inform the public sooner: “We looked into this and understood it more over the last few days as part of the audit of our overall system,” Zuckerberg said, declining to specify when Facebook first identified the issue. [Update: Facebook later specified that the sophisticated scraping had been picked up in the past few weeks during the audit, recently confirmed, and that the company disclosed the situation as soon as it had details ready.]
On implementing GDPR worldwide: Zuckerberg refuted a Reuters story from yesterday saying that Facebook wouldn’t bring GDPR privacy protections to the U.S. and elsewhere. Instead he says, “we’re going to make all the same controls and settings available everywhere, not just in Europe.”
On if board has discussed him stepping down as chairman: “Not that I’m aware of,” Zuckerberg said happily.
On if he still thinks he’s the best person to run Facebook: “Yes. Life is about learning from the mistakes and figuring out what you need to do to move forward … I think what people should evaluate us on is learning from our mistakes … and if we’re building things people like and that make their lives better … there are billions of people who love the products we’re building.”
On the Boz memo and prioritizing business over safety: “The things that makes our product challenging to manage and operate are not the trade-offs between people and the business. I actually think those are quite easy because over the long-term, the business will be better if you serve people. I think it would be near-sighted to focus on short-term revenue over people, and I don’t think we’re that short-sighted. All the hard decisions we have to make are trade-offs between people. Different people who use Facebook have different needs. Some people want to share political speech that they think is valid, and other people feel like it’s hate speech … we don’t always get them right.”
On whether Facebook can audit all app developers: “We’re not going to be able to go out and necessarily find every bad use of data,” Zuckerberg said, but confidently said, “I actually do think we’re going to be able to cover a large amount of that activity.”
On whether Facebook will sue Cambridge Analytica: “We have stood down temporarily to let the [U.K. government] do their investigation and their audit. Once that’s done we’ll resume ours … and ultimately to make sure none of the data persists or is being used improperly. And at that point if it makes sense we will take legal action if we need to do that to get people’s information.”
On how Facebook will measure its impact on fixing privacy: Zuckerberg wants to be able to measure “the prevalence of different categories of bad content like fake news, hate speech, bullying, terrorism … That’s going to end up being the way we should be held accountable and measured by the public … My hope is that over time the playbook and scorecard we put out will also be followed by other internet platforms so that way there can be a standard measure across the industry.”
On whether Facebook should try to earn less money by using less data for targeting: “People tell us if they’re going to see ads they want the ads to be good … that the ads are actually relevant to what they care about … On the one hand people want relevant experiences, and on the other hand I do think there’s some discomfort with how data is used in systems like ads. But I think the feedback is overwhelmingly on the side of wanting a better experience. Maybe it’s 95-5.”
On whether #DeleteFacebook has had an impact on usage or ad revenue: “I don’t think there’s been any meaningful impact that we’ve observed… but it’s not good.”
On the timeline for fixing data privacy: “This is going to be a never-ending battle. You never fully solve security. It’s an arms race,” Zuckerberg said early in the call. Then to close Q&A, he said, “I think this is a multi-year effort. My hope is that by the end of this year we’ll have turned the corner on a lot of these issues and that people will see that things are getting a lot better.”
Overall, this was the moment of humility, candor and contrition Facebook desperately needed. Users, developers, regulators and the company’s own employees have felt in the dark this last month, but Zuckerberg did his best to lay out a clear path forward for Facebook. His willingness to endure these questions was admirable, even if he deserved the grilling.
The company’s problems won’t disappear, and its past transgressions can’t be apologized away. But Facebook and its leader have finally matured past the incredulous dismissals and paralysis that characterized its response to past scandals. It’s ready to get to work.
Powered by WPeMatico
Cambridge Analytica is refuting a report by Facebook today that said Cambridge Analytica improperly attained data on up to 87 million users. Instead, it claims it only “licensed data for no more than 30 million people” from Dr. Aleksandr Kogan’s research company Global Science Research. It also claims none of this data was used in work on the 2016 U.S. presidential election when it was hired by the Trump campaign, and that upon notice from Facebook immediately deleted all raw data and began removing derivative data.
The whole statement from Cambridge Analytica can be found below. We requested a comment from Facebook about the incongruencies in the two companies’ positions, but the social network declined to comment.
The he-said-she-said of the scandal seems to be amplifying as Facebook continues to endure criticism about weak data privacy policies and enforcement that led to the Cambridge Analytica fiasco that’s seen Facebook’s market cap drop nearly $100 billion.
NEW DELHI, INDIA – OCTOBER 9: Co-founder and chief executive of Facebook Mark Zuckerberg gestures as he announces the Internet.org Innovation Challenge in India on October 9, 2014 in New Delhi, India. Zuckerberg is on a two-day visit to India aimed at promoting the internet.org app, which allows people in underdeveloped areas to access basic online services. (Photo by Arun Sharma/Hindustan Times via Getty Images)
Today Facebook announced the 87 million figure as a maximum number of people potentially impacted and said it would notify those users with an alert atop the News Feed. It also rewrote its Terms of Service today to clarify how it collects and works with outside developers, and announced sweeping platform API restrictions that will break many apps built on Facebook but prevent privacy abuses. Zuckerberg then held a conference call with reporters to give insight on all the news.
Cambridge Analytica has repeatedly denied assertions about interactions with Facebook data, but Facebook hasn’t backed down. Instead, Facebook has used Cambridge Analytica as an example of abuse it’s trying to combat, and as a justification for cracking down on developers both malicious and benign around the world.
Cambridge Analytica responds to announcement that GSR dataset potentially contained 87 million records
Today Facebook reported that information for up to 87 million people may have been improperly obtained by research company GSR. Cambridge Analytica licensed data for from GSR, as is clearly stated in our contract with the research company. We did not receive more data than this.We did not use any GSR data in the work we did in the 2016 US presidential election.
Our contract with GSR stated that all data must be obtained legally, and this contract is now a matter of public record. We took legal action against GSR when we found out they had breached this contract.When Facebook contacted us to let us know the data had been improperly obtained, we immediately deleted the raw data from our file server, and began the process of searching for and removing any of its derivatives in our system.
When Facebook sought further assurances a year ago, we carried out an internal audit to make sure that all the data, all derivatives, and all backups had been deleted, and gave Facebook a certificate to this effect.
We are now undertaking an independent third-party audit to demonstrate that no GSR data remains in our systems.
Powered by WPeMatico
Facebook is entering a tough transition period where it won’t take chances around data privacy in the wake of the Cambridge Analytica fiasco, CTO Mike Schroepfer tells TechCrunch. That’s why it’s moving up the shut down of part of the Instagram API. It’s significantly limiting data available from or requiring approval for access to Facebook’s Events, Groups, and Pages APIs plus Facebook Login. Facebook is also shutting down search by email or user name and changing its account recovery system after discovering malicious actors were using these to scrape people’s data. “Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way” Schroepfer writes.
Instagram will immediately shut down part of its old platform API that was scheduled for deprecation on July 31st. TechCrunch first reported that developers’ Instagram apps were breaking over the weekend due to a sudden reduction in the API call limit. Instagram refused to comment, leading to developer frustration as their apps that analyze people’s followers and help them grow their audiences stopped working.

Now an Instagram spokesperson tells TechCrunch that “Effective today, Instagram is speeding up the previously announced deprecation of the Instagram API Platform” as part of Facebook’s work to protect people’s data. The APIs for follower lists, relationships, and commenting on public content will cease to function immediately. The December 11th, 2018 deprecation of public content reading APIs and the 2020 deprecation of basic profile info APIs will happen as scheduled, but it’s implemented rate limit reductions on them now.
The announcements come alongside Facebook’s admission that up to 87 million users had their data improperly attained by Cambridge Analytica, up from early estimates of 50 million. These users will see a warning atop their News Feed about what happened, what they should do, and see surfaced options for removing other apps they gave permissions to. Facebook CEO Mark Zuckerberg plans to take questions about today’s announcements during at 1:00pm Pacific conference call.
Regarding the Facebook APIs, here’s the abbreviated version of the changes and what they mean:
Schroepfer says that Facebook’s goal is to lock things down, review everything, and then figure out which developers deserve access and whether any of the functionality should be restored. The announcements raise questions about why it took the Cambridge Analytica scandal for Facebook to take data privacy seriously. You can expect the House Energy and Commerce Committee may ask Mark Zuckerberg that when he comes to testify on April 10th.
Facebook CTO Mike Schroepfer
Facebook’s bold action to reform its APIs shows it’s willing to prioritize users above developers — at least once pushed by public backlash and internal strife. The platform whiplash could make developers apprehensive to build on Facebook in the future. But if Facebook didn’t shore up data privacy, it’d have no defense if future privacy abuses by outside developers came to light.
Schroepfer tells me Facebook is taking its responsibility super seriously and that company is upset that it allowed this situation to happen. At least he seems earnest. Last week I wrote that Facebook needd to make a significant act of contrition and humility if it wanted stabilize the sinking morale of its employees. These sweeping changes qualify, and could serve as a rallying call for Facebook’s team. Rather than sit with their heads in their hands, they have a roadmap of things to fix.
Still, given the public’s lack of understanding of APIs and platforms, it may be tough for Facebook to ever regain the trust broken by a month of savage headlines about the social network’s privacy negligence. Long-term, this souring of opinion could make users hesitant to share as much on Facebook. But given its role as a ubiquitous utility for login with your identity across the web, our compulsive desire to scroll its feed and check its notifications, and the lack of viable social networking alternatives, Facebook might see the backlash blow over eventually. Hopefully that won’t lead back to business as usual.
For more on the recent Facebook platform changes, read our other stories:
Powered by WPeMatico
Following the Cambridge Analytica scandal, users have flocked to their Facebook privacy settings to sever their connection to third-party apps that they no longer wanted to have access to their data. But deleting them all took forever because you had to remove them one by one. Now Facebook has released a new way to select as many apps as you want, then remove them in bulk. The feature has rolled out on mobile and desktop, and Facebook also offers the option to delete any posts those apps have made to your profile.
Facebook confirmed the launch to TechCrunch, pointing to its Newsroom and Developer News blog posts from the last few weeks that explained that “We already show people what apps their accounts are connected to and control what data they’ve permitted those apps to use. In the coming month, we’re going to make these choices more prominent and easier to manage.” Now we know what “easier” looks like. A Facebook spokesperson told us “we have more to do and will be sharing more when we can.” The updated interface was first spotted by Matt Navarra, who had previously called on Facebook to build a bulk removal option.

Facebook stopped short of offering a “select all” button so you have to tap each individually. That could prevent more innocent, respectful developers from getting caught up in the dragnet as users panic to prune their app connections. One developer told me they’d been inundated with requests from users to delete their data acquired through Facebook and add other login options, saying that the Cambridge Analytica scandal “really hurt consumer trust for all apps…even the good guys.” The developer chose to change its Terms of Service to make users more comfortable.
The bulk removal tool could make it much easier for users to take control of their data and protect their identity, though the damage to Facebook’s reputation is largely done. It’s staggering how many apps piggyback off of Facebook, and that we gave our data without much thought. But at least now it won’t take an hour to remove them all.



Powered by WPeMatico
Without warning, Instagram has broken many of the unofficial apps built on its platform. This weekend it surprised developers with a massive reduction in how much data they can pull from the Instagram API, shrinking the API limit from 5,000 to 200 calls per user per hour. Apps that help people figure out if their followers follow them back or interact with them, analyze their audiences or find relevant hashtags are now quickly running into their API limits, leading to broken functionality and pissed off users.
Two sources confirmed the new limits to TechCrunch, and developers are complaining about the situation on StackOverflow.
In a puzzling move, Instagram is refusing to comment on what’s happening while its developer rate limits documentation site 404s. All it would confirm is that Instagram has stopped accepting submissions of new apps, just as Facebook announced it would last week following backlash over Cambridge Analytica. Developers tell me they feel left in the dark and angry that the change wasn’t scheduled or even officially announced, preventing them from rebuilding their apps to require fewer API calls.
Third-party Instagram platform apps like Reports+ provide users analytics on their audiences, but are breaking due to the new API limits
Some developers suspect the change is part of Instagram parent company Facebook’s scramble to improve data privacy in the wake of its non-stop string of data scandals. In the past week, Facebook announced it was shutting down Partner Categories ad targeting based on third-party data brokers. TechCrunch reported that Facebook also plans to require businesses to pledge that they have consumers’ consent to attain their email addresses, which they use for ad targeting through Custom Audiences.
Most public backlash has focused on #DeleteFacebook and ignored its subsidiaries like Instagram and WhatsApp. But Instagram may hope to prevent the virus of distrust from infecting its app too by cutting the API call limit to 1/25th of its previous volume.
Causing this kind of platform whiplash could push developers away from the Instagram ecosystem, not that the company was too keen on some of these apps. For example, Reports+ charges $3.99 per month to give people analytics about their Instagram followers. Sensor Tower tells TechCrunch that Reports+ has grossed more than $18 million worldwide since October 2016 on the App Store and Google Play, and made more than $1.2 million last month alone.

Instagram might have understandably seen these apps as parasitic, charging users for unofficial functionality or encouraging audience growth hacking that can lead to spam. In January, Instagram announced it would shut down the old API over the next two years, starting with removing the ability to pull a user’s follower list and follow/unfollow people on their behalf on July 31st. Instagram has been slowly trying to clean up its platform for years, having previously threatened legal actions against derivative apps with “Insta” or “Gram” in their names in 2013, and shut down its feed API in 2015 that allowed for unofficial Instagram feed-reading apps.
Instagram is now pushing developers on a much more restrictive platform that only lets approved partners post at users’ behest, and that can only pull mentions of and analytics about business accounts. These changes were slated to kill many of the apps broken by this weekend’s API limit reductions.
But at least developers were given fair warning about the July 31st deadline. The problem is exacerbated by the fact that Facebook put a pause on reviewing any new applications last Monday as it tries to shore up data privacy safeguards in the wake of Cambridge Analytica . Instagram confirms to TechCrunch that the moratorium on app submissions extends to Instagram’s new Graph API, but wouldn’t explain anything about the API limits. So Instagram is breaking old apps while not allowing developers to submit new, compliant ones.

“Instagram’s lack of communication is frustrating to me because now I’m scrambling to update my apps and dealing with loads of unhappy customers,” a developer told me on the condition of anonymity. “If I had had a month to prep for this, I could’ve tweaked things so that limit was harder to reach. I’d be more frugal with my requests. What happened is all of a sudden, I’m getting dozens of emails, DMs on Instagram, with people saying the app’s not working.”
While Facebook is wise to scrutinize apps pulling in lots of user data, doing so without warning or even an announcement is how Facebook hurt its relationships with developers circa 2009 as it tried to rapidly reign in spammy virality. Facebook is enduring a crisis of conscience regarding whether its apps can be misused as weapons by those trying to interfere with elections or just exploit our data for profit.
But as the owner of some of the world’s most popular developer platforms, it’s worrying to see it flail and thrash this way. If Facebook and Instagram can’t even communicate changes to its policies with proper procedure and transparency, it’s hard to imagine it’s composed enough to firmly and fairly enforce them.
For more on Facebook and Instagram’s troubles, check out our feature pieces:
Powered by WPeMatico