Facebook investigated by the ICO and US Congress for huge data breach

PromoVeritas March 22, 2018

Mark Zuckerberg has issued a statement addressing the platform’s biggest ever data breach, a crisis that has sent Facebook shares plummeting and triggered investigations by the US Congress and the UK’s Information Commissioner.

The personal information of over 50million individuals was improperly used by data analytics experts Cambridge Analytica to build a system that could profile voters and target them with political messages during the US elections. In a post today Zuckerberg acknowledges that Facebook made mistakes and promised to act to fix the problem. He admitted “we have a responsibility to protect your data, and if we can’t do that we don’t deserve to serve you.

The Information Commissioner’s Office is currently applying for a warrant to allow them access to Cambridge Analytica’s servers and has ordered Facebook’s own auditors to stand down from their investigations. Elizabeth Dehham, the Information Commissioner told Channel 4 news “…we need to look at databases, we need to look at servers, and understand how data was processed or deleted by Cambridge Analytica. There are a lot of conflicting stories about the data.”

Alexsandr Kogan created an app called ‘thisisyourdigitallife’ which gathered user’s data using psychological tests. This data was allegedly passed on to Cambridge Analytica who developed their data mining software with it. Christopher Wylie, a whistle-blower for the company, regretfully told the Observer how “…we exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons.”

Meanwhile, Tim Berners-Lee, the inventor of the world wide web took to Twitter today to offer Zuckerberg some sound advice “I can imagine Mark Zuckerberg is devastated that his invention has been abused and misused…I would say to him: You can fix it. It won’t be easy but if companies work with governments, activists, academics and web users we can make sure platforms serve humanity.”

He also offers this wisdom to everyone – and with the shadow of GDPR looming it is very sage; “General rules for us all: Any data about me, wherever it is, is mine and mine alone to control. If you are given that data for one purpose, use it for that purpose alone.”

With that thought in mind find out what more you could be doing to get ready for GDPR at our free Be in the know: GDPR for Marketers Breakfast Briefing on 25th April 2018 at Langan’s Brasserie, London W1. To reserve a place or to find out more about our GDPR services contact info@promoveritas.com or call +44 203 325 6000.

Photo credit: JD Lasica

« GDPR UPDATE: Do you need to pay the ICO’s new Data Protection charges? How to run a successful competition – our breakfast briefing »

Cookie	Duration	Description
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
_ga	0	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gat_UA-15728851-3	0	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gid	0	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
bcookie	0	1 year	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
bscookie	1	1 year
csrftoken	0	11 months	This cookie is associated with Django web development platform for python. Used to help protect the website against Cross-Site Request Forgery attacks
GPS	0	30 minutes	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location
IDE	1	1 year	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
ig_did	1	1 year
ig_nrcb	0	1 year
lang	0		This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
li_sugr	0	2 months
lidc	0	1 day	This cookie is set by LinkedIn and used for routing.
lissc	0	1 year
mid	0	1 year	The cookie is set by Instagram. The cookie is used to distinguish users and to show relevant content, for better user experience and security.
test_cookie	0	11 months
u	0	2 months
UserMatchHistory	0	1 month
VISITOR_INFO1_LIVE	1	5 months	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	1		This cookies is set by Youtube and is used to track the views of embedded videos.