Six Degrees Of Surveillance
March 18, 2018 10:01 AM   Subscribe

In the latest Facebook data breach, Cambridge Analytica, a data analytics firm founded by Alexander Nix, which specializes in public influence campaigns, was commissioned by Stephen Bannon (who was in turn bankrolled by Robert Mercer) to collect and analyze data on Facebook users. CA adapted an online survey tool developed by academic Aleksandr Kogan. If a Facebook user opted in to the survey, for a small reward, the tool scraped not that user's profile, but the profiles of everybody that user was connected with. As former CA employee and whistleblower Christopher Wylie puts it, the process "scaled well." For relatively small outlay, CA were able to collect the profiles of 50-60+ million Facebook users for Bannon, to then be used for targeted political advertising.

Wylie interview with The Guardian: https://www.youtube.com/watch?v=FXdYSQ6nu-M
Wylie interview with Channel 4 News: https://www.youtube.com/watch?v=zb6-xz-geH4

Facebook denies that a data breach occurred.
posted by carter (115 comments total) 49 users marked this as a favorite
 
Prediction - we're going to see a whole sector whose business model is based on the ability of advertising to manipulate people's behavior start to backpedal and claim that this isn't a big deal because they can't actually manipulating people's behavior - right?
posted by entropone at 10:09 AM on March 18, 2018 [20 favorites]


"Facebook denies that a data breach occurred."

Well, yeah, because it wasn't technically a *breach*. Scraping profiles may or may not have been a ToS violation, but they didn't break into FB's systems to get it.

One thing this kind of operation shows is why it's so important to carefully curate what you allow on any social media profile; if you don't want it potentially being made public, or being used against you by unknown third parties in a future data mining operation, then simply remove it. That means posts, comments, tags, likes, etc. If you don't want it being used by FB either (or whatever social media service and their many unnamed partners and affiliates) for their own internal data mining, then don't post it in the first place.
posted by mystyk at 10:10 AM on March 18, 2018 [13 favorites]


Facebook CEO had brushed aside charges that Facebook had had an impact on the race, calling it a “pretty crazy idea” and saying that voters “make decisions based on their lived experience”

Thereby confirming that Facebook users are zombies?
posted by StickyCarpet at 10:10 AM on March 18, 2018 [3 favorites]


Facebook CEO had brushed aside charges that Facebook had had an impact on the race, calling it a “pretty crazy idea”

God I love this. His choices are “my core product offering of targeted advertising based on immense amounts of personal data is actually completely fucking worthless”

Or

“We committed treason”

Sleep easy, Mark, you exploitive piece of shit.
posted by schadenfrau at 10:16 AM on March 18, 2018 [90 favorites]


mystyk, that's an interesting point. But I'm assuming that what qualifies as a breach will also vary from jurisdiction to jurisdiction as well?
posted by carter at 10:20 AM on March 18, 2018 [1 favorite]


The Guardian reporting is from the point of view of outrage, like "how dare the politicians do this thing?" But you can bet they absolutely are going to continue doing this thing, and a lot more of it, whether Facebook helps them or not. There's plenty of non-brand-name third party trackers and data services out there than can do mostly the same things. And the marketing and advertising world is way ahead on targeting individual consumers already, in retrospect it's obvious that political campaigns will do it too. My big question now is why the Clinton campaign didn't do more of it in 2016.

A related topic that I bring up every chance I can; gerrymandering and congressional districts. The Republicans did a very effective thing in 2010 called REDMAP that is quite similar, using precise demographic detail to sort small groups of 20-50 voters into different districts. It's well documented in the book Ratf**ked (review, author interview). 2020's districting is only going to be more sophisticated, integrating people's online marketing profiles into the gerrymandering plan. There's some hope the Supreme Court will rein some of the most egregiously partisan gerrymandering but even that's not certain.
posted by Nelson at 10:35 AM on March 18, 2018 [8 favorites]




carter, not really, or at least not the way you may be imagining.

Breach, in computer terms, is a pretty well-understood concept: bypassing security measures to gain unauthorized access to data generally not intended to be exposed. Note, I didn't say that it had to be fully public to be considered "exposed;" rather, the key difference is usually over things that are not supposed to be accessible at all (at least generally) from the open internet. Sometimes a breach is low-tech, as when a company accidentally leaves open access to the DB from a settings page on their webserver, and it gets stumbled upon; other times it involves using software or hardware exploits to gain access to the data, password-cracking or social engineering on corporate users with above-standard privileges to internal company LANs, etc.

But the key here is that no cogent definition of "breach" fits what CA did. They promoted a survey, and asked people the same kinds of things that all the other internet quizzes on FB do: for access to the data of the user's account. Once someone *gave* that access willingly, whether they realized how expansive it was or not, the system could load up their pages (as well as their friends) and see everything the user who authorized could. Hence why it was "scraping" - they just downloaded a copy of all the visible data from people's profiles, but they weren't attempting to access stuff those users couldn't already view.

Now, in many cases, this kind of scraping can be against the Terms of Service, and there can be legal sanctions depending on those terms, but they didn't download anything that wasn't exposed (even if only to the people who granted access) and they didn't break into any computer systems to get the info.

What you may be thinking of is that some places have cybersecurity laws that are written in fairly crappy ways, such that they can criminalize even perfectly appropriate online behavior. While that does happen, that's not normally recognized as a "breach" so much as that legislators don't have the technical expertise to do much better.
posted by mystyk at 10:44 AM on March 18, 2018 [9 favorites]


This is some Jack Kirby level shit - "Dr Kogan – who later changed his name to Dr Spectre, but has subsequently changed it back to Dr Kogan – is still a faculty member at Cambridge University, a senior research associate."
posted by stevil at 10:54 AM on March 18, 2018 [28 favorites]


The Guardian exposed SCL/ Camrbidge Analytic in this exhaustive examination from May of 2017 on the Brexit vote: The great British Brexit robbery: how our democracy was hijacked

From the article: SCL Elections, went on to be bought by Robert Mercer, a secretive hedge fund billionaire, renamed Cambridge Analytica, and achieved a certain notoriety as the data analytics firm that played a role in both Trump and Brexit campaigns.

(Robert Mercer and his daughter Rebecca own and run Breitbart News financing Steve Bannon's wooing of the alt-right before and after Trump's election.)

SCL/Cambridge Analytica/Robert Mercer was intially paid $750, 000 by the Ted Cruz campaign for psychographic profiles, whom Mercer was backing before Trump became the front runner.
posted by Skygazer at 11:00 AM on March 18, 2018 [5 favorites]


The situation isn't a "data breach," but frankly, Facebook might be better off if it had been, if this WaPo piece is anything to go by. It features an interview with David Vladeck, "who as the director of the FTC’s Bureau of Consumer Protection oversaw the investigation of alleged privacy violations by Facebook and the subsequent consent decree resolving the case in 2011."
Vladeck, now a professor at Georgetown Law, said violations of the consent decree could carry a penalty of $40,000 per violation, meaning that if news reports that the data of 50 million people were shared proves true, the company’s possible exposure runs into the trillions of dollars. Vladeck said that such a fine is unlikely but that the final penalty still could be very large.

“That’s the maximum exposure, though it’s not clear to me that the agency would insist on that kind of a penalty,” he said.
posted by halation at 11:05 AM on March 18, 2018 [12 favorites]


"Dr Kogan was turned down by Dr Kosinski, he established his own company called Global Science Research Ltd in May 2014. It also reported that he began working with SCL to deliver a 'large research project' in the United States, His stated aim was to get as close to every U.S. Facebook user into their dataset as he could. He used Mechanical Turk (MTurk), which is Amazon’s crowdsourcing marketplace, to access Facebook profiles. He recruited MTurk users, by paying them around a dollar to take a personality questionnaire that also gave access to their Facebook profiles. He promised that their Facebook data would 'only be used for research purposes' and would remain 'anonymous and safe'."
posted by Skygazer at 11:16 AM on March 18, 2018 [4 favorites]


Now, in many cases, this kind of scraping can be against the Terms of Service

In English law (and this took place in England), and indeed the law of every EU country, it's definitely a straight out breach of the Data Protection Act. So it might not be a computer breach, but it's straight out illegal. Consent has to be given for data sharing. The Data Protection Act has tiny sanctions (a maximum fine of £500,000), compared to what's going to replace it (in a week's time): the GDPR (General Data Protection Regulation), which has a maximum fine of €20,000,000 or 4% of global turnover (i.e. $1.6 billion, in Facebook's case). That, one hopes, is enough to concentrate the mind, in the same way that European Commission vs. Microsoft changed Microsoft so much.
posted by ambrosen at 11:20 AM on March 18, 2018 [19 favorites]


Somehow this reminds me of the launch of Google+.
When I logged in I was presented with exclusively English/American names. Which was rather strange since I'm Dutch myself.
Apparently Google had harvested metafilter as a social network. Hoping to bootstrap Google+.
I guess it turned out otherwise.
posted by jouke at 11:20 AM on March 18, 2018 [2 favorites]


"Dr Kogan – who later changed his name to Dr Spectre, but has subsequently changed it back to Dr Kogan

Oh come on, if you're going to go making up satire based on this perhaps choose something other than the literal Bond movie baddies "SPecial Executive for Counterintelligence, Terrorism, Revenge and Extortion". Something even a tiny bit less on the nose makes it more belie....

OH FFS.
posted by Buntix at 11:23 AM on March 18, 2018 [14 favorites]


That means posts, comments, tags, likes, etc

It doesn’t even take that level of interaction to become a viable data point. Simple Venn diagramming of your social circles would yield highly probable results.
posted by P.o.B. at 11:51 AM on March 18, 2018 [3 favorites]


Tamsin Shaw, an associate professor of philosophy at New York University, helps me understand the context. She has researched the US military’s funding and use of psychological research for use in torture. “The capacity for this science to be used to manipulate emotions is very well established. This is military-funded technology that has been harnessed by a global plutocracy and is being used to sway elections in ways that people can’t even see, don’t even realise is happening to them,” she says. “It’s about exploiting existing phenomenon like nationalism and then using it to manipulate people at the margins. To have so much data in the hands of a bunch of international plutocrats to do with it what they will is absolutely chilling.

“We are in an information war and billionaires are buying up these companies, which are then employed to go to work in the heart of government. That’s a very worrying situation.”
posted by Skygazer at 12:11 PM on March 18, 2018 [21 favorites]


It pisses me off so much when my friends take those stupid quizzes and give away my data without my consent. These are generally smart folks and yet they don't see that these poorly designed websites don't offer these quizzes for nothing. Buzzfeed does basically the same thing with their 'rate these brands and we'll guess how old you are!" quizzes, though I'm decently confident that's marketing research for e.g. Target and not for political parties. Decently confident, not entirely confident. Who knows what Target is doing with it.
posted by AFABulous at 12:48 PM on March 18, 2018 [3 favorites]


Well, yeah, because it wasn't technically a *breach*.

Its amazing how many outlets/pundits don't seem to understand this (seemingly?) important distinction.
posted by BigBrooklyn at 1:25 PM on March 18, 2018 [1 favorite]


carter: “mystyk, that's an interesting point. But I'm assuming that what qualifies as a breach will also vary from jurisdiction to jurisdiction as well?”
This Jessica Kia tweet from a couple of weeks ago implies that basically everyone on Facebook and Instagram potentially had their personally identifying information stolen via an error in the ad targeting system. Facebook tried to make it seem like everything was okay, pushing back in the original thread from @d1gi that the hole had been patched in December.

Point being, I shoulda been a farmer.
posted by ob1quixote at 1:36 PM on March 18, 2018 [3 favorites]


Cf. “Researchers Discovered Data Leak In Facebook’s Ad Software,” Steven Melendez, Fast Company, 06 March 2018
posted by ob1quixote at 1:43 PM on March 18, 2018 [1 favorite]


ob1quixote. This Jessica Kia tweet from a couple of weeks ago implies that basically everyone on Facebook and Instagram potentially had their personally identifying information stolen via an error in the ad targeting system. Facebook tried to make it seem like everything was okay, pushing back in the original thread from @d1gi that the hole had been patched in December.


There's not doubt that FB's and Twitter's involvement is much deeper and egregious than they're letting on. To me it seems like they're trying to run out the clock, releasing little bits of daming information little by little, knowing that they're being protected by a WH and GOP who doesn't really want to put a true spotlight on what happened.

There was an individual who worked very closely with Dr. Alexsandr Kagan (Spectre..pfft) at GSR or BDI scraping personal info and creating psychographic datasets that went on to be hired at Facebook book as a data specialist. HE has a Facebook bio page too. I can't locate his name anymore, but FB is way deep on this...they literally provided the Cambridge Analytica data "war room" at Trump HQ with in house FB data engineers to make the most of the datasets. But that's the kind of extra special treatment you get from Facebook for spending $85 million on data services and political ads....
posted by Skygazer at 1:51 PM on March 18, 2018 [6 favorites]


Oh, one last thing...it's been my suspicion for a while now that someone at the Trump campaign or CA, found a way to feed the datasets to Russian Intel.
posted by Skygazer at 1:53 PM on March 18, 2018 [1 favorite]


This really wasn’t a breach, but Facebook’s defense to that effect - which amounts to “they didn’t steal it, we GAVE it to them!” - is stunningly bald-faced. I mean, sure. True. But... is it actually better to say that Facebook happily gives this kind of data away every day?
posted by koeselitz at 2:52 PM on March 18, 2018 [2 favorites]


Facebook knew about this in 2015.
posted by Twang at 3:59 PM on March 18, 2018 [4 favorites]


The Guardian reporting is from the point of view of outrage, like "how dare the politicians do this thing?" But you can bet they absolutely are going to continue doing this thing, and a lot more of it, whether Facebook helps them or not. There's plenty of non-brand-name third party trackers and data services out there than can do mostly the same things.

Excellent points. I agree that the outrage seems to be running ahead of the severity of the transgression; or, at the very least, these practices are so pervasive such that a consistent condemnation of of the practice (ToS violations, targeted advertising for political purposes, or whatever) will end up indicting many, many more actors than perhaps originally intended. Indeed, I am aware of a much larger targeted advertising operation that is using Facebook's social network data on a much larger scale than Cambridge Analytica could ever dream of. It's called... Facebook.

My big question now is why the Clinton campaign didn't do more of it in 2016.

Even if they didn't, social-media data-collection efforts to get an advantage in a political campaign are certainly not new. See this article, for instance, about Obama's 2012 campaign:
Reed’s mission is simple but ambitious: Assemble a data-mining infrastructure that allows the campaign to determine which voters to target and how to do it on a scale and scope that’s never been seen before. It’s part of a new, data-driven shift in the way campaigns are run. Think of it as the smart campaign.
...
But perhaps nothing has changed the game for political microtargeters more than the ubiquity of social networks. Privacy rules, which vary from site to site, technically render a lot of data inaccessible; Facebook’s terms of use limit the extent to which outside groups can mine the site. But the Obama campaign has found ways around those barriers too. One of the campaign’s most useful innovations in 2008 was to create a social-media platform, My.BarackObama.com, that encouraged its 2 million members to log in with their Facebook accounts. Those who did consented to the campaign’s harvesting some of their Facebook data.
posted by Noisy Pink Bubbles at 4:06 PM on March 18, 2018 [4 favorites]


Your personal data on Facebook is only as safe as your most gullible friend is resistant to answering a quiz that determines which Power Puff girl they are.
posted by simra at 5:33 PM on March 18, 2018 [20 favorites]


Anyone who’s posting that any of this is OK has their head so far up the advertising/mass-surveillance-and-manipulation-industry’s hind end they can see Mark Zuckerberg‘s heels.

In a society that decides any of this is OK, Democracy might be the name on the product but it has nothing to do with what’s now in the tin.
posted by namasaya at 8:58 PM on March 18, 2018 [4 favorites]


You're just confusing New Improved Democracy™! with Democracy Classic.
posted by flabdablet at 10:08 PM on March 18, 2018 [2 favorites]


The choice of every writer to call this a "breach" is, in my view, great for Facebook. If it's a breach, then it's an unauthorized access that went against Facebook's policies and Facebook tries to protect our sensitive data such that any access like this should be classified as a breach. The casual news follower hears about this breach and thinks, well, Cambridge Analytica is bad because it breached into Facebook, but now that it's banned, everything is ok and it's time to move on.

The "breach" language in every headline is really doing a disservice to the public who doesn't realize this level of access has in fact been within Facebook's policy and Facebook doesn't give a damn about your personal data.
posted by hexaflexagon at 10:23 PM on March 18, 2018 [7 favorites]


Yep. Even MeFi's $5 barrier for access to PII in profiles works better than Facebook's privacy model.
posted by flabdablet at 10:31 PM on March 18, 2018 [3 favorites]


For a relatively small outlay, Cambridge Analytics were able to collect the profiles of 50-60+ million Facebook users for Bannon, to then be used for targeted political advertising.

It’s an insult to voters to think they have no agency and that political advertising, however subliminal, or foreign interference is all that is needed to sway an election.

This article seems to me about data privacy rather than politics, and why people feel compelled to feed the FB beast by exposing themselves publicly.
posted by Kwadeng at 12:21 AM on March 19, 2018


Fabulous, two of my great dislikes together at last: Facebook and confused reporting on privacy / data protection. It was initially a good thing for Facebook that the word breach appeared in headlines because in strict security terms it isn't a breach. That does leave Facebook in the awkward position of now having to admit that their system was working as intended.

What this will do over the next few months is highlight the widening gulf between privacy protections in the US and those in Europe and the rest of the world. As mentioned above, Europe's General Data Protection Regulation comes into effect soon (it's at the end of May, not this week.) This is the most-lobbied piece of legislation ever to pass through the European parliament. While the large fines have attracted the most media attention they're not at all the most significant aspects. Individuals have a lot of rights under the GDPR, many of them not even new - I'm sure most people here have heard of the right to be forgotten. The awareness of these rights is going to increase hugely, which will lead over time to far more people exercising these rights.

Under current European laws (the UK Data Protection Act in this case) this is most certainly a personal data breach. The muddled reporting is to my mind a result of these differences between the US and the rest of the world when it comes to individuals' rights and enforcement, and also data privacy being a field that has been left to security and legal people to deal with, neither of whom regard it as their core function. So you end up with the former being interested in whether their systems have been penetrated and the latter producing impenetrable legalese hidden away in a dusty corner of a website.

The GDPR deals with both of these quite explicitly. There are six principles which the regulation is built around. Only one of these is concerned with security i.e. security is important but fairness, transparency, specific purpose, only collecting as much data as is needed for that purpose, not passing personal data on to third parties without notification, only keeping personal data for as long as is necessary to do what you need to do with it and so on are all equally important.

The GDPR introduces an overarching accountability principle - “the controller shall be responsible for, and be able to demonstrate, compliance with the principles.” Compliance has to be demonstrated to the individuals whose data is being collected as well as the data protection authorities. This has to be done using plain language a thirteen year old can understand and cannot be hidden away in a larger terms and conditions document. So if you're an organisation collecting my personal data and you don't tell me simply and straightforwardly who you are, what data you're collecting, what legal basis you have for collecting this data, what you're doing with the data, who you're sharing it with, whether you're moving it outside the EEA and how long you're keeping it for then you're not compliant with the law. That kills off the lengthy legalese.

The US is an outlier in not having a data protection legal framework and a dedicated data protection authority. ~120 countries have data protection laws and ~100 of these have data protection authorities with varying amounts of enforcement powers.
posted by o seasons o castles at 1:27 AM on March 19, 2018 [27 favorites]


The video interview with Chris Wylie on the Guardian site is worth a watch for his own explanations - as well as for his impression of Nix.

I think that the fundamental behaviour of Facebook's API - Charlie can have his data passed to Alice, without his knowledge or permission, because Alice is able to convince his friend Bob to fill in a survey - was (and probably still is) the major issue here. Particularly when this is done internationally and in the context of retrieving information for political campaigns. There are clear breaches of European data protection and various political campaigning rules here. The lies told by Facebook and CA when asked about this - compound the offence.
posted by rongorongo at 1:39 AM on March 19, 2018 [1 favorite]


It’s an insult to voters to think they have no agency and that political advertising, however subliminal, or foreign interference is all that is needed to sway an election.

It's only an insult to that small proportion of voters who know and/or care so little about the issues and their local candidates that political advertising is what they base their voting intentions upon.

And it's a demonstrable fact that there exist marginal electorates where such eminently insult-worthy voters exist in sufficient numbers to determine the outcome.
posted by flabdablet at 4:18 AM on March 19, 2018 [2 favorites]


Essentially in the old Facebook API (Graph 1.0), a user who gave an app full access gave full access not just to their profile but to everything they could see - including the profiles of all their friends. Mass downloading these profiles was a ToS breach and there were rules around how long you were allowed to retain any data on your own servers but there was no programmatic protection against doing this.

New FB API doesn't allow this, although there a lot of other troubling things you can do with either by design or negligence.

It's clear that what they paid for was:
1) A few hundred thousand FB profiles + psychographic (big 5) tests + IQ tests for which they paid people. Which is creepy but probably not illegal.
2) The profile data for all those people's FB friends. This violated FB's ToS and was illegal under the data protection laws of many countries.

What's not clear to me is what CA did with the data after they got it.

Did they build a model that linked FB likes and other data to psychographic data which then lets them link FB likes -> to psychographic profile -> advertising targeting? That might explain their claims that they don't have the FB data - they built the model and then discarded the data as no longer necessary.
They may have kept an enormous amount of dimensionally reduced targeting data without keeping the original profiles.

One of the most interesting things I learned from reading Chaos Monkeys is how what we think of as our really private data - our pictures, comments, posts, and private messages - are almost useless to advertisers (or to political operatives). Likes and Shares are both easier to analyse and better predictors of buying and voting behaviour. The most valuable information for any advertiser of course is your buying behaviour which is why facebook makes its money from allowing advertisers to track you across the web and retarget advertising so that you're haunted by ads for a yoga mat you already bought for weeks afterwards.

Here's the Kosinski paper from 2013 which linked Facebook likes and personality.

I'd guess that tested potential FB ads against focus groups who had already been psychographically profiled and determined which messages tested well with which attributes, then they used FB's own advertising API to target messages to people whose Likes indicated that they matched the desired profile.

This micro-targeting within political parties seems to be highly effective in countries like the UK and US where FPTP voting systems drive voters who may have different interests and very different personalities into a small number of parties. In the UK for instance "openness" was strongly associated with Greens (+ve) and UKIP (-ve) but moderately +ve with Labour voters. This could be because Labour voters are all slightly open or it could be because some are very open and others are the opposite. Notably when you look at the Brexit vote, it seems that Openness is strongly associated with Remain and predicts Brexit voting behaviour much better than Labour party affiliation.

UK personality traits and party affiliation

EU referendum vote and personality traits
posted by atrazine at 5:39 AM on March 19, 2018 [10 favorites]


NBC News @NBCNews
“Cambridge Analytica was meeting with Corey Lewandowski in 2015 before Trump had even announced and offering the services that I’m talking about right now,” whistleblower Christopher Wylie said

Cambridge Analytica whistleblower says company worked with Corey Lewandowski, Steve Bannon
In a live interview with TODAY’s Savannah Guthrie, Christopher Wylie, a former employee of British-based company Cambridge Analytica, says the company misused personal Facebook data of some 50 million people to help influence the 2016 presidential election. Wylie says the company met with former Trump campaign manager (and current outside adviser) Corey Lewandowski, former chief strategist Steve Bannon as well as Russian oil companies.
posted by Doktor Zed at 5:41 AM on March 19, 2018 [5 favorites]


FB's response is that "We did all we could at the same time" and that they were lied to. If they said "We had technical security measures in place" and these measures were bypassed in order to access data, then it would be considered a breach.

But then isn't this is a 'social engineering' equivalent of a technical breach? - With the system that is being socially engineered by Cambridge Analytica (that is, FB's app review process: "You have to promise us not to share the data you obtain ...") being extremely weak in the first place? FB's "We made people double promise not to pass on their data to third parties" is not really any form of security at all. And it was easily breached.
posted by carter at 5:59 AM on March 19, 2018 [2 favorites]


Potentially dumb question: If *I* (or my company) promise to not share your data, then my company is sold, does the purchasing company have to respect that for already owned data? If one of the assets that was purchased was my database, and the new boss demands I start working on something that might not be legitimate usage, am I supposed to know that? I am an engineer who was given specs by a product designer, and have no involvement with legal, don't know the contracts that were agreed to originally, or what the relationship is with the new owners

Basically, if you 'store data', someone's going to sell it. And someone's going to buy it. Then, they may use it badly, even illegally, and they may (will) cause a lot of damage before the lawyers get around to stopping it.
posted by DigDoug at 6:14 AM on March 19, 2018


I would think that whoever signs the contracts, is then responsible for audit and oversight in the company, and this then gets transferred to the relevant office in the new (purchasing) company. If you did not sign anything, I'd hope that you don't have any responsibilities, nor are required to have any specific knowledge. But I Am Not A Corporate Lawyer, etc.
posted by carter at 6:35 AM on March 19, 2018


Purchasers of defunct startups and other consumer data are bound by the terms that users agreed to before/when they provided their data. The sad truth is that in the majority of cases this is impossible to enforce.
posted by simra at 7:53 AM on March 19, 2018 [2 favorites]


This great Forbes article makes several essential points, including:

- Ted Cruz's presidential campaign relied on the same firm and data as Trump's campaign, so these methods are clearly not an automatic ticket to victory
- user nonconsent or unawareness is, unfortunately, the norm with how Facebook/researchers use social network data
- use of big data in political campaigns has gone from being lauded in 2008 to cursed in 2016

The article's conclusion:
Putting this all together, casting Cambridge Analytica as a villain gone rogue with “breached” data from Facebook offers a simple cathartic response to a world the press and public are struggling to understand, but it could not be further from the truth. Everything the company stands accused of (which again it strenuously denies) are simply what academics at universities all across the world do every day with the full knowledge and approval of their ethical oversight boards. Granting agencies like NSF routinely fund the research, IRBs approve it without question (typically treating it as “exempt”) and the top journals publish it. Indeed, Facebook itself has its own active research program, which as the Australian press leak demonstrates, is conducted under strict secrecy and according to the company itself, may occur without its knowledge or approval. Even when violations are brought to their attention, the companies will at best merely confirm the violations, either dismissing them as minor “oversights” or in the case of external researchers, apparently taking no action at all. It is little wonder then that social media data has found such a place in modern research and may have played such a pivotal role in the 2016 election, or as the Cruz campaign discovered, perhaps no role at all. All in all, it is remarkable how in the space of just 8 years data has gone from hero to villain in the world of campaigning, raising questions of whether this will be a tipping point against social media or just another brief bump in the road to quickly wash away. In the end, instead of holding Cambridge Analytica up as a villain, if society at large has concerns about how their Facebook social media personas can be used to monitor and potentially manipulate them, they should take a closer look at the platform that makes it all possible: Facebook.
posted by Noisy Pink Bubbles at 7:53 AM on March 19, 2018 [7 favorites]


I've stopped being surprised whenever there's a Malaysian connection now, but apparently out of 4 listed SCL addresses, one is in KL, to the surprise of the property owner
posted by cendawanita at 9:14 AM on March 19, 2018


I agree that the outrage seems to be running ahead of the severity of the transgression ...

I was skeptical of the efficacy of Cambridge Analytica's methods in '16 and it still isn't obvious to me just how much of their work was effective and how much was merely grift-fueled data wankery, but "I'm outraged by the outrage" seems an odd take here. Even if CA is guilty of nothing more than ethical and TOS violations, the outrage seems equal to the transgressions.

See this article, for instance, about Obama's 2012 campaign:

That's the same piece Cambridge Analytica has been circulating to try to take the heat off. Michael Simon, chief of the Obama 2008 data-driven microtargeting team replied "... We didn’t steal private Facebook profile data from voters under false pretenses. OFA voluntarily solicited opinions of hundreds of thousands of voters. We didn’t commit theft to do our groundbreaking work."

I can see why Cambridge Analytica would like to minimize the outrage or point fingers at someone else. They're in deep shit. I don't know what's in it for anyone else.

And, no, that doesn't excuse Facebook in any way. It looks like they're up to their ass in it as well.
posted by octobersurprise at 11:53 AM on March 19, 2018 [7 favorites]


Channel Four news, here in the UK, have just shown a hidden camera interview expose on CA. It makes for somewhat interesting viewing.
posted by Wordshore at 12:24 PM on March 19, 2018 [5 favorites]


yeah so i think we can go ahead and call CA 'a villain gone rogue' now
which is not to say that facebook's not also villainous
posted by halation at 1:04 PM on March 19, 2018 [1 favorite]


The boss of Cambridge Analytica, the analytics firm at the centre of an international storm over the misuse of Facebook user data, has been caught on camera bragging about how the company could blackmail political candidates with sex workers, and telling a prospective client that it has been secretly operating around the world to campaign in elections.

... On Monday evening, Channel 4 broadcast undercover footage from four meetings across three months, with Nix telling the reporter that one of the services of Cambridge Analytica could be to “send some girls around to the candidate’s house”, adding that Ukrainian girls “are very beautiful, I find that works very well”.
But, yeah, nothing to see here. The outrage is totally running ahead of the severity of the transgression ...
posted by octobersurprise at 1:30 PM on March 19, 2018 [4 favorites]


Mr. Nix (who is not a Bond villain, despite his name) admits "that on this occasion he misjudged the situation: 'In playing along with this line of conversation, and partly to spare our ‘client’ from embarrassment, we entertained a series of ludicrous hypothetical scenarios. I am aware how this looks, but it is simply not the case. I must emphatically state that Cambridge Analytica does not condone or engage in entrapment, bribes or so-called ‘honeytraps’, and nor does it use untrue material for any purpose.'"
posted by Doktor Zed at 1:59 PM on March 19, 2018 [1 favorite]


An undercover sting by Channel 4 News has revealed that executives from Cambridge Analytica boasted that they could entrap politicians with Ukrainian sex workers, offer bribes to public officials, and use former spies to dig dirt on political opponents.

One of the most stunning revelations by Nix was his willingness to use sex workers to gather dirt on a clients’ opponents, and use the information to discredit them online.

Another possibility suggested by Nix involves setting a victim up and leveraging the incriminating evidence to remove an opponent from the campaign.

Mark Turnbull, managing director of Cambridge Analytica’s political division told the reporter "we just put information into the bloodstream of the internet, and then watch it grow, give it a little push every now and again … like a remote control.”

Turnbull added that this “has to happen without anyone thinking, ‘that’s propaganda’ because the moment you think ‘that’s propaganda,’ the next question is, ‘who’s put that out?’”

He later adds: “So we have to be very subtle, and we’ve got time to do this.”

The report reveals CEO Alexander Nix and other Cambridge Analytica executives admitting to using a range of underhanded tactics in order to sway the outcome of more than 200 elections around the globe, secretly campaigning through a web of shadowy front companies and sub-contractors.

posted by hexaflexagon at 2:40 PM on March 19, 2018


Mr. Nix (who is not a Bond villain, despite his name) admits "that on this occasion he misjudged the situation: 'In playing along with this line of conversation, and partly to spare our ‘client’ from embarrassment, we entertained a series of ludicrous hypothetical scenarios. I am aware how this looks, but it is simply not the case. I must emphatically state that Cambridge Analytica does not condone or engage in entrapment, bribes or so-called ‘honeytraps’, and nor does it use untrue material for any purpose.'"

Asking for a friend.......

Oh this tape is too delightful. They part where they describe how to make a hidden tape and blur faces. On a hidden tape. Lol.

Let's start a pool who they have sex tapes of. God I hope it's Pence. Please be Pence.
posted by fshgrl at 2:45 PM on March 19, 2018 [5 favorites]


Mr. Nix (who is not a Bond villain, despite his name)

"If at first you don't succeed, Mr. Nix ...”

“Try, try again, Dr. Spectre.”
posted by octobersurprise at 2:49 PM on March 19, 2018 [4 favorites]


Let's start a pool who they have sex tapes of. God I hope it's Pence. Please be Pence.

If ever I see the phrase "Mike Pence Sex Tape" trending, am immediately coming off all social media so I can't accidentally see that which can never been unseen.
posted by Wordshore at 2:53 PM on March 19, 2018 [7 favorites]


The UKs Information Commissioner has requested a warrant for CA. As soon as tonight. And supposedly FB officials have been over there all day in emergency meetings. The Dow is plunging, Facebook is down 7% already and now one of Cambridge Analytics data scientists has offered to testify publicly.

For anyone who can't watch the video at work the CEO of Cambridge Analytics says the following. This is a direct quote.

"I mean, deep digging is interesting, but you know equally effective can be just to go and speak to the incumbents and to offer them a deal that's too good to be true and make sure that's video recorded.

These sorts of tactics are very effective, instantly having video evidence of corruption, putting it on the internet, these sorts of things.

We'll have a wealthy developer come in, somebody posing as a wealthy developer. They will offer a large amount of money to the candidate, to finance his campaign, in exchange for land, for instance. We'll have the whole thing recorded on cameras. We'll blank out the face of our guy and then post it on the internet.

Send some girls around to the candidates house. We have lots of history of things."
posted by fshgrl at 3:01 PM on March 19, 2018 [1 favorite]



Well that could explain why some/many GOP reps are trying to ignore this mess and/or make it go away. It isn't Russia having something on them but CA. Or Russia adjacent CA I guess.
posted by Jalliah at 3:12 PM on March 19, 2018 [1 favorite]


sex tapes of. God

Is without a doubt the name of my first Witch House album.

Oddly enough I got a job offer from a Cambridge uni based data analysis startup yesterday. Ermm not that I believe in the data-woo, I just happen to have it on my CV as a thing I done and do.
posted by Buntix at 3:46 PM on March 19, 2018 [1 favorite]


CA is American owned and run. The Mercers are homegrown racist totalitarian homophobic oligarchs. I cannot wait to see who they bribed in relation to Brexit.

Really though, how fucking stupid are people that they keep falling for the old "camera in a purse" trick? Maybe the human race is doomed because we're mostly idiots.
posted by fshgrl at 3:47 PM on March 19, 2018 [5 favorites]


Really though, how fucking stupid are people

entitled.

They don't believe it can happen to them; pretty much the entire history of the human race is them getting away with it. With a very tiny amount of gravity-blade exceptions.
posted by Buntix at 3:51 PM on March 19, 2018 [3 favorites]


I hope that Facebook's decision to suspend the account of the whistleblower Christopher Wylie causes a few more thousand to delete their accounts there.
posted by exogenous at 5:52 PM on March 19, 2018 [1 favorite]


This has been covered-up for quite some time. This Dec. 11, 2015 Guardian piece is about Ted Cruz and CA.
Analysis of Federal Election Commission (FEC) filings shows Cruz’s campaign has paid Cambridge Analytica at least $750,000 this year.... After this article was published, Facebook said the company was “carefully investigating this situation” regarding the Cruz campaign.
Whoever kept the lid on did so quite well.
posted by Twang at 6:46 PM on March 19, 2018 [3 favorites]


It was no secret they backed Cruz first.
posted by fshgrl at 7:26 PM on March 19, 2018 [1 favorite]


This is in answer to my own question above. His name is Joseph Chancellor and Facebook was way deeper in than they're letting on...

Facebook appears not to have considered Global Science Research’s data collection to have been a serious ethical lapse. Joseph Chancellor, Kogan’s main collaborator on the SCL project and a former co-owner of Global Science Research, is now employed by Facebook Research. “The work that he did previously has no bearing on the work that he does at Facebook,” a Facebook spokesperson told The Intercept.

Chancellor declined to comment.

posted by Skygazer at 8:23 PM on March 19, 2018 [4 favorites]


"I must emphatically state that Cambridge Analytica does not condone or engage in entrapment, bribes or so-called ‘honeytraps’, and nor does it use untrue material for any purpose.'"

Okay, lets parse that like a lawyer (which I am not). So they have stated that they subcontract out work like this. They might offer the service to clients that want it (subcontracted), but perhaps they judge them regarding the purchase (my check-out clerk at the grocery store doesn't condone the five cases of coke I buy, but he'll sure as hell sell them to me). They also don't engage in entrapment - that's subcontracted, as are bribes and honeytraps. Actually, they were caught claiming they offered bribes, not that they followed through on them.

So, that only leaves 'use untrue material'... I'm not British, but to my ears that sounds like an awfully weird phrase. I mean it would be absurd for them to claim they don't lie when their response to the material caught on video was essentially 'that was a test for our clients, to see if they were unethical, we would never do any of the shit we offered to do'. So, they'll lie to their prospective clients, but their position is that they won't lie to help their clients or to hurt their clients political opponents? That's *really* hard to wrap ones head around.

Their best defense (which they are apparently using) is that they engage in industry standards. That might indeed be true, but is the heart of the problem.

So, where do we go from here? I mean, one could squash CA like a bug, and that's sort of in the process of happening now. But unless everyone involved goes to jail, I'd say the chances of them continuing to do the sort of work they do now is pretty fucking high. So they'll create a new company and continue the work. Lets pretend that they didn't have ninja lawyers help insulate them from responsibility of various illegal shit (that they 'subcontracted'), and that somehow, somehow, they end up in jail...

Well, if that unlikely scenario happens, then their competition will pick up the slack, right? Or another company formed with people with similar skill-sets will take up the slack. Regardless there will still be billionaires around the world that will fund companies like them.

I saw a tweet that was gleeful that facebook's stock has dropped 7%. I wonder if that stock drop will last. Even if it does, it doesn't change the nature of facebook, and they'll continue to do what they do. The person who was advocating for more openness about this stuff is leaving the company now, leaving that organization with leadership that would stonewall the public and the lawmakers about the manipulation they are aiding.
posted by el io at 10:54 PM on March 19, 2018 [2 favorites]




Oh boooy.

The Guardian: “Utterly horrifying” data harvesting on Facebook was routine, and Facebook looked the other way.

If this is the beginning of the end of Facebook, I will be so happy.
posted by schadenfrau at 9:33 AM on March 20, 2018 [3 favorites]


It won't be. He has a shtoyle that is completely unblockable.
posted by flabdablet at 9:59 AM on March 20, 2018 [1 favorite]


You know, Facebook isn't the problem here. The "data" isn't even very interesting or deeply held secrets and I'm sure there are plenty of other ways to get it. The problem here is the wealthy openly influencing democratic elections.
posted by fshgrl at 12:47 PM on March 20, 2018 [2 favorites]


Yes, and "guns don't kill people, people do." Facebook enabled the manipulation of millions of people in order to influence elections. The manipulation was extremely targeted and personalized, something not possible with conventional advertising.
posted by exogenous at 1:04 PM on March 20, 2018 [1 favorite]


Time for a little levity. The perfect comeback:

@ItsMeCathi These people have ties to Cambridge Analytica.

The Mercers
Steve Bannon
Rudy Giuliani
Ted Cruz
Ben Carson
Tom Cotton
John Bolton
Thom Tillis
Kellyanne Conway
Julian Assange
Hogan Gidley
David Bossie
Scott Brown

@JulianAssange What's my tie to Cambridge Analytica you libelous fraud?

@jonthedogwalker Come outside and say that. Ha ha ha.
posted by scalefree at 1:41 PM on March 20, 2018 [9 favorites]


Yes, and "guns don't kill people, people do." Facebook enabled the manipulation of millions of people in order to influence elections. The manipulation was extremely targeted and personalized, something not possible with conventional advertising..

Still not a big deal compared to blackmailing and creating fraudulent scandals to set up legally elected politicians. I'm not sure how Facebook became the focus of this story in the US media rather than the blatant admission CA can be hired for illegal smear campaigns and blackmail but I'm kind of impressed that they pulled that off.
posted by fshgrl at 4:06 PM on March 20, 2018


"I'm not sure how Facebook became the focus of this story in the US media rather than the blatant admission CA can be hired for illegal smear campaigns and blackmail but I'm kind of impressed that they pulled that off."

Well, they sort of didn't. They subcontracted it out. To people whose identities we probably will never know, and will probably continue doing the work they do. People who were trained by western democracies intelligence agencies; 'retired' spies.

Look, I'm super glad these revelations are out there, and given the public nature of them, some of the governments that trained and employed these spies will at least go through some motions to make it look like they care and are outraged. But if these governments (UK in this case) really cared, they'd simply pull up the roledexes of their ex-spies and see what they are all up to.

But none of this democracy-destroying behavior could ever get too much scrutiny; otherwise we'd be realizing that these retired spies are doing exactly what they were doing before they retired. That's why they have the skills necessary to pull off these operations.
posted by el io at 5:37 PM on March 20, 2018 [2 favorites]


The problem here is the wealthy openly influencing democratic elections.

And unfortunately, this is far from a new problem. A bit of education and training in critical thinking wouldn't hurt, though I expect it won't deter those who just want to share their photos on facebook. Remember that old adage, if you're not paying for it...? At least we know who was buying us now.
posted by Juso No Thankyou at 9:47 PM on March 20, 2018




He's just set up another one too - Firecrest Technologies.
posted by carter at 5:38 AM on March 21, 2018 [2 favorites]


From Medium.com - Here is a useful visual analysis of the various companies and people involved in SCL (parent of CA).

And here is some more information about the company, directors and shareholders. Looking specifically at who the directors of the company are - with respect to their ties to the British establishment - is interesting.
posted by rongorongo at 5:59 AM on March 21, 2018 [4 favorites]


A little more of the summary of connections between SCL/CA and various other institutions in this Bella Caledonia article. We can see that Roger Gabb - one of SCL's directors, made large donations to the Conservative party for example, or that the company's clients included the MOD, NATO and the US State Department.
posted by rongorongo at 6:33 AM on March 21, 2018 [1 favorite]


Here's an excellent legal tech analysis of details on what exactly Facebook + Cambridge Analytica did: Data Analytics, App Developers, and Facebook’s Role in Data Misuse. Some more discussion here and here. Talks specifically about the problem that Facebook used to let apps not only gather your data but your friends' data as well, without those friends' consent.
posted by Nelson at 8:31 AM on March 21, 2018 [3 favorites]


A 2015 Wired article which makes it clear about how Facebook likes can be a very accurate predictor of personality (citing, I believe, the same survey which was being used to steal data for CA, in this instance).

The claim: If I have a random set of just 10 of your Facebook likes - then I will make better guesses about who you are than your colleagues, with 150 of your Facebook likes I will know you better than your family, with 300, I will know you better than your spouse (or you, yourself).
posted by rongorongo at 8:38 AM on March 21, 2018 [2 favorites]





though I'm decently confident that's marketing research for e.g. Target and not for political parties. Decently confident, not entirely confident. Who knows what Target is doing with it.


I can anecdotally answer this, since I work directly in this industry—not for Target, but I work with plenty of former Target employees and a lot of my coworkers have spouses at Target. The short answer is that analyzing marketing data and performing user testing is expensive, requires a lot of warm bodies, and requires more time than can feasibly be dedicated within a typical retail cycle. So they very well may not be doing much at all with that information.

And I doubt there’s anything Buzzfeed could tell Target about their demographics that Target couldn’t already know in much greater detail from their own stores and website traffic. They already know you use Charmin because they just fuckin saw you walk in and buy it and have your debit card information. Rinse and repeat for pretty much every major retailer. It’s the smaller ones who would be much more likely to buy marketing data from third parties.
posted by Autumnheart at 6:48 PM on March 21, 2018 [1 favorite]


Re the phoenix company Emerdata.
Two mercer sisters are directors as is johnson chun shun ko who heads erik princes outfit in hong kong.
posted by adamvasco at 7:19 PM on March 21, 2018 [3 favorites]


Deleting Facebook? Don’t worry, I’ll replace it for you. (Alexandra Petri, WaPo)
If you want to delete Facebook, but are worried that you will miss it, I am happy to become your personal Facebook and do everything that Facebook used to do.

First, I will tell you any time anyone you went to high school with gets married or engaged. I will accompany this information with uncomfortable pictures of them standing on a beach, squinting into a bright light.

I will be sure to let you know any time your friends’ parents have political opinions. I know how much this matters to you.

I will make a terrible slideshow of pictures of you with someone you haven’t spoken to since college, and will leap out at you unexpectedly in the morning to tell you that There Are Many Friendships In The World, But None Of Them Are Quite Like Yours. You will never think this is worth sharing, but that will not stop me from doing it every day.

Some days, without warning, I will surprise you with a painful reminder of a lost loved one that you weren’t prepared for at all. We Thought You’d Like To Remember This, I will hiss.
posted by Johnny Wallflower at 9:27 PM on March 21, 2018 [14 favorites]


All of these scams and frauds involve lots of shell companies to hide ownership and responsibility. I think that the left needs to start pushing for reform of corporate structure rules to limit this. Maybe something like 1 level of ownership (holding company owns a company) or something like that. Would someone with actual legal knowledge be willing to weigh in on how hard it would be to change the relevant laws?
posted by medusa at 9:34 PM on March 21, 2018


Just a (probably unnecessary) reminder: Everything that CA did with Facebook data -- survey users, download their profiles and posts, collect lists of their friends, download *their* profiles and posts, link much of that data to real-world records, build psychological models based on the data, and then target specific individuals based on those models -- all of that is not just possible but trivially easy on Twitter right now. Unlike Facebook, not only are there zero protections against walking the follower/followee graph in Twitter, but Twitter eagerly provides a free API to make that incredibly easy to do at scale and anonymously. Facebook might have belatedly closed one of its barn doors in 2015, but Twitter has been widening theirs and decorating it with flashing lights for far longer. Plus, unlike Facebook, you don't even have to pay to target an ad directly at a specific user, thanks to the utterly unprotected @ protocol. Yeah, Facebook has better data than Twitter, but it's odd to see how freaked out the media is about it, with hardly any mention that the only reason the "breaches" of Facebook aren't breaches on Twitter is because Twitter is giving it all away as fast as it can.
posted by chortly at 10:49 PM on March 21, 2018 [8 favorites]


Oh, god. Twitter is ugly today. The bots are out to destroy Facebook. Media giants and who knows want a slice of the advertising revenue pie and I'm sure there are governments that are all too willing to let that happen.

But, IMHO, Facebook isn't the problem, it's the technology. There needs to be something like PGP built into web standards where the user has the ultimate control of who sees their data. Perhaps social networking itself needs to be rewritten with user standards and encryption built in. But how do you tell that to governments who are hell bent on banishing all forms of encryption from the web?
posted by popcassady at 3:48 AM on March 22, 2018 [1 favorite]


Twitter has all sorts of problems, but I don't think it's right to compare this Facebook data misuse with Twitter. Twitter is almost entirely a public medium. Almost all user profiles and posts on it are public. It shouldn't surprise people that someone can mine the Twitter social graph: not only is it designed that way, but it should be pretty clear to users that's how it works.

Facebook is a weird semi-private system with a very complicated set of access control rules that give most of its users the illusion of privacy. That's been its great strength, people on Facebook feel like they're only talking to friends and family. And for many users Facebook promised them that their data was really restricted to friends and family. Just turns out that meant "and any app your schmuck cousin got conned into installing".

But Facebook and Twitter share a problem that their social graph can be leveraged for more effective propaganda targeting. That part is very dangerous on both systems.
posted by Nelson at 7:31 AM on March 22, 2018 [4 favorites]


Plus both promote things on the basis of extremely gameable algorithms.
posted by Artw at 7:35 AM on March 22, 2018


There needs to be something like PGP built into web standards where the user has the ultimate control of who sees their data.

Every security measure comes with a cost in activity, and most users have made it very clear that they would rather have lax security and fewer hassles than good security and strong passwords, reduced access, and endless strings of notifications.

My husband used to say: Any solution based on the enlightenment of the masses is doomed to failure.

The "fix" to Facebook and datascraping companies is never going to be "persuade people to put up with extra nuisances for their web-based activities, because that will be better for them."

We need a constitutional amendment guaranteeing the right to privacy that's already been established, but is currently very hard to enforce. We need to overturn Citizens United. We need basics of computer theory taught in primary school along with basic civics - along with the phrase, "the Cloud just means someone else's computer."
posted by ErisLordFreedom at 10:27 AM on March 22, 2018 [4 favorites]


Moving liability away from users to vendors and applying meaningful penalties might work wonders there.
posted by Artw at 10:33 AM on March 22, 2018 [5 favorites]


Cambridge Analytica's Psy-Ops Warriors
Behind Trump's stolen Facebook data lurks a team of spooks and right-wing generals,
And across the ocean: -
SCL Group, CEO Nigel Oakes; is the parent company of Cambridge Analytica. They share directors and practise and are for all intents and purposes part of the same organisation. Between them they claim to have influenced more than 200 elections across the world.
Details are emerging about the worldwide activities of SCL Group and CA, touching almost every corner of the globe stretching from Brazil, to Nigeria, to Mexico and to India. But it has now emerged that in at least some of these these projects, CA coordinated with the UK MOD
The MOD is now contradicting previous information it has given out under Freedom of Information laws
posted by adamvasco at 3:40 PM on March 22, 2018 [6 favorites]


A mother closes the story book, sets it down on the nighstand, tucks her kiddo in a bit more. "... and that's how A.I. took over the world." Goodnight kiss on the forehead. Lights out.
posted by P.o.B. at 4:35 PM on March 22, 2018 [1 favorite]


In a paper published by NATO, Steve Tatham – the former British Navy commander who headed up SCL's defense work – described in some detail the theory behind how big data and profiling can be used to shape political views of an audience (pdf)
posted by adamvasco at 4:20 AM on March 23, 2018 [1 favorite]


Ian Bogost: My Cow Game Extracted Your Facebook Data. In which the author of a satirical 2010 Facebook game confesses how much personal data he couldn't help but collect because of the API design.
posted by Nelson at 9:09 AM on March 23, 2018 [7 favorites]


This is a pretty shocking revelation: apparently the Obama campaign had a copy of the entire US Facebook graph, with the approval and collaboration of Facebook:
AMY GOODMAN: Well, let me go to Carol Davidsen, who served as Obama’s campaign director of integration and media analytics during the 2012 campaign. In this video, posted online in 2015, she described how the campaign used Facebook.

CAROL DAVIDSEN: The Obama campaign just did this on a digital—in a digital level, on a much larger level, but we were actually able to ingest the entire social network, social network of the U.S. That’s on Facebook, which is most people. Where this gets complicated is, that freaked Facebook out, right? So they shut off the feature. Well, the Republicans never built an app to do that. So, the data is out there. You can’t take it back, right? So the Democrats have this information. So, when they look at a voter file and someone comes to them, they can immediately be like, “Oh, here are all the other people that they know, and here are people that they can help us persuade, because they’re really good friends with this person.” The Republicans do not have that information and will not get that information.

AMY GOODMAN: So that was Carol Davidsen, Obama campaign’s director of integration and media analytics during the 2012 campaign, speaking in 2015. Well, on Sunday, she wrote on Twitter, quote, “Facebook was surprised we were able to suck out the whole social graph, but they didn’t stop us once they realized that was what we were doing. They came to office in the days following election recruiting & were very candid that they allowed us to do things they wouldn’t have allowed someone else to do because they were on our side.”
The "on our side" part makes it sound like Facebook was favoring the Obama campaign, but here Davidsen seems to give the opposite impression.
posted by Noisy Pink Bubbles at 3:28 PM on March 23, 2018


File: I hope I am wrong.

Subject: This is just the tip of the iceberg.

Thesis: For all the clumsy and shit filled bad that Cambridge Analytica has exposed, there are n number of other agencies, organizations, networks that are doing exactly this but haven’t been stupid enough to be loud and proud about what they are doing.

It’s just...
It’s just inevitable.
For every thing we see, there are x number doing exactly the same thing cursing the fact that Cambridge Analytica has now tipped off the public.

Please let me be wrong.

I’m really tired of being correct.
posted by daq at 11:25 PM on March 26, 2018 [3 favorites]


UK parties poised to gain data powers to work out how people are likely to vote, despite the Cambridge Analytica scandal.

Christopher Wylie is talking right this minute to Parliament's Digital, Culture, Media and Sport Committee (not sure if that link is a permalink to this hearing, or just to the changing stream). But what good will it do us, if MPs can't see the fundamental threat to democracy that all of this represents. (My take on that.)
posted by rory at 3:10 AM on March 27, 2018


The Wylie hearing is absolutely explosive - his comments of the last few minutes in particular (11:37am-ish-11:41).
posted by rory at 3:43 AM on March 27, 2018 [2 favorites]


But what good will it do us, if MPs can't see the fundamental threat to democracy that all of this represents.

It seems vanishingly unlikely to me that a sufficient number of our elected officials (US and UK) are either willing or able to see it. My own "please let me be wrong" sentiment is that this is how AI takes over: not deliberately or even consciously, but naturally, because tech is evolving too fast for our institutions to keep up.
posted by CheesesOfBrazil at 7:42 AM on March 27, 2018 [1 favorite]


A nice piece on "how difficult it will be to reform not just Facebook, but the larger industry of data collectors and marketing shops that have evolved to maximize the amount of data collected and the precision of ad targeting" -
The shady data-gathering tactics used by Cambridge Analytica were an open secret to online marketers. I know, because I was one
posted by exogenous at 9:01 AM on March 27, 2018 [2 favorites]


Mozilla releases Facebook Container extension to reduce data that Facebook can gather about you when you're browsing other sites.
posted by a snickering nuthatch at 9:18 AM on March 27, 2018 [4 favorites]


Theresa May in Prime Minister's Question Time today: “If anyone is suggesting these claims call into question the referendum, I say to them that the referendum was held, the vote was taken and we will be delivering on it.”

Pack up the democracy box, folks, it's anything goes. Enjoy your representative oligarchy.

OED: take, v.
I. 1. trans.
d. To deprive a person of or remove (something) unlawfully; to steal.
posted by rory at 5:39 AM on March 28, 2018 [3 favorites]


Emails link Peter Thiel's Palantir and Eric Schmidt's daughter to Facebook's Cambridge Analytica fiasco.
Palantir has long sought to sell governments an unmatched power to sift and exploit information of any kind.

2009 (via)
Facebook: "This is their information. They own it"
BBC: "And you won’t sell it?"
FB: "No! Of course not."

2010 I don't buy Zuckerberg's argument that Facebook is now only reflecting the changes that society is undergoing. I think Facebook itself is a major agent of social change and by acting otherwise Zuckerberg is being arrogant and condescending.
posted by adamvasco at 8:41 AM on March 28, 2018 [2 favorites]


Here it is. The Cambridge Analytica/Facebook contract. Denied by Facebook. Denied by Cambridge Analytica. Leaked by @chrisinsilico. And published today by @DamianCollins as part of UK parliament's fake news inquiry.
Scroll down for A legal memo sent to Steve Bannon and Rebekah Mercer that explains the company's structure... and further down
the intellectual property licence that links Cambridge Analytica to AggregateIQ, & hence LeaveEU to Vote Leave.
posted by adamvasco at 4:37 PM on March 29, 2018 [6 favorites]


Papers Please.
All US visa applicants will have to disclose social media accounts after new proposal.
New visa forms require all applicants to list social media handles.
posted by adamvasco at 7:23 AM on March 30, 2018 [1 favorite]


Mapped: The breathtaking global reach of Cambridge Analytica’s parent company.
More than 100 election campaigns in over 30 countries spanning five continents.
posted by adamvasco at 12:21 PM on March 30, 2018 [5 favorites]


Zuckerberg will be responding to House Energy and Commerce Committee, today.
posted by carter at 6:35 AM on April 10, 2018


The Senate's Committee on Commerce, Science, and Transportation letter to Zuckerberg.
Zuckerberg's reply.
posted by carter at 8:43 AM on April 10, 2018


Oh, that's delicious. Zuckerberg totally just told the Senate they could not block his shtoyle.

Awaiting the next episode with glee.
posted by flabdablet at 9:15 AM on April 10, 2018


T minus seven minutes.
posted by rhizome at 11:09 AM on April 10, 2018


Every photographer is a white guy.
posted by rhizome at 11:30 AM on April 10, 2018


There was a nice camera angle on CSPAN, with all the cameras pointing at Zuckerberg.
posted by carter at 11:49 AM on April 10, 2018


C-SPAN archive of the testimony.
posted by carter at 7:54 AM on April 11, 2018 [1 favorite]


Day 2 testimony - live stream.
posted by carter at 8:17 AM on April 11, 2018


I linked to the wrong letter from Zuckerberg above. It's an old letter to the SEC. Here is the correct link to Zuckerberg's letter to the Senate committees:
https://www.judiciary.senate.gov/imo/media/doc/04-10-18%20Zuckerberg%20Testimony.pdf
posted by carter at 8:19 AM on April 11, 2018


Zuckerberg: Data…blah…Facebook…blah…on your computer.

Senator: What's a computer?
posted by popcassady at 11:18 AM on April 11, 2018 [1 favorite]


There was a nice camera angle on CSPAN, with all the cameras pointing at Zuckerberg.

@becket Photo of Zuck's notes, by AP's @andyharnik

How I got that photo of Zuckerberg’s notes
posted by scalefree at 6:58 AM on April 12, 2018


« Older There is a pain - so utter -/It swallows substance...   |   “...and of course, a choker.” Newer »


This thread has been archived and is closed to new comments