“Facebook is fucked”: closing the barn door after the elections were stolen

Jon Pincus
Mar 17, 2018 · 9 min read
Image for post
Image for post
Facebook’s logo with a red circle and slash around it.

The New York Times’ along with the Guardian’s coverage including (an amazing profile of ), explores in detail how — funded by Robert Mercer, with Steve Bannon as a board member — harvested private information from the Facebook profiles of more than 50 million users without their permission, and then used it to help the Trump and Brexit campaigns.

These allegations aren’t new. (from last October in Vox) has a good overview of CA’s role in the US election, and (from last May in the Guardian) looks at the UK. Until now, though, Facebook’s line has always been “nothing to see here, move along”. Just last month, their UK Director of Policy assured a Select Committee, “. It may be data about people who are on Facebook that they have gathered themselves, but it is not data that we have provided.”

That changed just a few hours before the New York Times article appeared, when Facebook admitted that things haven’t actually been copacetic after all. :

In 2015, we learned that a psychology professor at the University of Cambridge named Dr. Aleksandr Kogan lied to us and violated our by passing data from an app that was using Facebook Login to SCL/Cambridge Analytica, a firm that does political, government and military work around the globe. He also passed that data to Christopher Wylie of Eunoia Technologies, Inc….

It wasn’t just the people who downloaded the app who were affected; the app also got data from their friends whose privacy settings allowed it (which was most of them, thanks to and not making it easy to change). As a result, SCL/CA got information from for over 50 million people.

It’s all okay, though. Facebook makes app writers promise not to misuse the information Facebook gives them — and promised not to share it with other people. So what could possibly go wrong?

Well, for one thing some naughty app developers might break their promises and develop malicious apps. I know, I know, hard to imagine! Apparently Facebook wasn’t particularly concerned about this, because .

Move fast and break things!

Unsurprisingly, some app developers did develop malicious apps — like the aforementioned Dr. Kogan and Joseph Chancellor, founders of the company called Global Science Research (GSR). [.] Their app claimed to be for an academic research study but they were actually passing the data to Cambridge Analytica. In late 2015, after the Guardian that Cambridge Analytica was using private Facebook data on the Cruz campaign, Facebook promised to “carefully investigate this situation.” , and he apparently still works there.

In August 2016 Facebook told Cambridge Analytica that they were in violation of the terms of service and should delete the data. Since Cambridge Analytica had already shown that they’d break the rules, you’d think that Facebook would have checked to see if they actually did delete it, but , “literally all I had to do was tick a box and sign it and send it back, and that was it.” Once again, what could possibly go wrong?

So now, Facebook is shocked, shocked to receive reports that (gasp) “contrary to the certifications we were given, not all data was deleted.” And it wasn’t their fault!!!!!!

The claim that this is a data breach is completely false. Aleksandr Kogan requested and gained access to information from users who chose to sign up to his app, and everyone involved gave their consent. People knowingly provided their information …

Really? I really doubt that most of the people downloading the app, after being told it was a research project, were told the information would be used by a corporation to influence election results. I’m 100% sure that their 50,000,000 friends didn’t even have the opportunity to consent. As Zyenep Tufecki says in , “This wasn’t informed consent. This was the exploitation of user data and user trust.” It’s almost like Facebook’s blaming the victims and trying to turn the focus away from their own culpability.

Similarly,

We are moving aggressively to determine the accuracy of these claims. If true, this is another unacceptable violation of trust and the commitments they made.

Who could have predicted that people who violated trust and the commitments they made would do so again? It reminds me of the classic line from Animal House: “You fucked up. You trusted us.”

Anyhow, Facebook assures us that they are “committed to vigorously enforcing our policies to protect people’s information”. So they’re going to close the barn door.

We are suspending SCL/Cambridge Analytica, Wylie and Kogan from Facebook, pending further information.

That’ll show ’em!

Good question. I mean, Facebook’s terms of service don’t permit it, so doing that would be an unacceptable violation of trust and the commitments Cambridge Analytica made. That hasn’t stopped them in the past, but who knows, maybe third time’s a charm? The again, maybe not … Wylie, who should know, says “”.*

There’s a lot of debate about just how effective Cambridge Analytica’s technology actually is; there’s certainly an element of snake oil in the way they talk about it. But as Emily Gorcenski says, . If the Facebook engineers who worked closely and with were even minimally competent, the models built from this psychographic data (combined with all the other sources they have access to like consumer histories, lifestyle information, census returns and historical voting records) is likely to have given them a significant advantage in Facebook ad targeting — which in turn translates into . And it’s easy to see how this data could help a campaign take advantage of the research Facebook published on and ; remember how the Trump campaign ?

For close elections like Brexit and the US Presidential election, this could have been a decisive edge.**

Mark Zuckerberg ended his “” post-election post in November 2016 by saying “In my experience, people are good, and even if you may not feel that way today, believing in people leads to better results over the long term.” Move fast and break democracy!

Yeah really. Zuckerberg obviously didn’t understand how callous that sounded to immigrants who are being deported and fear being kidnapped on the streets, Muslims who are banned from visiting the US, trans people who have lost their right to medical care, the targets of the upsurge in neo-Nazi and alt-right violence, and all the other people who are directly impacted by the result of the election. Privileged much?

Then again, I can see why Zuckerberg would say that. and talked about how they had learned that people need to control what they share? There have been a lot more privacy violations, ,*** since then … and yet, he’s now worth about sixty bazillion dollars, and until recently was acting like he was thinking of running for President. So yeah, people believing Facebook and trusting it with their data have certainly led to better results for Zuckerberg.

At least until now.

Even before these latest headlines, it was clear that Facebook was facing some challenges. They’ve just had their . Users are . [Sure, Zuck can claim this as an intentional result of their news feed changes to make it a better experience, but the data shows the decline starting before the changes so he’s pretty obviously trying to spin.] Problems with regulators (like the and the ) and lawmakers in the US, UK, and EU (including a ), plus , add to the pressure.

Now they’re also facing a spectacular and high-profile example of Facebook’s general greed, hubris, and business model based on exploiting their users. As law professor Frank Pasquale says, “.” Facebook’s initial ham-fisted response — , blaming the users for letting themselves get exploited, and quibbling over whether or not the word “breach” applies**** only made things worse. We Zuckerberg finally released his first statement a few days later, he . Brilliant.

So now Facebook’s problems are escalating quickly. . F which would trigger major fines. but Republicans quickly joined them. Mark Warner’s calling for regulation. Even Marco Rubio’s talking about companies who “grow so fast, and get so much good press, they get up high on themselves, that they start to think perhaps they’re above the rules that apply to everybody else.” There’s a parliamentary inquiry in the UK. Their stock plunged 9% leading to a . are suing as well. . Privacy activists are re-energized. .

And that’s all just in the first few days. This story isn’t going away — as Kara Swisher says, .***** With all the attention on Trump/Russia and Brexit, there’s going to be plenty of publicity on this — and plenty of politicians, journalists, lawyers, media companies, and potential competitors eager to jump on the bandwagon of criticizing Facebook. As

We have a responsibility to protect your data — and if we can’t, then we don’t deserve to serve you.

So let’s hope Marcy Wheeler’s right, and Facebook is well and truly fucked.

Image for post
Image for post

Originally written March 17
Updated March 18–25, adding new links, moving info to footnotes to improve flow, and other minor edits.

* A couple more good examples of rules not mattering to Cambridge Analytica: they’re also under scrutiny in the UK for things like and broke US campaign law by having foreign nationals work on political campaigns.

** Some of the others ways Facebook helped Trump:

.

*** Liz Gannes did a nice back in 2011 for the Wall Street Journal; after the CA mess.

**** From a liability perspective, Facebook has good reasons for it not to be considered a breach: if it is, they’ve probably broken the law in many of the 48 states that have some kinds of breach notification laws; and EU regulations could expose them to a hefty fine. And from a security perspective, it’s a valid point that the term “breach” is usually used for a hack. Still, it’s not a good look.

***** is really outstanding. ”Why is Facebook unable to anticipate these obvious problems?” ”We try?” “Can you get data back?” “We’ll try hard?” There are also good interviews in Wired and the Times but start and end with Kara.

A Change Is Coming

Software, culture, social computing, diversity, and more

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store