Facebook and Cambridge Analytica: Pretty much everyone’s looking the wrong way and learning nothing

Posted on Mar 30, 2018 by Rick Falkvinge

People have finally woken up to what happened with Facebook and Cambridge Analytica, and the massive personality databases that were built. The problem is, nobody’s learning anything for the future, only seeking to point fingers about the past.

The first time the company name Cambridge Analytica appeared in my news feed was about three years ago. At that point, it had become apparent that election campaigns were now held at the individual level, rather than at the demographic level.

That’s all fine, in itself; I developed what I believe to be an even more effective means of political campaigning still in 2009, beating the establishment on less than one percent of their budget. (I outline how this was done in the leadership book Swarmwise, which is free to download.) No, really, I’m serious: political campaigning is not the reason for anger here. Even if using this method for talking to people from a political head office means that the guy you didn’t like is now in office, the free and secret ballot is and must remain as it is, with every person able to pick and choose arguments for validity and invalidity precisely as they like. Somebody inventing a better communications platform doesn’t really change this; technology will progress and create even better platforms in turn, and this particular method will be water under the bridge.

No, there are much graver concerns with what happened with Facebook and Cambridge Analytica, and unless we focus on them, we’ll do the same mistake all over again, and again, and again.

Let’s review: about three years ago, revelations appeared about how a relatively unknown company was building political profiling at the individual level. The key leak used was that even though you yourself could pick and choose permissions for third-party apps pretty well in Facebook, you could not determine what was shared about you by your friends — and at least one of your hundreds of Facebook friends is guaranteed to be an information-hygiene moron, as the technical term goes.

As with any secret, one is enough.

Most of these inane “look at your funny gender-swapped face” or “what famous medieval plumber are you” or “test your totally scientific IQ in four questions about useless trivia” apps are asking for a very specific set of permissions, all of which are completely ignored as were they an “I Agree” button. They are asking to access somebody’s public information (name and photo), their interests (your likes and dislikes), their friends, and the public information and likes and dislikes of those friends.

…and the public information and likes and dislikes of those friends.

But those friends, including you, never agreed to this. Not explicitly, anyway. They didn’t have a say in some other person surrendering their information like this. And this is how databases on millions of people were built.

And are still being built. And this is what nobody is talking about.

I saw a news item pass by in my flow that as few as three “likes” on Facebook can be sufficient to determine the sexual orientation of somebody. And these bait apps are collecting thousands, for every person in a friends list, for every person who perform this bait “tests”.

Every single time one of your information-hygiene-moron “friends” are taking yet another test, there’s yet another leak of your information.

And that’s the bigger picture we should be talking about:

First, why this wasn’t taken seriously when privacy advocates added one and one together, three bloody years ago.

Second, the fact that this is still ongoing, but with a thousand clones of Cambridge Analytica, using moronic bait apps with names like “What Einstein hairdo are you”. This is not a one-off scandal. Cambridge Analytica was the first of now-thousands of competitors offering basically the same data.

Third, the problem may not be the thousands of Cambridge Analytica clones, but the fact that they’re all trying to get Facebook’s data. This means that the elephant in the room here is Facebook itself: even if they’re so big they can’t act altogether shady themselves, there are many actors (like a government) with the capability to take Facebook’s data without Facebook’s consent. This is not discussed at all.

Fourth, the key lesson here isn’t that, or even how, Facebook cooperated with Cambridge Analytica. The key lesson is that privacy advocates have developed a very keen sense for detecting when something is going very bad very fast, and despite this, the world is still not listening to those warnings, all of which have proven true in hindsight.

Fifth, the field of Information Hygiene remains paramount, and remains ignored: having personal hygiene about who gets access to what data.

As a side note, it’s illegal to build a database containing people’s political opinions in some countries, with very few exceptions (like a political party’s own membership lists). While that seems to have been good foresight on behalf of legislators, it only worked while such databases were confined to one country.

Privacy remains your own responsibility.

VPN Service