Compliance Management, Critical Infrastructure Security, Critical Infrastructure Security

Facebook publicly releases emails related to data scraping, Cambridge Analytica

Facebook late last week released a string of emails that discuss the social media giant’s internal conversation over the possibility that some Facebook contractors were violating the company’s terms of service when extracting data from profiles.

The documents were released due to agreement between Facebook and the District of Columbia attorney general’s office. Facebook originally refused the attorney general’s request for the documents to be released as they were part of court filings in connection with the attorney general’s lawsuit against Facebook over the Cambridge Analytica breach. However, last week the two sides came to terms and Facebook agreed to release redacted versions. The information contained in these emails had already been included in court documents filed previously.

A spokesperson for DC Attorney General Karl Racine told The Hill the office wanted the docs released “because we believe the American people have a right to know what and when Facebook knew about its data security weaknesses.”

“We believe this document has the potential to confuse two different events surrounding our knowledge of Cambridge Analytica. One involved unconfirmed reports of scraping — accessing or collecting public data from our products using automated means — and the other involved policy violations by Aleksandr Kogan, an app developer who sold user data to Cambridge Analytica. This document proves the issues are separate; conflating them has the potential to mislead people,” Facebook wrote.

Cambridge Analytica is mentioned in the email string, but at first is not the primary focus of the conversation. Facebook said in a blog post that releasing the documents could cause further confusion between what happened when researcher Aleksandr Kogan sold data on millions of Americans to Cambridge Analytica for use in the 2016 presidential election and the data scraping incidents.

The emails were sent between September 22, 2015 and May 9, 2106 center on whether or not companies that were scraping publicly facing data found on Facebook profile pages were doing so in violation of Facebook’s policies. However, Cambridge Analytica enters the conversation in December 2015 when the Guardian broke the story about that firm

Several of those involved in the email chain did believe the data scraping companies had exceeded what was allowed. In one case the email noted a project by the company Nation Builder that looked at a Facebook page run by ForAmerica and create a database using the page’s 7.6 million likes to identify people who like ForAmerica posts. This data would them be layered over additional data points like methods of contact and interests and once a certain critical mass is obtained that data would be compared to a separate database of names, phone numbers, emails of 82 million conservatives, Christians and their friends.

A Facebook employee said, “There are likely a few data policy violations here. They can’t collect information from public posts and share the information with any type of data company.”

In July the U.S. Federal Trade Commission penalized Facebook $5 billion as punishment for what it described as deceptive privacy practices, and imposed new restrictions on the social media giant. Facebook likewise announced that it has agreed to the terms of the deal. At the same time the Department of Justice officially filed a legal complaint against Facebook, accusing the company of misrepresenting to consumers the extent to which they could control the privacy of their data and to which Facebook made their data available to third parties.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.