The big news this weekend was that Facebook suspended Cambridge Analytica, a company that leveraged behavioral data to come up with very focused and accurate political ads, for using data that they were not supposed to have as well as not deleting it when caught. Everyone seems to be surprised by this revelation but I’m honestly surprised it took this long and I wouldn’t be surprised if there are still hundreds, or even thousands, of companies in the same situation as Cambridge Analytica, albeit at a smaller scale.
The value of this data is immense and Facebook made it incredibly easy to access. It’s no surprise that some unsavory actors pulled this data and used it for whatever they needed to. And once you have the data why delete it? It’s not as if there’s any way to get caught and if you do you can just delete it then. If you’re competitors are doing this you also have a big incentive to play along and do the same thing. It’s tough being noble while you’re competitors are running amok, especially if the risk of getting caught is low.
Facebook is right in saying it’s not a security breach - there was no hack and the data was properly fetched via the official API. It is a violation of Facebook’s terms of service but the damage has already been done. Coupled with the privacy initiatives happening in Europe it does feel as if the world is starting to take privacy seriously. Unfortunately it looks as if we’re going to need more of these fiascos before we get to where we need to be.