Skip to main content

Weaponised Likes


Yes, this is the inevitable blog about Cambridge Analytica, Strategic Communications Laboratories and Facebook, because this is a cyber security blog and this counts as compromised security.
First things first, the old admonition: if you are getting something for free, you are the product. Maybe it’s not that old, but it definitely applies. Facebook offers a lot, and offers it, ostensibly, for free. Now you could say that advertising revenue pays for it, and to some degree you would be correct, but one thing the former Harvard female ranking website has plenty of is information: data. And data, particularly the specific kinds you feed the Zuckerbergian Machine every 30 seconds, is worth more than its weight in gold. Machine Learning and AI companies need as much as possible to teach their silicon brains, and advertising departments and companies love knowing how to manipulate you into buying things help you choose their products. Here’s where Cambridge Analytica, and their parent SCL, come in.

The non-naïve (those who actually read the T’s & C’s) among us had an idea of what could be done with what data we gave (to see just a bit of how FB interprets your activity, Data Selfie is an extension that just might scare you), so the revelations that FB had essentially handed over 50+ million profiles to a third-party came as no great surprise. Why else would they be collecting and collating the data they have if not to make some use of it? I’m not saying that Zuck and company were 100% complicit in CA or SCL operations, but they did hand over data, their platform allowed for slurping more data than permission is given for, and the platform also allows for the type of campaign Cambridge Analytica appear to have run.

Now the data being handed over is out and out breaching their own contract, let alone data protection laws everywhere. Proving who within FB did the giving maybe more difficult than could be thought and is a matter for internal investigation and law enforcement. Speculation could be libellous, but it’s hard to imagine that anything at that level went on behind top brass’ backs. This is one of the more important aspects of this debacle, as this will test data protection laws and their enforcement, the influence of the technocrats, and the anger of the users.

With the slurping of profiles that took place through the “thisisyourdigitallife” app (the profiles of the friends of the users, not those who volunteered to use it), Zuckerberg thinks he has this solved by changing the API and what it can access. No more sucking at the teat of the few to get the data of the many. But this sort of behaviour is something worth keeping an eye out for, on FB and its third-party apps, and on other platforms. It should also serve to keep you aware of what data you volunteer to the world.

Now being CyberSec professionals, none of this should be any surprise to you. I only write about it as it demonstrates a point about privacy and our responsibility to peoples’ data. Your Privacy Policy needs to be very clear in its language and its intent – what data are you collecting, what is stored, how long for, what it will be used for, who you will share it with. I’m going to look into my digital crystal ball a moment, and predict that this incident, and others like it that will undoubtedly be revealed, will force a change on policy documentation, i.e. privacy and terms and conditions documents will have to become rather more streamlined and clearer in the next 18 months, because most people are too lazy to read through the current ones.

Comments

Popular posts from this blog

This is not a New Year’s Resolution

I'm not a one for resolutions or anything, I prefer to at least try to be a bit more practical than that. Instead, now that I've had time to consider what I want to do this year, here my list of upcoming projects. Let me know what yours are: 1) Re-evaluate the website and blog, and actually keep to a posting schedule. Might help if I started using artwork/photos. 2) Social Media application for my desktop: I'm getting a bit sick of having and average of 20 browser tabs open at a time, so lets see if I can't design an app, even if it's just a fixed browser thing, I can use to track my SM activity in one place so it's not clogging up my precious browser memory. 3) Stop wasting time with my writing projects: My biggest issue here is that while I can write some flowery prose or engage in worldbuilding like I'm Slartibartfast, I don't actually have a tale to tell. I need to adjust my focus here, and maybe I'll get something out of it. 4) Top Secre...

The Cultural Value of Algorithms

I am aware that there are misgivings amongst the musical community about Spotify's business model, and from the bits I know, these are perfectly reasonable. Unfortunately, it is useful and productive consumer model, and it's this I want to briefly write at you about. Spotify's catalogue is huge, an ever-expanding horizon that seems to want to engulf the soundscape in totality. It's easy to use, and you can usually find the album or artist you want to listen to. But it's true genius is in its algorithms, specifically the ones it uses to create the playlist it constantly nudges you to listen to. Now, because of how pushy it seemed, I avoided my Discover Weekly and Release Radar playlist like the plague for ages. This was a mistake. Or maybe, because I hadn't listened and followed enough, they just weren't right for me yet. Now, however, I spend a good two days paying attention to them, and then expanding my aural sphere to at least 3 of the recommend...

You and who’s party?

“I don’t care to belong to any club that will have me as a member” Groucho Marx Much of the past 17 years has been dedicated to fighting fundamentalist extremism, largely of the religious persuasion. This is understandable, as the religious mindset, certainly in those areas of the globe where faith is a majority holding, affects and informs the cultural values of society, and certainly in the West we have found ourselves at odds with extremist Islamic groups. Fundies of the Muslim persuasion have been at the forefront f these combative efforts, although we have also seen the dangers of the looming Christian theocratic state. It is fair to say while this will be an ongoing struggle, it is one we are coming to understand very well and are able to combat. But what of other types of fundamentalist creeds? What of political fundamentalism? This is, I fear, something we are neglecting to talk about, instead preferring to remain steadfastly tribalised to the point where discuss...