Skip to main content

Weaponised Likes


Yes, this is the inevitable blog about Cambridge Analytica, Strategic Communications Laboratories and Facebook, because this is a cyber security blog and this counts as compromised security.
First things first, the old admonition: if you are getting something for free, you are the product. Maybe it’s not that old, but it definitely applies. Facebook offers a lot, and offers it, ostensibly, for free. Now you could say that advertising revenue pays for it, and to some degree you would be correct, but one thing the former Harvard female ranking website has plenty of is information: data. And data, particularly the specific kinds you feed the Zuckerbergian Machine every 30 seconds, is worth more than its weight in gold. Machine Learning and AI companies need as much as possible to teach their silicon brains, and advertising departments and companies love knowing how to manipulate you into buying things help you choose their products. Here’s where Cambridge Analytica, and their parent SCL, come in.

The non-naïve (those who actually read the T’s & C’s) among us had an idea of what could be done with what data we gave (to see just a bit of how FB interprets your activity, Data Selfie is an extension that just might scare you), so the revelations that FB had essentially handed over 50+ million profiles to a third-party came as no great surprise. Why else would they be collecting and collating the data they have if not to make some use of it? I’m not saying that Zuck and company were 100% complicit in CA or SCL operations, but they did hand over data, their platform allowed for slurping more data than permission is given for, and the platform also allows for the type of campaign Cambridge Analytica appear to have run.

Now the data being handed over is out and out breaching their own contract, let alone data protection laws everywhere. Proving who within FB did the giving maybe more difficult than could be thought and is a matter for internal investigation and law enforcement. Speculation could be libellous, but it’s hard to imagine that anything at that level went on behind top brass’ backs. This is one of the more important aspects of this debacle, as this will test data protection laws and their enforcement, the influence of the technocrats, and the anger of the users.

With the slurping of profiles that took place through the “thisisyourdigitallife” app (the profiles of the friends of the users, not those who volunteered to use it), Zuckerberg thinks he has this solved by changing the API and what it can access. No more sucking at the teat of the few to get the data of the many. But this sort of behaviour is something worth keeping an eye out for, on FB and its third-party apps, and on other platforms. It should also serve to keep you aware of what data you volunteer to the world.

Now being CyberSec professionals, none of this should be any surprise to you. I only write about it as it demonstrates a point about privacy and our responsibility to peoples’ data. Your Privacy Policy needs to be very clear in its language and its intent – what data are you collecting, what is stored, how long for, what it will be used for, who you will share it with. I’m going to look into my digital crystal ball a moment, and predict that this incident, and others like it that will undoubtedly be revealed, will force a change on policy documentation, i.e. privacy and terms and conditions documents will have to become rather more streamlined and clearer in the next 18 months, because most people are too lazy to read through the current ones.

Labels:

Comments

Post a Comment

Popular posts from this blog

Logical Fallacies - Why do they matter?

I came across a wonderful poster image by a talented artist, Michele Rosenthal , which depicts a robot debate: Granted, these aren't all the logical fallacies that exist, but it covers the most obvious, and most abused ones. But why are they important? We currently live in an age where we have access to more information that at any other point in history, and yet somehow we still think that arguing from emotion, or with our cognitive dissonance blinders on, is both right and acceptable: it isn't, not by any stretch of the imagination. Postmodernism may have a place, but not here. Yes, you absolutely are allowed to feel they way you want to, but debates are places for facts and ideas that need to be scrutinised rigorously, not with playground threats and character assassinations. "I feel" is not an argument that belongs in a debate - your feelings are valid for you, yes, but you can not simply refute the evidence-based assertion of vaccinations work with the st...
Post a Comment
Read more

The Alphabet Soup: A Quick Guide to Post-Nominals

This week, I’ll walk you through the ever-growing list of post-nominal letters you can add to your name through qualifications and certifications. Being a student myself, I’ll start with exploring the academic route, then go through the more popular, and best recognised, vendor and standards organisations’ certifications, highlighting their worth for your CV and career development. It’s not a comprehensive list, by any stretch of the imagination, and is geared towards a more general CyberSec professional, rather than focusing on any one aspect of the industry. I’ll try and shy away from too much debate by running away very quickly to avoid the one about CEH vs. OSCP, and leave it to you instead. *Disclaimer* I am a university student, and haven’t actually done any of the following certifications, at least not to completion. I have explored each in a reasonable amount of depth to see their benefits and worth and consulted with holders of a few to gain their insider opinions. I a...
Post a Comment
Read more

It's all about the angles

I could describe the surroundings for you perfectly, down to the way the grain went on each of the wood panels on the floor, I could talk to you at great length concerning the cobwebs knocking at my door or the baying crane flies attacking the windows, baying for the bleeding luminescence seeping from the screen. I could go so far as to describe each and every instrument playing on the track I was listening to, the perfectly clear Irish lung-pipes of Cara Dillon’s songbird vocals. But I won’t, because none of that matters, at least not in this context, or perspective. It all comes down to angles you see. Not the angles of everything around us, but our angles. The tilt of the head to listen more intently, the hunch, or straightening of the back to become comfortable. The adjustment of glasses to see an image properly, or in this instance, to see the image no-one else may have seen. It doesn’t take much to shift your physical perception of anything, but it opens up a myriad new worlds, ...
Post a Comment
Read more