OAIC to probe Cambridge Analytica


By Dylan Bushell-Embling
Tuesday, 20 March, 2018



OAIC to probe Cambridge Analytica

Australian Information and Privacy Commissioner Timothy Pilgrim is making inquiries as to whether any Australians’ private information has been acquired by Cambridge Analytica, the company accused of using shadily harvested Facebook profile data to help US President Donald Trump win the 2016 election.

A whistleblower has produced credible evidence that Cambridge Analytica acquired profile data from 50 million US citizens and used the insights gleamed from the information to help the Trump campaign target swing voters during the election.

Cambridge Analytica was also involved in the Brexit campaign in the UK but has so far denied using Facebook user data for this purpose.

The data was harvested by Global Science Research (a company founded by Cambridge University researcher Aleksandr Kogan) and then sold to SCL Elections, the creator and initial operator of Cambridge Analytica.

According to reports, Kogan harvested the information by paying thousands of Facebook users to take a personality test and agreeing to have their data collected for academic use. But the app used to administer this test also harvested data from users’ friends lists without permission.

This is in contravention of Facebook’s terms of service, which only allow the use of data collection on friends to improve an app’s user experience and bars the reselling of such information. It could also be a violation of various jurisdictions’ privacy laws.

Pilgrim said he will consider Facebook’s response before determining whether any further regulatory action is required. Australia’s Privacy Act confers powers on the Office of the Information Commissioner to investigate an alleged privacy breach, as well as enforcement actions ranging from requiring an enforceable undertaking to applying to the court for a civil penalty.

Meanwhile Facebook has announced it has hired digital forensics company Stroz Friedberg to conduct a comprehensive audit of Cambridge Analytica.

But the company subsequently revealed that Stroz Friedberg’s auditors stood down yesterday at the request of the UK Information Commissioner’s Office, which is seeking a warrant to conduct its own on-site investigations.

Facebook has admitted it first learned of the misused data in 2015, and in August 2016 had requested Cambridge Analytica verify that it has deleted the data. But while the company said it had been assured that the data had been deleted, it took no steps to verify this.

Facebook has meanwhile suspended both SCL and Cambridge Analytica from the social network and reaffirmed its commitment to conduct robust reviews of apps created to ask for certain information from its subscribers.

Image credit: ©iStockphoto.com/Brian Jackson

Follow us and share on Twitter and Facebook

Related Articles

Privacy International urges Google to crack down on Android security

Privacy International has released a petition, calling on Google to help fight vulnerabilities in...

Microsoft patches serious PKI vulnerability

Microsoft has patched a PKI spoofing vulnerability considered so severe that the US NSA took the...

Best of 2019: Email providers' phishing nets have "big holes"

Across the festive season we'll be reprising some of our best articles from 2019. Today we...


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd