×
You will be redirected back to your article in seconds

Facebook Says Info on Up to 87 Million Users Was ‘Improperly’ Shared With Cambridge Analytica

Social giant outlines more steps to restrict flow of personal data in wake of scandal

Facebook revealed that, after an internal investigation, info on up to 87 million users may have been “improperly shared” with political consulting firm Cambridge Analytica.

That’s substantially higher than the previously reported number of 50 million users, whose data illicitly wound up in the hands of Cambridge Analytica, a U.K.-based firm that was enlisted by Donald Trump’s 2016 presidential campaign. The data was collected in 2013 by a researcher’s personality quiz, which was able to harvest info on up to 300,000 users’ friends, who subsequently shared it with Cambridge Analytica.

Facebook made the disclosure Wednesday in an update to additional changes it’s making to restrict the flow of user information on the service and improve its transparency about privacy.

Cambridge Analytica disputed the 87 million figure released by Facebook. In a statement, the company asserted that it had licensed data from GSR — the company run by researcher Aleksandr Kogan, who originally collected the Facebook user data — for 30 million individuals, not 87 million.

“Cambridge Analytica licensed data for no more than 30 million people from GSR, as is clearly stated in our contract with the research company. We did not receive more data than this,” it said Wednesday. The company also reiterated its claim that, contrary to media reports, it didn’t use any of the improperly obtained GSR data for its work during the 2016 US presidential election.

Among Facebook’s updates in response to the crisis: Starting Monday, April 9, Facebook will display a link at the top of users’ News Feeds showing what apps they use — as well as the information they have shared with those apps. As part of that, Facebook also will tell people if their information may have been improperly shared with Cambridge Analytica.

The scandal surrounding the leak of Facebook users’ data to Cambridge Analytica, without their knowledge or consent, and in violation of Facebook’s policies, has garnered higher scrutiny from lawmakers and regulatory bodies worldwide, and has driven down the company’s stock price over the last two weeks. Observers say the Cambridge Analytica case is likely to lead to the introduction of new U.S. laws that govern the way companies are allowed to use consumer data.

Among the latest developments, CEO Mark Zuckerberg is set to testify April 11 at a hearing scheduled by the House Energy and Commerce Committee. The controversy has prompted a boycott movement revolving around the hashtag #DeleteFacebook; those leaving the platform in the wake of the scandal have included Will Ferrell, Playboy and Elon Musk’s Tesla and SpaceX. However, Wall Street analysts for now don’t expect a significant dent in Facebook’s monthly user base of 2.1 billion worldwide.

Earlier Wednesday, Facebook acknowledged that it had been monitoring private messages sent using Facebook Messenger.

According to a blog post by Facebook chief technology officer Mike Schroepfer, the company has confirmed that the opt-in collection of call and text history for users of Messenger and Facebook Lite on Android “does not collect the content of messages.” Facebook will delete all records of call and text history that is older than one year, the CTO added. In the future, Facebook software will only upload info to provide the list of most-frequently contacted people for users’ contact lists, not broader data such as the time of calls.

Other changes, as outlined by Schroepfer, that Facebook is taking:

  • Facebook Login: Effective starting April 4, Facebook will require approval for all third-party apps that request access to information such as check-ins, likes, photos, posts, videos, events and groups. Facebook started approving these permissions in 2014, “but now we’re tightening our review process — requiring these apps to agree to strict requirements before they can access this data,” Schroepfer wrote. In addition, Facebook will no longer allow apps to request access to personal information such as religious or political views, relationship status and details, education and work history, music-listening and video-watching activity, news reading, and games. Finally, Facebook will remove a developer’s ability to request data that people shared with them “if it appears they have not used the app in the last three months,” per the CTO’s post.
  • User Search Based on Phone Number, Email Address Disabled: Facebook users previously have been able to enter another user’s phone number or email address to help find them. But the company is now disabling the feature because “malicious actors have also abused these features to scrape public profile information,” according to Schroepfer: “Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way.” Facebook also making changes to the account-recovery process to reduce the risk of “scraping.”
  • Events Application Programming Interface: Starting April 4, Facebook apps using the Events API will no longer be able to access guest lists or posts on the event wall. In the future, only apps from developers who have agreed to “strict requirements” will be allowed to use the Events API, according to Schroepfer.
  • Groups API: All third-party apps using the Groups API to access content for closed groups will need approval from Facebook and an admin to ensure that “they benefit the group,” the CTO wrote. Apps will no longer be able to access the member list of a group; in addition, Facebook is removing personal information, such as names and profile photos, attached to posts or comments that approved apps can access.
  • Pages API: Previously, any app could use the Pages API to read posts or comments from any Facebook Page (to do things like schedule posts and reply to comments or messages). “But it also let apps access more data than necessary,” Schroepfer wrote, so all future access to the Pages API will need to be approved by Facebook.

Schroepfer also called out Facebook’s announcement last week that it plans to shut down a program that let advertisers use third-party data brokers like Acxiom, Epsilon and Experian to target ads based on consumers’ offline profiles. The company’s Partner Categories program, launched in 2013, will be phased out over the next six months, according to Facebook.

More Digital

  • Streaming Powers U.S. Latin Music Market

    Streaming Powers U.S. Latin Music Market to 18% Growth

    The U.S. Latin music business experienced its second year of double-digit growth in 2018, driven almost entirely by streaming, according to the RIAA’s year-end report. The Latin market grew 18% in 2018 to $413 million, driven by a nearly 50% growth in revenues from paid subscriptions, the report says. Streaming formats made up a whopping [...]

  • Editorial use only. No book cover

    Entertainment One, Universal to Partner on Home Entertainment

    Entertainment One and Universal Pictures Home Entertainment have signed a multi-year, multi-territory distribution agreement. UPHE will serve as the home entertainment distributor of eOne’s offerings across both physical and digital formats. The pact covers film, television, and select family content and includes all sales, marketing, and distribution, spanning the U.S., Canada, U.K., Germany, Spain, Australia, [...]

  • 'Darkwood' Delivers Surreal Horror to Nintendo

    'Darkwood' Delivers Surreal Horror to Nintendo Switch

    “Darkwood” is the sort of game you might not expect to find on the Nintendo Switch: It’s dark, violent, and immensely unsettling. But the top-down survival horror title is also an excellent fit for the platform, the sort of evocative experience that a player can methodically pick at in short stints, or sink into for [...]

  • MLB All-Star Game

    T-Mobile’s MLB.tv Subscription Giveaway Available Now

    T-Mobile is once again giving its customers free access to MLB.tv, Major League Baseball’s streaming service. The telco began giving away access to the streaming service Tuesday; anyone interested in signing up has until April 1 to do so. MLB.tv allows subscribers to stream regular season games on mobile and TV connected devices, and is [...]

  • The Federal Trade Commission building in

    FTC to Examine Privacy Practices of Major Internet Providers

    WASHINGTON — The Federal Trade Commission said it is launching an examination of the privacy practices of major internet providers including AT&T, Verizon, and Comcast to study how they use consumer information. Capitol Hill lawmakers have been giving added scrutiny to the tech industry’s use of consumer data for more than a year, but much [...]

  • Jessica Rodriguez Strictly Business Podcast

    Listen: Univision's Jessica Rodriguez on Shaking Up a Traditional TV Brand

    With new leadership in place at Univision, the network is evolving in ways its fast-growing Hispanic audience in the U.S. might find surprising. Look no further than the broadcaster’s primetime schedule, according to Jessica Rodriguez, CMO of Univision Communications and president/COO of Univision Networks, who relied on audience research to shake up traditional notions of [...]

  • Electronic Arts Logo

    EA Laying Off 350 People, About 4% of Staff

    Electronic Arts is laying off about 350 of its 9,000-person staff, CEO Andrew Wilson announced in a blog post on its website Tuesday. In the brief, open letter, Wilson noted that the move was made to “address our challenges and prepare for the opportunities ahead,” and to “better deliver on our commitments, refine our organization [...]

More From Our Brands

Access exclusive content