Wasn't this already known though? There was an undiscovered bug that allowed organizations access greater than they were supposed to have, I feel like it's beating a dead horse by this point.
1. It wasn't a bug, it was a feature. The API explicitly allowed apps access to friends' information. They weren't exploiting the API.
2. The article describes the Cambridge Analytica database in particular being available "to verified researchers" but someone threw credentials onto GitHub where anyone could have borrowed them
I feel like this issue, and others like it, cannot be thrown in people's faces enough. People need to get angry to affect change.
If we want our industry to take privacy seriously, we need people to take a principled stand. Making them aware of, and outraged over, flagrant violations of your privacy, and trust, is the easiest way to do that.
The battle is lost. People by and large have decided that it is worth sacrificing most of their privacy to use "free" services like Facebook and google. The only relief at this point is regulatory.
Yeah, and just because many people are happy to trade it away doesn't mean everyone is. (And of course many don't realize just how much they're trading away...)
Privacy? What privacy? It most jurisdictions in this country I can search property records, obtain the names of those owning if not in residence, property values, when purchased and so on. Then I can cross reference other government databases and eventually onto private setups like the one in the article.
people and washington are bemoaning what happens at Google, Facebook, and the like, yet totally ignoring all the information readily available to the public for anyone to take from government itself.
Example, if you know a street address or owner's name in Cobb County Georgia will allow you to search. The amount of information available there is and the type is far more dangerous than what was discovered via a facebook quiz.
I guess this story has turned in to CA doing things that others could do anyway... the real story is that this information was weaponized, and used on a populace to put in a far right type of gov.
The actual problem here is not that Cambridge Analytica got the data. But that they created a site where this data was made readily available:
> Academics at the University of Cambridge distributed the data from the personality quiz app myPersonality to hundreds of researchers via a website with insufficient security provisions, which led to it being left vulnerable to access for four years. Gaining access illicitly was relatively easy.
This is not related to Cambridge Analytica. It's the University of Cambridge, in the UK.
>Though “Cambridge” is in the name, there’s no real connection to Cambridge Analytica, just a very tenuous one through Aleksandr Kogan, which is explained below.
21 comments
[ 5.2 ms ] story [ 53.2 ms ] thread2. The article describes the Cambridge Analytica database in particular being available "to verified researchers" but someone threw credentials onto GitHub where anyone could have borrowed them
>Like other quiz apps, it requested consent to access the user’s profile (friends’ data was not collected)
If we want our industry to take privacy seriously, we need people to take a principled stand. Making them aware of, and outraged over, flagrant violations of your privacy, and trust, is the easiest way to do that.
We talk at the phone, we chat, we take pictures together
If you don't mind about your privacy you're probably hurting someone else's
But why would the government intervene in a private decision that citizens have made?
people and washington are bemoaning what happens at Google, Facebook, and the like, yet totally ignoring all the information readily available to the public for anyone to take from government itself.
Example, if you know a street address or owner's name in Cobb County Georgia will allow you to search. The amount of information available there is and the type is far more dangerous than what was discovered via a facebook quiz.
Of course they're public
https://www.newscientist.com/article/2168713-huge-new-facebo...
The actual problem here is not that Cambridge Analytica got the data. But that they created a site where this data was made readily available:
> Academics at the University of Cambridge distributed the data from the personality quiz app myPersonality to hundreds of researchers via a website with insufficient security provisions, which led to it being left vulnerable to access for four years. Gaining access illicitly was relatively easy.
>Though “Cambridge” is in the name, there’s no real connection to Cambridge Analytica, just a very tenuous one through Aleksandr Kogan, which is explained below.