Facebook is still in damage control mode following revelations that UK-based consulting firm Cambridge Analytica got its hands on profile information from millions of Facebook’s users. After promising to reevaluate its privacy practices, Facebook has issued an update on numerous platform features. It also has a new estimate of how many users were affected by the profile harvesting, and it’s much higher than the initial estimates. Facebook says the personal info from 87 million profiles ended up in Cambridge Analytica’s hands.
The initial news reports estimated that data from 50 million profiles had been handed over to Cambridge Analytica. In reality, it’s much more. However, Facebook is trying to casually gloss over that fact. The new count is at the bottom of Facebook’s privacy update post. The tally is based on how many users took the original survey and how many friends they had at the time.
While Facebook Itself didn’t hand over any data to Cambridge Analytica, it has come under fire for allowing so much data to be collected in the first place. About 270,000 people took a personality test on Facebook, authorizing the app to access their profile data. However, getting access to a user’s profile in those days also meant you could get data about all their friends. That’s how 270,000 users ballooned to 87 million (most in the US). That data was provided to Cambridge Analytica, which was technically a violation of Facebook’s policies.
Facebook has announced a tightening of several data APIs including events, groups, and pages. Because all of these features provide access to the activities of multiple users, Facebook will now have to approve any apps that want to connect. In the case of groups, apps won’t be able to access the member list at all. Facebook is changing the way search works as well. You won’t be able to use phone numbers or email addresses to find people. Facebook says this makes it too easy to scrape public profile data using the search and account recovery tools.
The new blog post also addresses a more recent controversy regarding Facebook’s collection of phone call data in Messenger and Facebook Lite apps. Facebook points out users did opt into this feature to connect to their existing contacts, but perhaps they didn’t know what they were getting into. Facebook has deleted all existing call data, and in the future the contact matching features won’t collect the full call logs.
Those of you still using Facebook should soon see a feed popup reminding you to check which apps have access to your profile. Users who may have been affected by the Cambridge Analytica breach will get a separate notification in the feed with additional information.
Should Spectre, Meltdown Be the Death Knell for the x86 Standard?
Spectre and Meltdown are serious CPU flaws, but do they warrant throwing out the entire closed-source CPU model?
OnePlus May Have Accidentally Sent Clipboard Data to Chinese Server
The latest beta version of its custom "OxygenOS" Android build was sending user clipboard data to a server in China. Oops.
AMD Releases Updated Risk Guidance on Meltdown, Spectre
AMD has clarified its own weaknesses against Spectre and Meltdown. One week later, things aren't quite as rosy as AMD hoped they'd be.
LG Shifts Strategy, Will No Longer Release Yearly Handset Updates
LG has declared its out of the yearly flagship phone release cycle, preferring to concentrate on retaining form factors for a longer period of time.