Case Study – Cybersecurity and Social Sciences
Facebook–Cambridge Analytica Data Scandal
Introduction
The Facebook-Cambridge Analytica Data Scandal was a huge scandal that broke in March 2018. Facebook had been stealing personal data of 87 million Facebook users without their consent through the political consulting firm Cambridge Analytica. There were both technical and social aspects to this scandal. On the technical side, there were weak platform controls and a lot of data harvesting via apps. Specifically, A researcher, Aleksandr Kogan, created a personality quiz app that harvested information from millions of users without their explicit consent (Stahl, 2018). On the social side of things, it shows that personal data an get weaponized by these big corporations. After this happened, public trust in big companies
declined, and their leadership was questioned. Especially that of Mark Zuckerberg.
Solutions There are plenty of different angles to combat this. I think the main ones are data minimization & consent redesign, platform controls, and ad transparency. Data minimization & consent redesign means limiting the collection of data without consent and using clear, behavior-tested consent flows. Platform controls like tight API access, continuous audits, and anomaly detection will help on a larger scale of things like mass data scraping. The main things that might get in the way of these solutions are profit incentives and user apathy/confusion. When it comes to profit, data drives revenue, and that leads to compliance with fines and market access. It rewards privacy, which in turn preserves ads. When it comes to users, low engagement with settings leads to safe designs instead of default designs. It just simplifies the controls, which will help reduce user confusion. There are plenty of different angles to combat this. I think the main ones are data minimization & consent redesign, platform controls, and ad transparency. Data minimization & consent redesign means limiting the collection of data without consent and using clear, behavior-tested consent flows. Platform controls like tight API access, continuous audits, and anomaly detection will help on a larger scale of things like mass data scraping. The main things that might get in the way of these solutions are profit incentives and user apathy/confusion. When it comes to profit, data drives revenue, and that leads to compliance with fines and market access. It rewards privacy, which in turn preserves ads. When it comes to users, low engagement with settings leads to safe designs instead of default designs. It just simplifies the controls, which will help reduce user confusion.
Reflection
This Cambridge Scandal just goes to show that cybersecurity is more than just a technical issue, it’s is heavily tied with social aspects that influence a lot of decisions. While technical fixes like stronger platform controls and data limits are important, and will help, they don’t fully address how users interact with systems or why they share personal information so easily. That is when the social aspect comes into play to help combat human vulnerabilities. (Harbath, 2023)
Conclusion
In conclusion, the Cambridge Analytica Scandal was about how Facebook stole millions of users’ private data without their consent. There are a lot of technical things that go into why this happened, but there is also a social side to why this happened as well. Some solutions involve fixing technical issues and making it easier for users; however, we must also study human behavior to help address key issues in cybersecurity as a whole.
References:
- Stahl, L. (2018, September 2). Aleksandr Kogan: The link between Cambridge Analytica
and Facebook. CBS News. https://www.cbsnews.com/news/aleksandr-kogan-the-link-
between-cambridge-analytica-and-facebook-60-minutes/ - Harbath, K. (2023, March 16). History of the Cambridge analytica controversy. History
of the Cambridge Analytica Controversy. https://bipartisanpolicy.org/article/cambridge-
analytica-controversy/