On the afternoon of March 16, Facebook unexpectedly announced that it was suspending two data collection and research firms from its platform for violating the site's standards and policies.
The announcement occurred shortly before the media went public with allegations that the firms had obtained unauthorized access to Facebook data for hundreds of thousands -- and possibly millions -- of users. These groups also reportedly leveraged that data during the contentious 2016 election, when the Trump campaign paid $6.2 million for their services.
Many people are concerned about online privacy, campaign advertising practices and data collection, so here's what you need to know.
The data users voluntarily provide to Facebook is worth a lot of money -- especially in combination with secondary details the site collects about visitors. If you have a Facebook account, you've likely directly or indirectly provided information about your political affiliation, the issues you care about, where you live, what kinds of things you like to buy and more.
This information represents a gold mine to Facebook. In fact, it's one way the service remains free despite the tremendous amount of resources involved -- because they can sell your data. And it's one reason that Facebook specifically marketed user data to interested campaigns and companies in 2015, knowing it would be lucrative information for election advertising targeting.
When it comes to political advertising in particular, campaigns don't just want to target broad demographic groups. Ideally, they aim to reach specific voters -- especially swing voters in key districts.
That's where Cambridge Analytica and its sister firm, Strategic Communication Laboratories, come in. They contracted with University of Cambridge psychologist Aleksandr Kogan to build an app called thisisyourdigitallife, inviting users to answer questions in exchange for a psychological profile. 270,000 users interacted with the app, which harvested not just their data, but also that of their friends. Imagine walking into a crowded house party, allowing a person following you to see who you interact with and how.
Accessing user information via an app isn't a violation of Facebook policies, but the company does spell out rules for the information people collect and how it can be used, in the interest of protecting users. Kogan violated that policy by passing information on to a third party -- Cambridge Analytica -- and when Facebook found out in 2015, the company demanded that the data be destroyed.
Facebook cut off access for Cambridge Analytica, Kogan and a man named Christopher Wylie, the whistleblower. And some critics are asking why it took two years to do this.
Facebook also insists that this was not a "data breach," as some in the media have characterized it, claiming that users provided their information voluntarily. Even so, it should be stressed that their personal information was used in a way they didn't consent to -- and the people whose information was harvested because of their proximity to app users had no opportunity to consent.
Did this have an effect on the election? It's hard to say definitively, because many factors influence elections. The 2016 election certainly involved a lot of targeted advertising, but it also included some problematic ethics in media, voter suppression and Russian influence over the news and information people accessed.
It wouldn't be reasonable to claim that Cambridge Analytica and Facebook are solely responsible for Trump's win, but they undoubtedly had an influence. And the situation highlights worrisome issues when it comes to privacy practices and protecting individual users. This is particularly important for people who don't understand privacy and security issues very well and aren't aware of the fact that they need to protect themselves -- let alone how to do it.
So what does this mean for you? If you downloaded Kogan's app, your data may have been used by Cambridge Analytica without your awareness or consent -- and if you're friends with someone who did, there's a chance your data was also used. You should know that while Facebook maintains extensive privacy policies, app developers may use your data in ways you're not aware of, or weren't expecting. Think carefully about what kind of information you share on Facebook.
And consider where, when and how you interact with Facebook off the site. Lots of services allow users to log in with Facebook, feeding free data to the company, while the site's persistent cookies may track you elsewhere -- ever noticed that you're shopping for airline tickets and then ads for the airline pop up in Instagram?
Simply logging out isn't enough; you may want to use Facebook in a private window in a separate browser to avoid crossing the streams if you want to continue using the service instead of deleting your account.
Facebook isn't the only offender here: If a site is offering a free service, it means you -- or data about you -- are the product. The site's history of suppressing activists and manipulating its feed is a reminder that this social media giant isn't necessarily on the side of its users. You may want to take this opportunity to carefully read the privacy policies on other sites and services you use to learn more about how, when and where they use your data.