Security

If your organization advertises on Facebook, beware of these new limitations

Facebook has banned two more analytics firms, made changes to its advertising platform, and is rolling out an Unsend feature for messages.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • The Canadian firm AggregateIQ and Italian firm CubeYou have been banned from the Facebook platform following indications the pair have improperly accessed user data.
  • Facebook is also under fire for allowing Zuckerberg and other executives to delete messages from users' inboxes, an ability common users do not have.

Amid a veritable typhoon of controversy, Facebook is announcing a series of sweeping changes following the fallout stemming from the banning of Cambridge Analytica last month.

It recently became apparent that Cambridge Analytica gathered profile information of 87 million users, rather than the 50 million first reported. The firm is alleged to have used the data to influence voters in the 2016 US Presidential election, according to whistleblower Christopher Wylie—a claim for which it is being investigated by special counsel Robert Mueller. Starting Monday, Facebook will begin notifying users whose data was improperly obtained by Cambridge Analytica.

Canadian technology company AggregateIQ was banned from the platform last Friday, as Facebook cited "recent reports that AggregateIQ may be affiliated with SCL and may, as a result, have improperly received FB user data." Security company UpGuard found a code repository that contained a "set of sophisticated applications, data management programs, advertising trackers, and information databases that collectively could be used to target and influence individuals through a variety of methods," in post published on March 26th.

UpGuard noted that some of the utilities were customized for (coincidentally Canadian-born) Texas Senator Ted Cruz's unsuccessful 2016 RNC primary campaign. AggregateIQ was also retained by Nigel Farage's organization in the Brexit campaign, and both UpGuard and The Guardian claim that the company is related to Cambridge Analytica, and its parent organization SCL Group. UpGuard indicated that folders named "SCL" existed in the repository, among other connections, while The Guardian quoted Wylie as saying the company "was set up as a Canadian entity for people who wanted to work on SCL projects who didn't want to move to London."

SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)

For the record, AggregateIQ's website states, in part, that the company "has never been and is not a part of Cambridge Analytica or SCL. Aggregate IQ has never entered into a contract with Cambridge Analytica. Chris Wylie has never been employed by AggregateIQ," and that "It has never knowingly been involved in any illegal activity," as well as claiming that it "has never managed, nor did we ever have access to, any Facebook data or database allegedly obtained improperly by Cambridge Analytica."

On Sunday, CNBC reported that Facebook is also banning CubeYou, as the company was also collecting information about users through quizzes that were labeled as being "for non-profit academic research," and selling it to third parties. CNBC noted that this is similar to how Cambridge Analytica gained their data set, and indicates that CubeYou was working with researchers at the Psychometrics Lab at Cambridge University. Both Facebook and Cambridge University claimed to be unaware of CubeYou's activity prior to being contacted by CNBC.

Placing limitations on political advertising

Facebook is further restricting who can place political advertisements on their platform, according to an announcement last Friday. The company restricted electoral advertisements to "authorized advertisers" who have had their identity and location confirmed by the company. Now, "issue ads" regarding topics of current interest are similarly being restricted.

WATCH: Cambridge Analytica: The bad poster-child for data misuse (ZDNet)

In a separate blog post, Facebook CEO Mark Zuckerberg noted that "These steps by themselves won't stop all people trying to game the system. But they will make it a lot harder for anyone to do what the Russians did during the 2016 election and use fake accounts and pages to run ads."

The tale of the disappearing executive messages

Simultaneously, Facebook has come under fire for granting Zuckerberg and other high-ranking executives powers over controlling personal information on the platform that are not available to normal users.

Last Thursday, TechCrunch revealed that messages from Zuckerberg sent to other users were remotely deleted from users' inboxes, which the company claimed to TechCrunch was a corporate security measure following the 2014 Sony Pictures hack. The message deletion was part of a "number of changes to protect our executives' communications. These included limiting the retention period for Mark's messages in Messenger. We did so in full compliance with our legal obligations to preserve messages," Facebook said in a statement.

However, Facebook recently announced plans to roll out the "unsend" capability "to all users in several months," and that Zuckerberg will be unable to unsend messages until such time that feature rolls out. TechCrunch's Josh Constine criticised the plan as a move that "could serve to dampen the backlash by making Zuckerberg look like a beta tester of the feature, and eventually normalizing Unsend as a common behavior."

Facing pressure, Zuckerberg will testify before a joint session of the Senate Judiciary and Senate Commerce, Science, and Transportation committees on Tuesday, as well as House Energy and Commerce Committee on Wednesday. He previously declined to testify before a UK parliamentary committee. Facebook is also being investigated by the Italian Antitrust Authority.

In an editorial for ZDNet, Zack Whittaker recounted a handful of other privacy violations and questionable behavior not covered in this article. On Twitter, Edward Snowden pointed to a 2009 BBC interview in which Zuckerberg vowed to not sell user information, stating "This is their information. They own it."

Also see

facebook.jpg
Image: James Martin/CNET

About James Sanders

James Sanders is a Java programmer specializing in software as a service and thin client design, and virtualizing legacy programs for modern hardware.

Editor's Picks

Free Newsletters, In your Inbox