The fallout surrounding Facebook’s role in releasing personal information continues.
Mississippi Attorney General Jim Hood has announced that his office is investigating how the third-party app, “thisisyourdigitallife”, was able to gain access to personal information through Facebook. The app posed as a physiological test that was being done for a professor at the University of Cambridge. The data was to be used at the research level and was then to be destroyed after the research concluded, but in practice, it ended up being used to gather personal information to use in the build-up to the 2016 presidential election.
“That’s how the propaganda gets circulating,” Hood said. “It’s dangerous for our national security to have groups like this infiltrating through Facebook allowing these apps to be set up on their platforms.”
Types of information collected included user location, friends of the user, and user activity on the social media platform, which was then sold to a third party. General Hood is investigating on the grounds that Facebook may have violated the Mississippi Consumer Protection Act by allowing this app to collect this data.
At a press conference, Hood stated that the social media conglomerate may have been aware of the activity as early as 2015, but have just now admitted to the potential breach. Hood served Facebook with a “litigation hold notice” which calls on the company to preserve “both paper and electronic documents that would provide information relating to this investigation.”
Hood mentioned that while the company may be taking steps to improve privacy settings, consumers cannot rely on them to secure their data and must continue to watch what they post and what type of agreements they enter into.
“Regulation has become such a dirty word that people don’t pay attention to it, but people expect that if it’s on the internet, it’s an app and it’s on Facebook, they’ll be able to trust it, but there are no rules to make Facebook do the right thing to properly verify these apps,” he said.
Facebook CEO Mark Zuckerberg has stated that he would testify before Congress to answer questions about the site’s issues and security, and General Hood says that it would be beneficial if he is asked meaningful questions.
Hood joined 36 Attorney Generals across the country by sending a separate letter to Zuckerberg, addressing several questions they believe would clear up some of the confusion over the scandal. Those questions were listed in a media release from Hood’s office.
- Were those terms of service clear and understandable?
- How did Facebook monitor what these developers did with all the data that they collected?
- What type of controls did Facebook have over the data given to developers?
- Did Facebook have protective safeguards in place, including audits, to ensure developers were not misusing the Facebook user’s data?
- How many users in the states of the signatory Attorneys General were impacted?
- When did Facebook learn of this breach of privacy protections?
- During this timeframe, what other third-party “research” applications were also able to access the data of unsuspecting Facebook users?
Hood also stated that while Facebook may be in the news right now, they are not the only company that uses personal data.
“These companies are entrusted with our most personal information and need to be held accountable when they breach that trust. This is why we sued Google, which mined the data of students who used their educational software. We also took the issue to Congress, which just recently passed a bill that no longer gives immunity to websites that allow advertisers like backpage.com to advertise for child sex trafficking. Now we’re investigating Facebook, another everyday platform people use that is all the while collecting their personal information. Federal government is no longer big brother—these internet companies are big brother, and there have to be rules they must follow.” he stated.
While certain apps include a terms & conditions agreement, Hood stated that there needs to a clear summary for consumers and a more determined effort to inform users when their information may be at risk. The investigation will seek to determine how many Mississippians were potentially affected by the data breach.