[ad_1]
A long-sought-after internal document, obtained by NBC News on Friday morning and made public by Facebook and the Washington attorney general's office, calls into question what was done and when the social media giant first learned about the violation of the confidentiality of tens of millions of private users. The data.
The document reveals that Facebook has learned of the existence of unconfirmed reports of a potential data breach in September 2015. The company then attempted to resolve the problem, but was not informed of it. magnitude of the problem until the publication of a Guardian report in December 2015.
The timeline is important because Facebook CEO Mark Zuckerberg said developer Aleksandr Kogan had sold user data to Cambridge Analytica, a violation of Facebook's policy prohibiting researchers from selling or sharing data with third parties.
However, the Securities and Exchange Commission filed a complaint in July claiming that Facebook's employees had "requested an investigation" into the "possible" erasure "of the Cambridge data in September 2015 – three months before the Guardian report was released.
Facebook's critics cited the apparent disparity between Zuckerberg's testimony and the SEC complaint as evidence that company executives ignored employees' concerns or misled the public about what the giant's social media knew and when.
The document, a record of correspondence between Facebook employees, suggests that the SEC and Zuckerberg are right: the employees asked for an investigation – and opened an investigation – on "a possible" scraping "" in September. But they did not learn that Kogan had sold the data to Cambridge Analytica and violated Facebook's policy until the story was made public in December 2015.
The problem was first brought to the attention of Facebook on September 29, 2015 by a political partner who was curious about the privacy policy settings of the company. At first, an employee said he was worried that Facebook's many political partners might be "on the limit" of the policy and "possibly out of date".
Another employee replied, "I'm passing this information to DevOps for the initial review, they can help investigate … Generally speaking, it's possible that these services may be on our terms, but it's also possible that is not the case. "
The next day, an employee wrote: "I imagine that it would be very difficult to engage in a data cleansing activity such as you have described while remaining compliant. [Facebook’s privacy policy]"But later in the day, another employee wrote," It is very likely that these companies will not violate any of our conditions. "
The debate continued and on October 13, an employee stated that "there are probably some data policy violations here".
But a week later, on October 20, another employee wrote that there appeared to be a data breach, "it's hard to understand precisely what they're abusing without having a conversation" with the partners in question.
From October 20 to the morning of December 11, most of the correspondence focused on employees' efforts to make calls with political partners, some of whom were "slow to respond".
Then, on December 11 at 9:45 am, an employee wrote, "Can you speed up the review of Cambridge Analytica or let us know what are the next steps?" Unfortunately, this company is now a public relations problem because this story is on the front page of the Guardian website. "
At 10:06, an employee wrote: "It's good morning [high priority] at this point … We need to fix this as soon as possible. "
The Guardian story stated, among other things, that Kogan's private company, Global Science Research, had signed a contract with Cambridge Analytica's parent company to provide them with Facebook user data.
After reading the Guardian report at 10:11 am, an employee wrote: "Here is a link to Global Science Research, the for-profit branch of [Cambridge Analytica] mentioned in the article. "
The employee added, "We had not heard of that. [organization] before the article. "
[ad_2]
Source link