‘More than 600 apps had access to my iPhone data’

While Facebook desperately tightens controls over how third parties access its users’ data – trying to mend its damaged reputation – attention is focusing on the wider issue of data harvesting and the threat it poses to our personal privacy.

Data harvesting is a multibillion dollar industry and the sobering truth is that you may never know just how much data companies hold about you, or how to delete it.

That’s the startling conclusion drawn by some privacy campaigners and technology companies.

“Thousands of companies are in the business of harvesting your data and tracking your online behaviour,” says Frederike Kaltheuner, data programme lead for lobby group Privacy International.

“It’s a global business. And not just online, but offline, too, via loyalty cards and wi-fi tracking of your mobile. It’s almost impossible to know what’s happening to your data.”

The really big data brokers – firms such as Acxiom, Experian, Quantium, Corelogic, eBureau, ID Analytics – can hold as many as 3,000 data points on every consumer, says the US Federal Trade Commission.

Ms Kaltheuner says more than 600 apps have had access to her iPhone data over the last six years. So she’s taken on the onerous task of finding out exactly what these apps know about her.

“It could take a year,” she says, because it involves poring over every privacy policy then contacting the app provider to ask them. And not taking “no” for an answer.

Not only is it difficult to know what data is out there, it is also difficult to know how accurate it is.

“They got my income totally wrong, they got my marital status wrong,” says Pamela Dixon, executive director of the World Privacy Forum, another privacy rights lobby group.

She was examining her record with one of the merchants that scoop up and sell data on individuals around the globe.

She found herself listed as a computer enthusiast – “which is a bit annoying, I’m not running around buying computers every day” – and as a runner, though she’s a cyclist.

Susan Bidel, senior analyst at Forrester Research in New York, who covers data brokers, says a common belief in the industry is that only “50% of this data is accurate”.

So why does any of this matter?

Because this “ridiculous marketing data”, as Ms Dixon calls it, is now determining life chances.

Consumer data – our likes, dislikes, buying behaviour, income level, leisure pursuits, personalities and so on – certainly helps brands target their advertising dollars more effectively.

But its main use “is to reduce risk of one kind or another, not to target ads,” believes John Deighton, a professor at Harvard Business School who writes on the industry.

We’re all given credit scores these days.

If the information flatters you, your credit cards and mortgages will be much cheaper, and you will pass employment background checks more easily, says Prof Deighton.

But these scores may not only be inaccurate, they may be discriminatory, hiding information about race, marital status, and religion, says Ms Dixon.

“An individual may never realize that he or she did not receive an interview, job, discount, premium, coupon, or opportunity due to a low score,” the World Privacy Forum concludes in a report.

Collecting consumer data has been going on for as long as companies have been trying to sell us stuff.

As far back as 1841, Dun & Bradstreet collected credit information and gossip on possible credit-seekers. In the 1970s, list brokers offered magnetic tapes containing data on a bewildering array of groups: holders of fishing licences, magazine subscribers, or people likely to inherit wealth.

But nowadays, the sheer scale of online data has swamped the traditional offline census and voter registration data.

Much of this data is aggregated and anonymised, but much of it isn’t. And many of us have little or no idea how much data we’re sharing, often because we agree to online terms and conditions without reading them. Perhaps understandably.

Two researchers at Carnegie Mellon University in the US worked out that if you were to read every privacy policy you came across online, it would take you 76 days, reading eight hours a day.

And anyway, having to do this “shouldn’t be a citizen’s job”, argues Frederike Kaltheuner, “Companies should have to protect our data as a default.”

Rashmi Knowles from security firm RSA points out that it’s not just data harvesters and advertisers who are in the market for our data.

  • How to protect your Facebook data
  • Facebook suspends Brexit data firm
  • Facebook to warn users in data scandal

    “Often hackers can answer your security question answers – things like date of birth, mother’s maiden name, and so on – because you have shared this information in the public domain,” she says.

    “You would be amazed how easy it is to piece together a fairly accurate profile from just a few snippets of information, and this information can be used for identity theft.”

    So how can we take control of our data?  

    There are ways we can restrict the amount of data we share with third parties – changing browser settings to block cookies, for example, using ad-blocking software, browsing “incognito” or using virtual private networks.

    More Technology of Business

    • Meet the gargantuan air freighter that looks like a whale
    • Reaping the wind with the biggest turbines ever made
    • Making deliveries in a badly mapped world
    • Meet the female ‘artpreneur’ making a splash online
    • Virtual reality as sharp as the human eye can see?

      And search engines like DuckDuckGo limit the amount of information they reveal to online tracking systems.

      But StJohn Deakins, founder and chief executive of marketing firm CitizenMe, believes consumers should be given the ability to control and monetise their data.

      On his app, consumers take personality tests and quizzes voluntarily, then share that data anonymously with brands looking to buy more accurate marketing data to inform their advertising campaigns.

      “Your data is much more compelling and valuable if it comes from you willingly in real time. You can outcompete the data brokers,” he says.

      “Some of our 80,000 users around the world are making £8 a month or donating any money earned to charities,” says Mr Deakins.

      Brands – from German car makers to big retailers – are looking to source data “in an ethical way”, he says.

      “We need to make the marketplace for data much more transparent.”

      • Follow Technology of Business editor Matthew Wall on Twitter and Facebook
        • Click here for more Technology of Business features

The man with (almost) no data trail

No Facebook account. No Twitter. No Instagram.

No smartphone. No tablet. No online banking.

Just an email account accessed at the local library and a chunky Nokia 3210 with a built-in torch.

Felix, not his real name (as you might expect…), lives without the tools and social media accounts that are woven into most of our lives.

For many of us it’s a love-hate relationship – enjoying the regular social contact with friends and family and the efficiencies but lamenting the banality of much of it and the hours it sucks up.

And most recently there’s the matter of the digital trail we leave behind us, the breadcrumbs that social media companies gather up and sell, as we lose track of who knows what about our movements, our needs, our impulses and behaviours.

Felix, a 33-year-old gardener, has been swimming against the tide for years.

In 2018, it may sound like a staunch political statement to veer away from technology and the internet, he says, but, in truth, he just never fancied it.

As new technology emerged and became mainstream, Felix wasn’t drawn to it.

“They weren’t useful to me. I got along without them, like playing the trombone,” he says.

But the world spun several times and a couple of decades later Felix now finds himself something of an anomaly.

People treat him with a sort of low-key admiration and slight bemusement, he says, and when new people see his phone for the first time “they crack up”.

“Most people think if you can live your life that way, good on you. But most wouldn’t want to live like this,” he says.

And don’t write off Felix as someone with little knowledge of the modern world – he is aware of today’s technology used by others his age.

“I would never say you should throw your Alexa in the bin,” he says.

“But it is easier to have a natural human engagement with the world and other people without layers of technology interfering with that.”

  • How to protect your Facebook data
  • If I’ve got your number, so has Facebook
  • Facebook data – are users to blame?

    He does use the internet at the library, going online about twice a week for an hour at a time.

    Typically he’ll work through a list of admin tasks, searching for numbers, addresses, or finding out about a new band – music is his passion. Rarely will he venture onto Facebook or Twitter.

    “When Facebook came out I was interested that it was becoming so popular. So I had a look at a friend’s profile to see the shape of it – that was enough for me. I didn’t touch it for 10 years,” he says.

    Now he might look up a public event advertised on it or scroll through Twitter, albeit without feeling the need to create his own account.

    Asked what he does with all the time he saves by avoiding social media, he laughs and calls it a funny question.

    “Social media is not a fundamental human need. I’m just not sure people were wandering round in 1995 thinking it’s a crying shame I don’t know what Kim Kardashian had for lunch.”

    There are no computers at his family home in Kent, where he lives with his parents, and no tablets or Netflix, just a Freeview box and a TV.

    “I don’t have a hunger for the new thing.

    “If I don’t see Game of Thrones, I assume it will be around for a long time. It diffuses the immediate requirement to gobble things up,” he says.

    But he is on the electoral register and his home number is in the phone book. This type of public data bothers Felix less.

    “It’s older, more firmly established. It was not driven by a thirst for monetising thoughts and personality. It was more expressly an exchange,” he says.

    He also carries an Oyster travelcard, meaning authorities could track his movements around the capital.

    “I don’t love the fact that someone could find out where I’m travelling to in London, but my thinking isn’t fuelled by paranoia.”

    Being traceable is an unpleasant symptom of life today, he says, and if he can avoid his life being publicly available, he will.

    Felix says he expects to see a few more people leave Facebook and chop up their credit cards as a sort of political statement but believes the uptake is so complete and the digital footprint is so deep, most of us are welded to it – it’s how we process our world.

    At times, this interview has been uncomfortable for Felix, who asked us not to share his real name.

    “I am quite far away from having a digital identity,” he says. “It’s quite a big step for me to have something documented for me online.”

    But he says he can understand the interest in his own non-digital stance, given the recent attention around Facebook and what it does with our data.

    News that the social network users’ data is harvested and sold without explicit permission did not come as a surprise to Felix but he does find it distasteful that Facebook packages itself with a friendly face as though it’s more than just a business.

    Does he feel relieved that his own data was never at risk?

    “There is a small part of me that thinks it’s nice I don’t have to have that on my mind,” he replies.

    Felix says he has no intention of changing tack, despite everyone around him, including his older brother, having “normal” attitudes towards technology.

    But, surely, there must be something he feels he is missing out on? Breaking news updates, social gossip, looking through pictures of events he has attended?

    Finally, he cracks… but just a little.

    “I’m indifferent to pictures of that gig, that dinner we went to, but I do have a pang about the wedding pictures I might miss seeing. I don’t get to see them because no hard copies exist of them.”

    But is that enough incentive for Felix to get a Facebook account, to surrender to a world of likes and random friend requests. Still his answer remains an emphatic “no”.

Facebook boss apologises in UK and US newspaper ads

Facebook boss Mark Zuckerberg has taken out full-page adverts in several UK and US Sunday newspapers to apologise for the firm’s recent data privacy scandal.

He said Facebook could have done more to stop millions of users having their data exploited by political consultancy Cambridge Analytica in 2014.

“This was a breach of trust, and I am sorry,” the back-page ads state.

It comes amid reports Facebook was warned its data protection policies were too weak back in 2011.

The full-page apology featured in broadsheets and tabloids in the UK, appearing on the back page of the Sunday Telegraph, Sunday Times, Mail on Sunday, Observer, Sunday Mirror and Sunday Express.

In the US, it was seen by readers of the New York Times, Washington Post and Wall Street Journal.

  • Facebook’s Zuckerberg speaks out over Cambridge Analytica ‘breach’
  • Facebook boss summoned over data claims

    In the advert, Mr Zuckerberg said a quiz developed by a university researcher had “leaked Facebook data of millions of people in 2014”.

    “I’m sorry we didn’t do more at the time. We’re now taking steps to make sure this doesn’t happen again,” the tech chief said.

    It echoes comments Mr Zuckerberg made last week after reports of the leak prompted investigations in Europe and the US, and knocked billions of dollars of Facebook’s market value.

    Mr Zuckerberg repeated that Facebook had already changed its rules so no such breach could happen again.

    “We’re also investigating every single app that had access to large amounts of data before we fixed this. We expect there are others,” he stated.

    “And when we find them, we will ban them and tell everyone affected.”

    The ads contained no mention of the political consultancy accused of using the leaked data, Cambridge Analytica, which worked on US President Donald Trump’s 2016 campaign.

    The British firm has denied wrongdoing.

    What is the row about?

    In 2014, Facebook invited users to find out their personality type via a quiz developed by Cambridge University researcher, Dr Alexsandr Kogan called This is Your Digital Life.

    About 270,000 users’ data was collected, but the app also collected some public data from users’ friends without their knowledge.

    Facebook has since changed the amount of data developers can gather in this way, but a whistleblower, Christopher Wylie, says the data of about 50 million people was harvested for Cambridge Analytica before the rules on user consent were tightened up.

    Mr Wylie claims the data was sold to Cambridge Analytica which then used it to psychologically profile people and deliver pro-Trump material to them during the 2016 US presidential election campaign.

    Facebook has said Dr Kogan passed this information on to Cambridge Analytica without its knowledge. And Cambridge Analytica has blamed Dr Kogan for any potential breach of data rules.

    But Dr Kogan has said he was told by Cambridge Analytica everything they had done was legal, and that he was being made a “scapegoat” by the firm and Facebook.

    Did Facebook get a warning seven years ago?

    As first reported in the Sunday Telegraph, Ireland’s Data Protection Commissioner (DPC) warned Facebook’s security policies were too weak to stop abuse in 2011, some three years before the breach took place.

    Following an audit, the DPC said relying on developers to follow information rules in some cases was not good enough “to ensure security of user data”.

    It also said Facebook processes to stop abuse were not strong enough to “assure users of the security of their data once they have third party apps enabled”.

    Facebook said it strengthened its protections following the recommendations and was told it had addressed the DPC’s original concerns after a second audit in 2012. The tech firm also said it changed its platform entirely in 2014 with the regulator’s recommendations in mind.

If I’ve got your number, so has Facebook

Suddenly lots of people are waking up and asking themselves questions about Facebook. How much data am I sharing with the social media giant? Did I really give permission for it to be collected and stored?

And, even more seriously, have I handed over my friends’ data to be stored on some Californian server?

I am one of those people and what I’ve discovered has left me somewhat shocked. Over the weekend I got hold of my Facebook data. It’s easy enough, you go to settings, then general account settings and click on download my data.

An hour or so later an email arrived with a link to click and I was downloading a 675MB folder chronicling all of my life on the network since I signed up in 2007.

Big numbers

At first sight there was nothing very troubling – I would expect all the photos and videos I’d ever posted to be there, and scrolling down my timeline provided an entertaining glimpse of my life over the last decade.

I did notice that for some years every song I’d listened to on Spotify was listed, a handy reminder that when you link any external app to Facebook it then gathers a lot more data about you.

But then I clicked on a file called contacts. I was taken aback to find my entire contact list, thousands of phone numbers. Now this was not limited to Facebook friends and included many people in the public eye who might be disturbed to find that their private numbers were stored in this way.

  • Tech Tent: Facebook’s data privacy crisis
  • Facebook’s biggest challenge yet
  • WhatsApp co-founder says it is time to delete Facebook
  • Zuckerberg in 2009: Facebook privacy is central

    I cannot remember what happened when I set up my Facebook account back in 2007 – in those naive days I could well have clicked yes when invited to upload my contacts so that I could see who else was part of this new young community. So, my fault I suppose.

    Then I noticed that at the top of the list were some numbers that cannot have been sucked into the Facebook machine a decade ago because I had only added them in recent weeks. They included, ironically, the mobile number of Carole Cadwalladr, the journalist who has blown open the whole story of Cambridge Analytica and Facebook.

    So this means that every time I enter a new number into my phone’s database, it somehow ends up with Facebook – the company is in effect monitoring me.

    This is not the most startling example of Facebook’s data collection. At least one user has reported that all of his text messages from an Android phone have somehow ended up being stored by Mark Zuckerberg’s company.

    Even if Facebook users agree to share this data, their friends whose numbers or text messages are being collected almost certainly have not. And even if those people have never joined Facebook – or have decided to delete their accounts – it looks as though some of their data will stay with the social network as long as the people who provided it remain.

    Facebook says that uploading your contacts is a normal part of signing up with many messaging or social apps – and insists that users are given a clear choice.

    People are expressly asked if they want to give permission to upload their contacts from their phone – it’s explained right there in the apps when you get started. People can delete previously uploaded information at any time.

    The company is right to say this is common practice. And if you think it is creepy that Facebook is storing this information, what about Apple’s iCloud where millions store their iPhone data, including their contacts?

    In any case, Facebook insists it never shares this data with anyone else. The problem is that its business model, unlike Apple’s, depends on exploiting its users’ data. And given what they have learned over the last week about how that information may have been used, many Facebook users may not be inclined to give it the benefit of the doubt.

Facebook boss apologises in UK and US newspaper ads

Facebook boss Mark Zuckerberg has taken out full-page adverts in several UK and US Sunday newspapers to apologise for the firm’s recent data privacy scandal.

He said Facebook could have done more to stop millions of users having their data exploited by political consultancy Cambridge Analytica in 2014.

“This was a breach of trust, and I am sorry,” the back-page ads state.

It comes amid reports Facebook was warned its data protection policies were too weak back in 2011.

The full-page apology featured in broadsheets and tabloids in the UK, appearing on the back page of the Sunday Telegraph, Sunday Times, Mail on Sunday, Observer, Sunday Mirror and Sunday Express.

In the US, it was seen by readers of the New York Times, Washington Post and Wall Street Journal.

  • Facebook’s Zuckerberg speaks out over Cambridge Analytica ‘breach’
  • Facebook boss summoned over data claims

    In the advert, Mr Zuckerberg said a quiz developed by a university researcher had “leaked Facebook data of millions of people in 2014”.

    “I’m sorry we didn’t do more at the time. We’re now taking steps to make sure this doesn’t happen again,” the tech chief said.

    It echoes comments Mr Zuckerberg made last week after reports of the leak prompted investigations in Europe and the US, and knocked billions of dollars of Facebook’s market value.

    Mr Zuckerberg repeated that Facebook had already changed its rules so no such breach could happen again.

    “We’re also investigating every single app that had access to large amounts of data before we fixed this. We expect there are others,” he stated.

    “And when we find them, we will ban them and tell everyone affected.”

    The ads contained no mention of the political consultancy accused of using the leaked data, Cambridge Analytica, which worked on US President Donald Trump’s 2016 campaign.

    The British firm – which has no connection with Cambridge University – has denied wrongdoing.

    What is the row about?

    In 2014, Facebook invited users to find out their personality type via a quiz developed by Cambridge University researcher, Dr Alexsandr Kogan called This is Your Digital Life.

    About 270,000 users’ data was collected, but the app also collected some public data from users’ friends without their knowledge.

    Facebook has since changed the amount of data developers can gather in this way, but a whistleblower, Christopher Wylie, says the data of about 50 million people was harvested for Cambridge Analytica before the rules on user consent were tightened up.

    Mr Wylie claims the data was sold to Cambridge Analytica which then used it to psychologically profile people and deliver pro-Trump material to them during the 2016 US presidential election campaign.

    Facebook has said Dr Kogan passed this information on to Cambridge Analytica without its knowledge. And Cambridge Analytica has blamed Dr Kogan for any potential breach of data rules.

    But Dr Kogan has said he was told by Cambridge Analytica everything they had done was legal, and that he was being made a “scapegoat” by the firm and Facebook.

    Did Facebook get a warning seven years ago?

    As first reported in the Sunday Telegraph, Ireland’s Data Protection Commissioner (DPC) warned Facebook’s security policies were too weak to stop abuse in 2011, some three years before the breach took place.

    Following an audit, the DPC said relying on developers to follow information rules in some cases was not good enough “to ensure security of user data”.

    It also said Facebook processes to stop abuse were not strong enough to “assure users of the security of their data once they have third party apps enabled”.

    Facebook said it strengthened its protections following the recommendations and was told it had addressed the DPC’s original concerns after a second audit in 2012. The tech firm also said it changed its platform entirely in 2014 with the regulator’s recommendations in mind.

The week Facebook’s value plunged $58bn

Facebook ended the week $58bn lower in value after its handling of a historic data breach.

Its founder Mark Zuckerberg apologised for data breaches that affected 50 million users.

The apology did not stop investors from selling shares in Facebook, with many wondering just how bad the damage would be for the social network.

The breach was called a “light bulb” moment for users, spawning the social media trend #deletefacebook.

All the negative headlines led to some advertisers saying “enough is enough”.

Shares in the social media company fell from $176.80 on Monday to around $159.30 by Friday night.

Will the shares recover?

Facebook’s initial public offering in 2012 priced shares at $38 each, giving the company a market valuation of close to $104bn.

Following steady user growth and a dominant space in the digital advertising market ensuring revenues, Facebook’s share price climbed to $190 by February this year.

Brian Wieser, senior analyst at Pivotal Research, said he had one of the most negative outlooks for Facebook’s share price on Wall Street.

“I had a $152 price target on Facebook for 2018 – and that was before the events of this week”.

Mr Wieser said the share price slump showed investors were wary of increased regulation and users leaving the platform “but there’s little risk of advertisers leaving Facebook. Where else would they go?”

Hargreaves Lansdown senior analyst Laith Khalaf said the week had been a “damaging episode” in Facebook’s history.

“One of the secrets of Facebook’s success has been that the more people who use Facebook, the more integral it becomes to its customers. Unfortunately for Facebook, the same dynamic cuts in the opposite direction if it loses a meaningful number of users as a result of this scandal. “

What has been the response from advertisers?

Advertising firm M&C Saatchi’s founding director David Kershaw said the revelations that a 2014 Facebook quiz essentially harvested data from users and their connected friends without consent have led to a backlash from advertisers.

“Clients have come to the point, quite rightly, where enough is enough, ” Mr Kershaw said.

Advertisers Mozilla and Commerzbank on Wednesday suspended ads on the social media platform.

On Friday tech entrepreneur Elon Musk had the official Facebook pages for his companies Telsa and Space X deleted.

“Make no mistake Facebook is an amazing medium from the advertiser’s point of view because of the accuracy of its targeting – which comes from data. But I think those large companies are very nervous to be associated with a medium where the data is being abused, particularly in a political context,” Mr Kershaw said.

Mr Kershaw told the BBC any change in Facebook’s data protection policy was more likely to come from the threat of a withdrawal of “hard money from advertisers rather than consumers running hashtag [campaigns] on Twitter,” referring to the #DeleteFacebook and #BoycottFacebook hashtags that have become popular.

UK advertising group ISBA met Facebook on Friday and said its “constructive and challenging” summit had convinced the group that the social media company was taking steps to “rapidly address public and advertiser concerns”, including app audits and face-to-face meetings with individual UK advertising clients.

It will take some time before it becomes clear if the advertising industry’s dissatisfaction with Facebook leads to them actually pulling their money out of the social network, or whether the howls of condemnation amount to mere posturing from a group of concerned clients.

Has Zuckerberg done enough to reassure people?

The Facebook founder tried to reassure users “the most important actions to prevent this from happening again today we have already taken years ago.”

However, Passion Capital tech investor Eileen Burbidge, who is also on the Prime Minister’s Business Advisory Group, said Facebook’s reassurance to users and clients took too long.

“The fact that it took them five days to come out with a statement, which happened to be a fair, sensible and comprehensive statement, was just far too long,” Mrs Burbidge said.

“I think they were just really tone deaf for too many days.”

The technology venture capitalist said Facebook underestimated the consumer backlash that occurred once their data was used for political purposes.

Cambridge Analytica is at the centre of a row over whether it used the personal data of millions of Facebook users to sway the outcome of the US 2016 presidential election and the UK Brexit referendum.

“Some people are using the term ‘political manipulation’.

“They [Facebook] assumed they had already taken care of this… as they had already changed their terms of service, for example,” Mrs Burbidge said.

In Mr Zuckerberg’s online statement he offered a timeline of how Facebook’s data permission agreements with users and other companies had changed since the 2014 personality quiz app was able to scrape data from quiz takers and their contacts without their express permission.

Mrs Burbidge said there may need to be new regulation over political campaigning “which really hasn’t kept up with social media”.

What will Facebook users do?

Technology writer Kate Bevan said the week’s events have woken Facebook’s users up to the fact that the platform’s games, quizzes and apps could harvest their data for more serious intents.

“This week feels to me like a real light bulb moment where people are understanding that it’s not just clicking ‘like’ on Facebook, it’s giving your data away”.

The sentiment was echoed by the European Union’s commissioner for justice, consumers and gender equality Vera Jourova who said the Cambridge Analytica allegations had been “a huge wake-up call” for Facebook users about the demand for their data.

“The tiger has gotten out of the cage”.

The week Facebook’s value plunged $58bn

Facebook ended the week $58bn lower in value after its handling of a historic data breach.

Its founder Mark Zuckerberg apologised for data breaches that affected 50 million users.

The apology did not stop investors from selling shares in Facebook, with many wondering just how bad the damage would be for the social network.

The breach was called a “light bulb” moment for users, spawning the social media trend #deletefacebook.

All the negative headlines led to some advertisers saying “enough is enough”.

Shares in the social media company fell from $176.80 on Monday to around $159.30 by Friday night.

Will the shares recover?

Facebook’s initial public offering in 2012 priced shares at $38 each, giving the company a market valuation of close to $104bn.

Following steady user growth and a dominant space in the digital advertising market ensuring revenues, Facebook’s share price climbed to $190 by February this year.

Brian Wieser, senior analyst at Pivotal Research, said he had one of the most negative outlooks for Facebook’s share price on Wall Street.

“I had a $152 price target on Facebook for 2018 – and that was before the events of this week”.

Mr Wieser said the share price slump showed investors were wary of increased regulation and users leaving the platform “but there’s little risk of advertisers leaving Facebook. Where else would they go?”

Hargreaves Lansdown senior analyst Laith Khalaf said the week had been a “damaging episode” in Facebook’s history.

“One of the secrets of Facebook’s success has been that the more people who use Facebook, the more integral it becomes to its customers. Unfortunately for Facebook, the same dynamic cuts in the opposite direction if it loses a meaningful number of users as a result of this scandal. “

What has been the response from advertisers?

Advertising firm M&C Saatchi’s founding director David Kershaw said the revelations that a 2014 Facebook quiz essentially harvested data from users and their connected friends without consent have led to a backlash from advertisers.

“Clients have come to the point, quite rightly, where enough is enough, ” Mr Kershaw said.

Advertisers Mozilla and Commerzbank on Wednesday suspended ads on the social media platform.

On Friday tech entrepreneur Elon Musk had the official Facebook pages for his companies Telsa and Space X deleted.

“Make no mistake Facebook is an amazing medium from the advertiser’s point of view because of the accuracy of its targeting – which comes from data. But I think those large companies are very nervous to be associated with a medium where the data is being abused, particularly in a political context,” Mr Kershaw said.

Mr Kershaw told the BBC any change in Facebook’s data protection policy was more likely to come from the threat of a withdrawal of “hard money from advertisers rather than consumers running hashtag [campaigns] on Twitter,” referring to the #DeleteFacebook and #BoycottFacebook hashtags that have become popular.

UK advertising group ISBA met Facebook on Friday and said its “constructive and challenging” summit had convinced the group that the social media company was taking steps to “rapidly address public and advertiser concerns”, including app audits and face-to-face meetings with individual UK advertising clients.

It will take some time before it becomes clear if the advertising industry’s dissatisfaction with Facebook leads to them actually pulling their money out of the social network, or whether the howls of condemnation amount to mere posturing from a group of concerned clients.

Has Zuckerberg done enough to reassure people?

The Facebook founder tried to reassure users “the most important actions to prevent this from happening again today we have already taken years ago.”

However, Passion Capital tech investor Eileen Burbidge, who is also on the Prime Minister’s Business Advisory Group, said Facebook’s reassurance to users and clients took too long.

“The fact that it took them five days to come out with a statement, which happened to be a fair, sensible and comprehensive statement, was just far too long,” Mrs Burbidge said.

“I think they were just really tone deaf for too many days.”

The technology venture capitalist said Facebook underestimated the consumer backlash that occurred once their data was used for political purposes.

Cambridge Analytica is at the centre of a row over whether it used the personal data of millions of Facebook users to sway the outcome of the US 2016 presidential election and the UK Brexit referendum.

“Some people are using the term ‘political manipulation’.

“They [Facebook] assumed they had already taken care of this… as they had already changed their terms of service, for example,” Mrs Burbidge said.

In Mr Zuckerberg’s online statement he offered a timeline of how Facebook’s data permission agreements with users and other companies had changed since the 2014 personality quiz app was able to scrape data from quiz takers and their contacts without their expressed permission.

Mrs Burbidge said there may need to be new regulation over political campaigning “which really hasn’t kept up with social media”.

What will Facebook users do?

Technology writer Kate Bevan said the week’s events have woken Facebook’s users up to the fact that the platform’s games, quizzes and apps could harvest their data for more serious intents.

“This week feels to me like a real light bulb moment where people are understanding that it’s not just clicking ‘like’ on Facebook, it’s giving your data away”.

The sentiment was echoed by the European Union’s commissioner for justice, consumers and gender equality Vera Jourova who said the Cambridge Analytica allegations had been “a huge wake-up call” for Facebook users about the demand for their data.

“The tiger has gotten out of the cage”.

Cambridge Analytica taken to court over data storage

A US citizen is taking Cambridge Analytica to court to get access to data he says it holds on him.

Prof David Carroll filed his legal challenge on the same day Facebook announced it had banned the company from its network.

He also wants Cambridge Analytica to disclose how it came up with the psychographic profile it had on him.

Legal experts believe the case could set a precedent for how such companies collect data.

Prof Carroll, who is an associate professor at Parsons School of Design in New York, requested a breakdown of the data Cambridge Analytica held on him when it emerged the company had built profiles on up to 240 million Americans.

Pressure mounts on Zuckerberg to face data breach concerns

Facebook founder and chief executive Mark Zuckerberg is facing intensified calls to appear in person at investigations into the social network’s conduct.

His company has been accused of failing to properly inform users that their profile information may have been obtained and kept by Cambridge Analytica, a data firm widely-credited with helping Donald Trump win the 2016 US presidential election.

Facebook said on Friday it had blocked Cambridge Analytica from Facebook while it investigated claims the London-based firm did not, as promised, delete data that was allegedly obtained using methods that were in violation of Facebook’s policies.

Both Cambridge Analytica and Facebook deny any wrongdoing.

Despite pledging that in 2018 he would “fix” his company, Facebook founder Mark Zuckerberg has managed to avoid engaging with the site’s growing number of critics – instead sending lawyers or policy bosses to various committee hearings.

The man in charge of Britain’s investigation into Russian meddling in the democratic process said he too wanted to press Mr Zuckerberg on the issue.

“I will be writing to Mark Zuckerberg asking that either he or another senior executive from the company appear to give evidence in front of the committee as part our inquiry,” said Damian Collins MP.

“It is not acceptable that they have previously sent witnesses who seek to avoid asking difficult questions by claiming not to know the answers.”

Mr Collins also said he would be recalling Cambridge Analytica chief executive Alexander Nix to parliament to answer more questions.

“It seems clear that he has deliberately misled the committee and parliament,” Mr. Collins said.

Cambridge Analytica and Mr Nix have denied any wrongdoing.

Deleted tweets

In an attempt to get out ahead of a story in the New York Times and Observer newspapers, Facebook made an announcement late Friday night, California time, that it was blocking Cambridge Analytica from using Facebook while it investigated claims the inappropriately-obtained data had not been deleted as promised.

This was followed by remarks from Alex Stamos, the firm’s chief security officer, who wrote and then deleted a series of tweets. He objected to the word “breach” being used to describe how data from as many as 50 million peoples’ user profiles may have been obtained without explicit user consent.

“I have deleted my tweets on Cambridge Analytica,” he later wrote.

“Not because they were factually incorrect but because I should have done a better job weighing in.”

Christopher Wylie, a Canadian data analytics expert who worked with Cambridge Analytica, revealed how it and its partners harvested data belonging to mostly US voters. Over the weekend, he announced he had been suspended from Facebook.

Skip Twitter post by @chrisinsilico

Suspended by @facebook. For blowing the whistle. On something they have known privately for 2 years. pic.twitter.com/iSu6VwqUdG

— Christopher Wylie (@chrisinsilico) March 18, 2018

Report

End of Twitter post by @chrisinsilico

On top of its initial statement, Facebook on Sunday said it was conducting a “comprehensive internal and external review” into whether the data, gathered via an app created by Global Science Research (GSR), still existed.

GSR was set up by University of Cambridge associate professor Aleksandr Kogan and his colleague Joseph Chancellor. According to the Guardian, Mr Chancellor was given a job at Facebook as a researcher just months after GSR carried out the data-gathering exercise that Facebook now says violated its policies.

Facebook has not commented on the calls for Mr Zuckerberg to appear in front of the several committees expressing a desire to hear from him.

But one analyst warned that this controversy is a direct threat to Facebook’s business model, and therefore Mr Zuckerberg will be expected to put investors at ease, sooner rather than later.

“This has potential to grow into something a lot more onerous,” said Daniel Ives from GBH Insight.

“So he has to get ahead of this storm before it turns into a hurricane.”

View comments