In another case linked to an online personality quiz misusing data of Facebook users, the data of a further three million people was available on an unprotected website that could have been accessed by unauthorised parties.
I know, it sounds like a title from a satirical post, but it’s not. The Cambridge Analytica scandal was not the only time that the data of Facebook users was harvested and poorly stored or mismanaged. According to New Scientist, data like people’s names, ages, genders, and relationship status – and even some status updates – of 3 million people was stored insecurely on a website that wasn’t protected properly. The data came from another online personality quiz called myPersonality which had over 6 million participants. Only half of these participants agreed to have their information shared with researchers.
However, over 280 people had access to the data through a collaborative website, which was so poorly protected that its password could be found within a minute of an online search, according to New Scientist’s report. With that password, virtually anyone could have access to a trove of information on around 3 million Facebook users.
In Cambridge Analytica’s case it was more than 87 million people, so the amount doesn’t sound that great. However, it’s not insignificant. Also, both cases had one researcher in common. You guessed it: Aleksandr Kogan.
Kogan created thisisyourdigitallife (the personality test of Cambridge Analytica fame), but was listed as part of the myPersonality project until mid-2014. The University of Cambridge has responded saying that myPersonality was started before the person who created it was even at the university, so it wasn’t ever flagged for an ethics review.
In any case, we still don’t know whether any of the data was accessed by third parties who should not have, but Facebook has said it is investigating the app. Just like the roughly 200 apps that were banned as a result of Facebook’s investigations, it too will be banned if anything unsavoury is found.