Meta to Pay Millions for Data Leak That Enabled Psychological Political Warfare

Meta data privacy

Meta Platforms, the owner of Facebook, Instagram and Whatsapp, has agreed to pay the largest ever settlement sum agreed upon in a US data privacy class action. The company is to pay $725 million to settle a lawsuit which has been ongoing since 2018. 

The litigation surrounded the world-famous data scandal involving Cambridge Analytica (CA), a political consultancy. The affair caused a global furore after it was uncovered that CA had used the private data of tens of millions of Facebook users to build psychological profiles. As reported by Vox, there have long been claims that CA’s “sophisticated understanding of human psychology helps it target and persuade people of its clients’ preferred message.” An ex-CA employee described the company’s technology as “Steve Bannon’s psychological warfare mindf*** tool.” The data in question was sold to Donald Trump’s 2016 presidential campaign, and the purpose of the psycho-profiling was to target and influence the American electorate. 

Where does Meta come in?

Meta is implicated in this ordeal in that CA should never have been able to obtain the data. The lawsuit accused Meta of enabling the data leak, which the company has never accepted. Former CA employee-turned-whistleblower, Cristopher Wylie, reports that CA obtained the Facebook data from a Russian-American researcher who worked at the University of Cambridge, Aleksandr Kogan. 

The simple account of Kogan’s data obtention is that he deployed an app on Facebook that he himself had built. The app was a quiz, and collected relevant data not only from quiz-takers, but from the contacts in their “friends” lists as well, which it was only capable of because it exposed a loophole in Facebook’s application programming interface. Crucially, Facebook prohibited the sale of data harvested in that way, but that didn’t stop CA from selling it. 

Meta founder, Mark Zuckerberg, addressed the incident in a Facebook post at the time of the data leak scandal. In it, he did not apologise, nor did he offer any clarity on how the breach had been able to occur. The settlement, which was detailed in a court filing released last week, does not require Meta to admit any wrongdoing, but Meta’s claim of innocence is of frail legitimacy. Sandy Parakilas, who used to work in data privacy at Facebook, has said that there’s not always agreement within the company on how to prioritise user protection. 

“The people whose job is to protect the user always are fighting an uphill battle against the people whose job is to make money for the company,” Parakilas told the New York Times

Related Articles: The EU Hosted a ‘Gala’ Party in the Metaverse. Here’s How it WentSocial Media: The Dumpster Fire Burns More GarbageWhy has Meta Cut 13% of its Workforce?The Metaverse: How Will It Impact the Young?

Meta has promised that it has “revamped [its] approach to privacy and implemented a comprehensive privacy program.” The court filing lays out that the settlement will cover approximately 250 – 280 million Facebook users, and that the amount each user receives depends on the number of valid data privacy claims submitted. This was not Facebook’s first nor heftiest privacy-related payout: in 2019, the company paid $5 billion to settle an investigation into its privacy practices by the Federal Trade Commission, and $100 million to resolve claims by the U.S. Securities and Exchange Commission that it deceived investors about the misuse of users’ data, reports Reuters

Meta and its privacy practices are no strangers to hot water. But for a company which is valued at nearly $313 billion, paying to dissipate claims is barely a spanner in the works. This begs the question: are these payouts adequate accountability mechanisms? 

May the best man win…?

One of the key questions raised by the scandal is where the limits of campaigning should lie. Of course, CA obtained their data illegitimately, but should “psy-ops” generally be accepted as a crafty element of campaign politics? It is no controversial take that political dynamics are far more convoluted than what meets the public eye. But the outrage that met the Cambridge Analytica scandal suggests that using private data for the purposes of calculated psychological manipulation, might be a step too far removed from knocking on doors and explaining one’s manifesto. 

Cambridge Analytica served as a reminder of the power that non-political entities – with deep pockets – have to sway elections. Now defunct, CA was principally owned by Robert Mercer, a famously right-wing big data billionaire who donated $13.5 million to Donald Trump’s presidential campaign. 

Mercer’s financial involvement in politics extends far beyond Trump; since 2010, he has donated $45 million to exclusively Republican campaigns, and $50 million to right-wing, “ultra-conservative” non-profits. Most voters are unlikely to be aware of the influence that private actors like Mercer are exerting on elections, which makes them more susceptible to the manipulation in question. To say that psy-ops are ethically controversial is an understatement. It is imperative to consider how to protect democracy in the wake of these modern political tools. 

In addition, the fact that these tools are deployed in the digital realm showcases the vulnerability of elections to foreign manipulation. The implications of breaches like this one are so vast, that companies like Meta simply cannot afford shortcomings in the infrastructure that protects users’ personal data. 

Editor’s Note: The opinions expressed here by the authors are their own, not those of — In the Featured Photo: Mark Zuckerberg’s Keynote Speech at F8 2018. Featured Photo Credit: Anthony Quintano/Flickr