FILE - In this April 18, 2017, file photo, conference workers speak in front of a demo booth at Facebook’s annual F8 developer conference, in San Jose, Calif. Facebook CEO Mark Zuckerberg will testify before Congress next week as authorities investigate allegations that the political data-mining firm Cambridge Analytica inappropriately accessed data on millions of Facebook users to influence elections. (AP Photo/Noah Berger, File)

Facebook: Most users may have had public data ‘scraped’

CEO Mark Zuckerberg will testify before Congress next week as authorities investigate allegations that a political data-mining firm inappropriately accessed data on millions of Facebook users

Facebook’s acknowledgement that most of its 2.2 billion members have probably had their personal data scraped by “malicious actors” is the latest example of the social network’s failure to protect its users’ data.

Not to mention its apparent inability to even identify the problem until the company was already embroiled in scandal.

CEO Mark Zuckerberg told reporters Wednesday that Facebook is shutting down a feature that let people search for Facebook users by phone number or email address. Although that was useful for people who wanted to find others on Facebook, it turns out that unscrupulous types also figured out years ago that they could use it to identify individuals and collect data off their profiles.

Related: Facebook’s Zuckerberg to testify before House panel on April 11

The scrapers were at it long enough, Zuckerberg said, that “at some point during the last several years, someone has probably accessed your public information in this way.”

The only way to be safe would have been for users to deliberately turn off that search feature several years ago. Facebook had it turned on by default.

“I think Facebook has not been clear enough with how to use its privacy settings,” said Jamie Winterton, director of strategy for Arizona State University’s Global Security Initiative. “That, to me, was the failure.”

The breach was a stunning admission for a company already reeling from allegations that the political data-mining firm Cambridge Analytica inappropriately accessed data on as many as 87 million Facebook users to influence elections.

Over the past few weeks, the scandal has mushroomed into investigations across continents, including a probe by the U.S. Federal Trade Commission. Zuckerberg himself will be questioned by Congress for the first time on Tuesday.

“The FTC looked the other way for years when consumer groups told them Facebook was violating its 2011 deal to better protect its users. But now the Cambridge Analytica scandal has awoken the FTC from its long digital privacy slumber,” said Jeffrey Chester, executive director for the Washington-based privacy non-profit Center for Digital Democracy.

Neither Zuckerberg nor his company has identified those who carried out the data scraping. Outside experts believe they could have been identity thieves, scam artists or shady data brokers assembling marketing profiles.

Zuckerberg said the company detected the problem in a data-privacy audit started after the Cambridge Analytica disclosures, but didn’t say why the company hadn’t noticed it — or fixed it — earlier.

Facebook did not immediately respond to a request for comment Thursday on when it discovered the data scraping.

Related: FTC is investigating Facebook over privacy practices

In his call with reporters Wednesday, Zuckerberg said the company had tried “rate limiting” the searches. This restricted how many searches someone can conduct at one time from a particular IP address, a numeric designation that identifies a device’s location on the internet. But Zuckerberg said the scrapers circumvented that defence by cycling through multiple IP addresses.

The scraped information was limited to what a user had already chosen to make public — which, depending on a person’s privacy settings, could be a lot — as well as what Facebook requires people to share. That includes full name, profile picture and listings of school or workplace networks.

But hackers and scam artists could then use that information — and combine it with other data in circulation — to pull hoaxes on people, plant malware on their computers or commit other mischief.

Having access to such a massive amount of data could also pose national security risks, Winterton said.

A foreign entity could conceivably use such information to influence elections or stir up discord — exactly what Russia is alleged to have done, using Facebook and other social media, in the 2016 presidential elections.

Privacy advocates have long been critical of Facebook’s penchant for pushing people to share more and more information, often through pro-sharing default options.

Related: How Facebook likes could profile voters for manipulation

While the company offers detailed privacy controls — users can turn off ad targeting, for example, or face recognition, and post updates that no one else sees — many people never change their settings, and often don’t even know how to.

The company has tried to simplify its settings multiple times over the years, most recently this week.

Winterton said that for individual Facebook users, worrying about this data scraping won’t do much good — after all, the data is already out there. But she said it might be a good time to “reflect on what we are sharing and how we are sharing it and whether we need to.”

“Just because someone asks us information, it doesn’t mean we have to give it to them if we are not comfortable,” she said.

She added that while she no longer has a Facebook account, when she did she put her birth year as 1912 and her hometown as Kuala Lumpur, Malaysia. Neither is true.

__

AP Technology Writer Anick Jesdanun contributed to this story.

Barbara Ortutay, The Associated Press

Like us on Facebook and follow us on Twitter.

Just Posted

Town of Eckville Council votes to pass new Land Use Bylaw

Land Use Bylaw Amendment 747-18 was passed after the public hearing on Mon., Sept. 24 at 7 p.m.

Eckville students brave the cold to participate in annual Terry Fox Run

Roughly 250 students ran the three kilometre course in support of cancer research.

128 Flags of Remembrance now flying in Sylvan Lake until Nov. 12

Centennial Park boasts 128 Canadian flags to honour 128,000 Canadians killed and missing in action.

New Habitat for Humanity project coming to Sylvan Lake

Habitat for Humanity Red Deer is spreading the word about the new build in Sylvan Lake

Local filmmaker works on documentary featuring women farmers

Red Deer woman receives $50,000 grant from STORYHIVE to produce documentary

Video: Flyers new mascot ‘Gritty’ a bearded, googly-eyed terror

The Philadelphia Flyers unveiled their new mascot Monday, and as one would expect of the team that gave us the “Broad Street Bullies,” he’s far from cuddly.

Assault charge withdrawn vs. ex-Jays pitcher Roberto Osuna

Former Toronto player agrees to peace bond

UPDATED: Bill Cosby gets 3-10 years in prison for sexual assault

Judge also declared the disgraced comedian a ‘sexually violent predator’

U.S. worker charged after video shows him spitting on customer’s pizza

Jaylon Kerley of Detroit is charged with a felony count of food law violations

Robbery report at outlet mall turns out to be fake: police

Leduc RCMP respond to weapons complaint at premium outlet collection mall

Canada aiming for the moon, and beyond, with new space technology efforts

With an eye on future lunar exploration, Canada’s space agency is calling on companies to present their ideas for everything from moon-rover power systems to innovative mineral prospecting techniques.

New Brunswick Premier meets with lieutenant-governor as Tories, Liberals vie for power

New Brunswick Premier Brian Gallant said the only other leader he had spoken with since results came in was Green Leader David Coon.

Trudeau looks to restart Canada’s UN charm offensive in New York City

Freeland says the question of job retraining in the 21st century — and the uncertainty that surrounds it — is the federal government’s central preoccupation.

Calgary mayor seeks person who leaked details of closed-door Olympic meeting

Calgary Mayor Naheed Nenshi says he will ask the city’s integrity commissioner to investigate a leak of details from an in-camera council meeting.

Most Read