Subscribe
  • Home
  • /
  • Security
  • /
  • Cambridge Analytica could peek into private inboxes

Cambridge Analytica could peek into private inboxes

Lauren Kate Rawlins
By Lauren Kate Rawlins, ITWeb digital and innovation contributor.
Johannesburg, 11 Apr 2018
Some app users opted in to sharing their private Facebook messages.
Some app users opted in to sharing their private Facebook messages.

Private Facebook messages are part of the personal information loot research firm Cambridge Analytica ended up with in the recent Facebook data leak.

ITWeb Security Summit 2018

Registration is open for ITWeb Security Summit 2018, which will feature cyber security guru Mikko Hypponen and other international infosec players as plenary speakers. Get involved in #SS18HACK and choose from two half-day workshops or a full-day Boot Camp plus five training courses. Click here for the agenda. For the first time, ITWeb Security Summit will also take place in Cape Town.

Nearly 1 500 people of the 300 000 who downloaded the "This Is Your Digital Life" app created by Cambridge University researcher Aleksandr Kogan in 2013, opted to also share their personal messages with the app.

Although this number may seem small, it does not only apply to those who opted-in but all the people they messaged privately. It is estimated up to 87 million Facebook users had their data leaked by proxy of the 300 000 people who downloaded the app.

It was only discovered that private messages were also part of the leak when the social network set up a way for people to check if their data was shared. Here users will see if any of their information was given to Cambridge Analytica, or if it could have made it to the research firm via their friends.

A message at the end of the notice to those who did not use the app directly read: "A small number of people who logged into 'This Is Your Digital Life' also shared their own News Feed, timeline, posts and messages, which may have included posts and messages with you. They may also have shared your home town."

A Facebook spokesperson confirmed to both Wired and the BBC that this was true.

"Prior to 2015, Facebook's platform policy allowed developers to request permission to access inbox content but only if the person explicitly gave consent for this to happen," a spokesperson told the BBC.

"According to our records, only a very small number of people, approximately 1 500, explicitly opted into sharing this information with Kogan's app. The feature was turned off in 2015."

Cambridge Analytica denied ever seeing private messages of Facebook users in a tweet: "GSR did not share the content of any private messages with Cambridge Analytica or SCL Elections. Neither company has ever handled such data."

However, other Twitter users were quick to say they do not believe this.

The research firm went on to tweet: "We did not hack Facebook or break any laws - SCL Elections licensed data from a research company called GSR which obtained the data via a tool provided by Facebook, a common practice at the time."

On Friday, it was reported that almost 60 000 South African Facebook users could be impacted by the social network's recent data leak. A Facebook spokesperson said 33 users in SA installed the app and 59 777 South African users are potentially impacted locally, "these being friends of those who would have installed the app elsewhere in the world".

Users can check here to see if any of their information was leaked.

Facebook CEO Mark Zuckerberg is currently testifying about the leak before US Congress in Washington.

Share