Sally Nicholls

Designer ⭑ Developer ⭑ Animator

Euronews

Explainer: Could new EU data protection law have stopped the data leak scandal?

Feature article

(Euronews) Facebook CEO Mark Zuckerberg faced one of his toughest tests yet when he was grilled by 44 senators in Capitol Hill.

It came amid questions over how Russia used the social network during the US election of 2016, and how political consulting firm Cambridge Analytica was able to harvest data from 87 million Facebook profiles without most users’ consent.

But his job will get harder should the US follow the EU’s lead and install aggressive data protection legislation to empower citizens.

In an effort to harmonise such laws across the continent, the EU has prepared the EU General Data Protection Regulation (GDPR), which will come into force from 25 May 2018.

The framework would ensure internet users’ personal data is not shared without their express consent, and that organisations have thorough data protection policies and records of their activities in place, as well as a data protection officer in some cases.

They would need to guarantee that personal data is processed lawfully, transparently, and for a specific purpose until it no longer serves that aim, by which time it must be deleted.

The rules would apply to all companies that control or process data from within the bloc, regardless of where they are physically based, and it would be their responsibility to adhere to them.

The regulation represents the biggest overhaul in data protection law in Europe since 1995, and will make companies like Facebook more accountable than ever should personal data be improperly handled. Fines imposed under the new rules could amount to as much as 4% of a company’s global annual revenue.

Could the GDPR have prevented the data leak scandal?

There is little hope the 87 million Facebook users affected by the data harvest will be able to claw back their personal information from Cambridge Analytica (CA) and get justice short of launching legal action. However, a regulation as rigid as the GDPR should prevent similar data leaks from occurring on its patch.

The reason the leak was so large was because CA was able to retrieve personal data belonging to the friends of Facebook users that downloaded their quiz app — their data-harvesting tool — because it was allowed by the social network at the time: Facebook Friends’ consent was not required.

But under the GDPR, companies must have users’ permission, given via a clear affirmative action, before they can receive their personal data or override their privacy preferences.

Secondly, personal data sought by a business must be specified contractually and must be necessary for the service it provides. Aside from pooling information from users’ friends, Facebook has since confirmed that CA may have collected private messages, too. Such data was not needed for users to complete personality tests on the quiz app, and taking it would have breached GDPR rules.

The regulation also requires that companies inform the relevant data protection authority should a breach occur that risks peoples’ rights and freedoms within 72 hours of being made aware of it. Facebook has admitted that it first learnt data was being handled improperly by Aleksandr Kogan, who developed the quiz app, and CA in 2015 — two years before it was exposed publicly and brought to authorities’ attention. Under the GDPR, such an infraction would incur a penalty equal to 2% of the social network’s annual worldwide revenue ($813 million in 2017). An eye-watering amount that would likely displease shareholders and threaten 33-year-old Zuckerberg’s position in the company.

Read the full story on Euronews.com: https://www.euronews.com/2018/04/11/could-eu-s-new-data-protection-law-have-stopped-cambridge-analytica-scandal-

Euronews

Explainer: The Facebook data leak – What happened and what’s next?

Feature article

(Euronews) Late last week, the UK’s Information Commissioner’s Office (ICO) confirmed 30 organisations, including Facebook, were being investigated as part of a national inquiry into the use of personal data and analytics for political and commercial purposes.

It came weeks after the regulatory body was granted a warrant to search Cambridge Analytica’s (CA) headquarters in London, the political consulting firm at the heart of the data leak scandal.

But how were they able to access and harness Facebook users’ data for their political partners and clients, and how will that impact people going forward?

This Is Your Digital Life

CA’s mass data-mining project began in June 2014, when, according to its co-founder Christopher Wylie, a commercial data-sharing deal was signed between SCL Elections (CA’s parent company) and Global Science Research (GSR), an organisation owned by Cambridge University lecturer Aleksandr Kogan.

The psychology professor created a quiz app called This Is Your Digital Life, with which data would be extracted from personality tests taken by its users and given to CA. The firm then advertised the app on an Amazon web service and paid participants up to $5 to encourage take-up, but only US voters with a Facebook account were eligible to take part. Their responses were then paired with information taken from their social media profile, including their gender, age, relationship status, location and ‘likes’, to establish their personality traits and political views.

Within months, around 320,000 Facebook users had downloaded the app, exposing both their profiles and those belonging to their Facebook Friends – around 87 million in total – as the social network allowed apps to retrieve such data at the time.

Those individuals were then linked to electoral records obtained by SCL, and targeted with highly personalized political advertising for CA’s partners and clients.

President Trump and Brexit

CEO Alexander Nix has previously said CA was a major player in Donald Trump’s election in 2016, telling undercover reporters that the company “ran all the digital campaign” for the Republican candidate.

The company also received payments totaling almost $6 million from Trump’s campaign team in 2016, according to government records, yet they have since vehemently downplayed CA’s role in their success.

In a statement released in October, campaign director Michael Glassner said data analysis was managed solely by the Republican National Committee and “any claims that voter data from any other source played a key role in the victory are false”.

CA’s work may have also influenced the result of the UK’s Brexit referendum, when Britons voted to leave the European Union in 2016. Aaron Banks, the co-founder of pro-Brexit campaign group Leave.EU, said in a book published in October 2015 that the group had hired the firm which uses “big data and advanced psychographics” to influence people. In November that year, Leave.EU also announced its partnership with the company on its website, saying CA “will be helping us map the British electorate and what they believe in, enabling us to better engage with voters”.

But again, there have been stringent denials that the organisations worked together, with Banks telling Reuters that the group accepted “no benefit in kind, no data, no nothing” from CA.

He later told a parliamentary committee that his reference to the firm being “hired” in a book solely signaled Leave.EU’s intention to work with them.

The fightback

In the aftermath of the Guardian’s exposé in March, Facebook has stated that claims Kogan’s app committed a data breach were “completely false” as “people knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked”.

Yet Strategic Communication Laboratories (SCL), CA and Kogan were banned from the social network, pending an investigation, for violating the platform’s policies. Their infringements included passing information to a third party and allegedly failing to delete Facebook data at the company’s request.

The technology giant went on to update their terms and conditions to restrict data access from third-party apps.

But this weekend, Canadian political consulting firm AggregateIQ was also suspended amid reports of ties to CA, as well as the data analysis company CubeYou, which is associated with Cambridge University. The latter, which used personality quizzes to grab data, reportedly labeled its product as being “for non-profit academic research”, even though the information was being shared with marketers.

And Facebook’s maneuvers have not been enough to pacify the authorities, nor settle debates concerning data privacy and regulation.

In March, ICO investigators raided CA’s headquarters in London. And earlier this month, the body confirmed it was investigating 30 organisations, including Facebook, as part of a national inquiry into the use of personal data and analytics for political and commercial purposes.

Information Commissioner Elizabeth Denham said in a statement: “The ICO is looking at how data was collected from a third-party app on Facebook and shared with Cambridge Analytica. We are also conducting a broader investigation into how social media platforms were used in political campaigning.”

The US Federal Trade Commission is also investigating whether Facebook improperly allowed Cambridge Analytica access to users’ personal data, breaching a consent agreement the social network signed with the agency in 2011. The decree stipulated that Facebook must notify users and acquire their explicit permission before sharing their data beyond what their privacy settings allowed.

The technology giant’s CEO Mark Zuckerberg will answer lawmakers’ questions in Washington on Tuesday and Wednesday (April 10-11).

Read the full story on Euronews.com: https://www.euronews.com/2018/04/09/the-facebook-data-leak-what-happened-and-what-s-next

University of Sheffield

Court Report: Sheffield man jailed for prank death

Court report

A Sheffield man who shot his best friend with an air rifle in a failed prank was yesterday jailed for three years.

Police officers found Russell Fairchild, 47, (pictured above) sobbing and covered in blood after he killed Christopher Humphreys, 24, at his home on Handsworth Grange Road, Darnall on May 5.

Fairchild admitted manslaughter at an earlier hearing.

Fairchild drank 10 pints of lager and smoked canna­bis with Mr Humphreys and another friend, Richard Saville, at the Cross Keys pub on Handsworth Road. The group then left for Fairchild’s home in the evening, Sheffield Crown Court was told.

Christopher Humphreys, 24, died six days after being shot in the head by Fairchild.
Mr Humphreys died six days after being shot in the head by Fairchild.

The friends watched television and drank beers in the living room when Fair­child left and returned holding an air rifle.

They chatted and joked together when Fairchild pointed the gun at Mr Hum­phreys.

Fairchild cocked it and said, “dance, dance”, before firing. He walked from the room without knowing the firearm was loaded, prosecutor Simon Whaley told the court.

Mr Saville noticed Mr Humphries was badly injured and called for Fairchild to come back to the room.

Covered in blood

As soon as Fairchild realised what happened he called for an ambulance and “did what he could” to save his friend, Mr Whaley told the court.

Emergency services arrived at the house after 10.20pm. Fairchild was “heavily intoxicated, incoherent and very upset,” a police statement said.

His hands were covered in blood and officers had to forcibly remove him from his friend’s body.

Mr Humphries was later taken to the Royal Hallamshire Hospital where doctors found the pellet had struck him above his right eye and entered his brain.

He died six days later.

Mr Whaley said the group regularly spent time together at Fairchild’s home and he had “got out an airgun in horse­play” on previous occasions.

He would position it against peoples’ heads to their ears and fire it as a joke, he told the court.

Michelle Colbourne QC, mitigating, said Fairchild did not realise the rifle was loaded when he fired it at Mr Hum­phreys during a “silly game” they indulged in “weekend after weekend.”

She said the incident left him “full of self-loathing.”

“[He] will live in the knowledge and guilt that he has killed his best friend, for­ever,” she told the court.

She said he was social and well-liked within the community.

“He has been a good man … there’s nothing to suggest he is nothing but a thoroughly decent human being.”

Sentencing Fairchild, the Recorder, Julian Goose QC said he acted with “criminal negligence”. His han­dling of a weapon while drunk made it “a more culpable act”.

“[But] you have shown remorse for the tragic killing of your friend,” he told him.

The judge said he will serve half of his three-year sentence in prison before being released.

Not a toy

After the plea hearing earlier this month, Det Insp Victoria Short of South Yorkshire Police said the case tragically demonstrated that owning an air weapon can have fatal consequences.

“Even though air weapons can be legal­ly owned, they are very dangerous items and must be treated as such,” she said.

“These weapons must be used in the correct and appropriate manner, stored safely, and not played with while under the influence of alcohol.”

Christopher Humphreys’ family said in a statement: “Today marks the end of this terrible ordeal for our family, and we can now begin to grieve the devastating loss of Chris who was a fantastic son and brother.

“We would ask that our family is al­lowed privacy while we grieve, and would like the public and the media to respect this decision.”