Cambridge Analytica, the company who claimed to help Donald Trump win the US presidential election in 2016, is now under fire in the press following suggestions of dirty tactics and data violations.

The British company, who also worked on the leave.eu campaign in the UK, collect data analysis based on “psychographic profiling” (i.e. personality tests) to target political campaigns. According to them, they play a “pivotal role” in the electoral process, and they can effectively provide the kind of data that can drive voters out of their houses to the polling stations and win campaigns.

After the US election results, Frank Luntz, a well-known pollster who misjudged the outcomes of Trump and Clinton’s campaigns, admitted: “No one saw it coming. The public polls, the experts, and the pundits: just about everybody got it wrong. They were wrong-footed because they didn’t understand who was going to turn out and vote. Except for Cambridge Analytica…”

The company has now made recent headlines, following the accusation by a whistleblower that they obtained the Facebook data of 50 million US voters through personality tests. The data was used without proper consent, supposedly bought by Cambridge Analytica from Facebook to build social profiles on US voters, allowing the company to send them pro-Trump material from the election campaign.

This sort of data can be retrieved simply by clicking on something as trivial as a quiz that pops up on your news feed, which may seem harmless, but in fact, gives social media platforms like Facebook huge amounts of information on you. It just takes one Facebook friend to complete the quiz, before it spreads onto your own feed.

Christopher Wylie, a former Cambridge Analytica employee, told the BBC: “If you start to warp the perception of voters without their consent or knowledge…that is a fundamental denial of their agency and autonomy to make a free choice.”

Christopher Wylie revealing Cambridge Analytica’s practices (Source: BBC)

Alexander Nix, chief executive of the company, stood before a UK government committee a month ago, telling them that the company categorically did not use information from social media networks. The chair of the committee has now called Nix out as a liar, and has demanded that the UK government should allow privacy regulators a greater set of powers to investigate and review technology companies.

Not only has Cambridge Analytica been accused of exploiting personal data, the company’s chief has also been recorded on a Channel 4 interview describing honey trap tactics to win elections. The Times laid out the full transcript for its readers, quoting an extract relating to a Sri Lankan election campaign:

(Source: The Times)

Despite Nix’s protestations that these comments were made in mere jest, he has now been suspended from the company.

Facebook are also far from unscathed in all this. They are now being sued by their investors, following this disastrous and unforgivable failure in the data protection of their users. In the wake of this scandal, the company’s market value has already decreased by nearly $37 billion.

The government committee who accused Cambridge Analytica of lying have now also demanded that Facebook owner Mark Zuckerberg gives some clarification to the world as to how Facebook uses their data.

Facebook have made claims in the past that they have regulations in place to prevent misuse of data. However, considering recent discoveries these words seem false and meaningless.

Facebook advertisers are now threatening to end partnerships with the social media platform entirely, jeopardising millions and millions of pounds that advertisers spend each year promoting their brands on Facebook.

Some of the largest banks in the world, including Nordea, the biggest bank in the Nordic region, are placing their Facebook investments in “quarantine” following the scandal.

Zuckerberg spoke out on Wednesday night, apologising for the “breach of trust”. He also published a Facebook post in which he promised that the company would look into apps using their platform as a front for gathering personal information.

All this news comes amid the lead-up to the introduction of new General Data Protection Regulation (GDPR) legislation. As of the 25th May this year, all companies are now responsible for what happens to their data. This means that companies such as Facebook, who seem to be selling their data, will be responsible not only for the data on their immediate platform, but also for what happens to it once it leaves and falls into a new pair of hands. Companies will also have to be able to provide proof that the data on their platforms can be fully deleted if necessary.

This new EU legislation has worried all sorts of industries, because it means backtracking through chains of data handling and processing, something many are struggling to even comprehend in practice. The current Facebook-Cambridge Analytica shortfall is a prime example of how this new GDPR system would work once in force, holding multiple companies accountable for large scale misuses or breaches of data.

New GDPR legislation comes off the back of past events. In October, TalkTalk experienced a monumental cyber attack. 156,959 customers had their personal data stolen, and that data included 5,656 bank account and sort code numbers. The company were fined a record-breaking £400,000, but many felt that such a fine did not even begin to reflect the sheer volume of customers affected, or the real costs of serious data breaches.

With more large companies being held under the spotlight by government committees, and GDPR legislation eagerly awaiting us in the wings, it seems that we may be able to hope for a safer, more trusted technology industry in the future. Companies such as Facebook and Cambridge Analytica now seem to grow and prosper off the back off social profiling, something which must be exposed as invasive, simply because it leaves personal data utterly vulnerable to abuse and misuse.