By Charly SHELTON

Facebook is in hot water right now. Between the Russia manipulations during the election, the user-search data mining and now the Cambridge Analytica leak, it has been a rough few weeks to be an executive at Facebook. Perhaps what’s worse is many Facebook users don’t know exactly what happened. So, for the common good, here’s an explanation of what happened and how to prevent it from happening again.

Firstly, something must be restated that is well known yet often ignored: IT stands for information technology. Social media means media (pictures, information, locations, etc.) that is shared with others. So whatever goes online, while it may only be intended for friends, is still online when cyber thieves come looking. That’s not to say uploading any bit of info is dangerous – nobody will use your “loving this sandwich #blessed” picture of your lunch against you – but users should be aware that what’s out there is out there. The information associated with a user’s Facebook account can be a good starter package for identity theft and can include a person’s name, email, mother’s name (possibly maiden name), hometown, street lived on as a child, spouse’s full name, phone number, favorite color, favorite movie, high school name, geotagged locations of check-ins and photo uploads to show places visited and even sometimes a home address. These are all things that could be asked of someone trying to reset a password and gain access to another, more important, account. This is the danger with account leaks. The solution is simple; beware of what is put online and check account privacy settings under “Account -> Settings -> Privacy.”

The two big issues to focus on right now, as far as users are concerned, are the user search data mining and the Cambridge Analytica leak.

The user search function is something that is very useful for finding friends. Users can search by name, email or phone number to find an account associated with people that make it easier to connect with them. This feature can be turned off in the account settings, but it is “on” by default. Unfortunately, there are repositories of stolen email and phone number lists on the dark web – unregistered websites that are accessible to those looking to share stolen info and other bad things over the internet without being caught. These stolen email and phone number lists are then used by programmed bots, or apps, to run a certain function on a computer over and over again at intense speeds. These bots take one email or number off the list, search it on Facebook and save the link between the email and Facebook profile for someone to gather all the info of that person. They then build the ID theft starter kit, which is then either used or sent back and sold on the dark web again. Facebook company officials acknowledged that few users with the search function enabled have escaped this type of data mining.

Second up is the leak. This is a leak and not a hack. The word “hack” is thrown around a lot, but that involves someone getting in through a hole in web security to access info not normally available. The Cambridge Analytica leak is a leak.

Dr. Aleksandr Kogan of the University of Cambridge released an app called “This Is Your Digital Life” in 2015 and approximately 270,000 people downloaded it, according to a statement from Facebook. By using the app, those users agreed to give their Facebook info to him. This was all legitimate, and many apps do the same thing. The leak came when Dr. Kogan gave the list and info to Cambridge Analytica, a political data mining firm, and Christopher Wylie of Eunoia Technologies. Cambridge Analytica was reportedly founded by former White House Chief Strategist Steve Bannon. Cambridge Analytica was hired by Donald Trump in the 2016 election to gauge voter interest. It is unconfirmed whether the leaked Facebook data was used for this purpose. Facebook has begun sending out notifications to any account holder that may have been affected by this app, and there are tools in place to help recover and regain account privacy.

“We didn’t focus enough on preventing abuse and thinking through how people could use these tools to do harm as well. That goes for fake news, foreign interference in elections [and] hate speech in addition to developers and data privacy. We didn’t take a broad enough view of what our responsibility is, and that was a huge mistake. It was my mistake,” said Facebook CEO Mark Zuckerberg in a statement to the press. “So now we have to go through every part of our relationship with people and make sure that we’re taking a broad enough view of our responsibility. It’s not enough to just connect people; we have to make sure that those connections are positive and that they’re bringing people closer together. It’s not enough to just give people a voice; we have to make sure that people are not using that voice to hurt people or spread disinformation. And it’s not enough to give people tools to sign into apps; we have to ensure that all of those developers protect people’s information, too.”

  Charly Shelton