The claims that Cambridge Analytica used data harvested from millions of Facebook profiles to target voters in the US general election in 2016 raises tough questions for both companies.
In what appeared to be a damage limitation exercise, the social network preempted the stories that appeared in the Observer and the New York Times over the weekend by banning the political strategy company from its platform while it investigated the claims.
But this goes much deeper than that. Facebook’s 2.2bn active users might well wonder, how safe is their personal data? And is Facebook doing enough to secure it?
And why did Facebook only react on Friday, when it must have known there was a potential problem many months, if not years, ago.
In August 2016, it sent a legal letter to Christopher Wylie, a former Cambridge Analytica employee, asking him to destroy any data he held that had been improperly collected.
Facebook did not publicly disclose this at the time, and appears to have carried out no further enforcement other than requiring those who wrongly held the data to “self-certify” that they had indeed destroyed it.
It was only last week, four days after…
