Effects of Facebook Data Breach on the CHS Population


Henry Zhang

        Since 2014, the political marketing firm Cambridge Analytica had been collecting Facebook user data. The data was gathered through a third-party quiz application and then shared with Cambridge Analytica. Those who took the quiz were notified beforehand that their profile information would be taken, but the application also stole data from users’ friend lists without consent. The firm used the data to direct advertisements to potential voters, and allegedly supported Donald Trump’s 2016 campaign. Less than a million people took the test, but Facebook estimates the number of affected profiles to be at a maximum of 87 million.

        After the information was publicized, Facebook came under pressure as it had known about the breach since 2016, but did not take effective action against the firm or conduct any follow-up checks after warning it against any further data collection. Facebook is aware that external parties can obtain user information discreetly, and has issued public statements since 2012 through their terms of service that state, “We do our best to keep [the platform] safe, but we cannot guarantee it”.

        According to Facebook’s Data Policy, third-party applications can legally take user information if they have consent from their consumers. However, Facebook prohibits the taking of data without user consent and the sharing of data that can be traced back to individual profiles, since both can potentially benefit external companies at the expense of user privacy.

        Of an online survey conducted at Cupertino High School, 10.9 percent of students reported that their data had been leaked and 23.6 percent said they knew someone else who had their data leaked. Although the perpetrator is Cambridge Analytica, from survey responses it is evident that students also hold Facebook accountable for its consequences.

        Stated a survey respondent, “I think the corporation holds the most responsibility because ultimately it’s their website and business. If I went to a restaurant and there was a thief just going around stealing food, it’s not the customer’s fault for not protecting their food, it’s the restaurant’s fault for not stopping the thief.”

        Facebook has been sued multiple times for not taking a firmer stance against the breach before its actions were publicized.

        Said junior Pratheek Sarma, “If our information is in the hands of a third-party company, it’s Facebook’s responsibility to figure out what their agenda is. [Facebook] should [detail] to users exactly when and where information [is being taken] or could be taken from.”

        Others believe that consumers should be responsible for keeping their information offline or otherwise be ready to face the inevitable consequences. Some respondents share the viewpoint that so many people were affected because users are too relaxed about the posts they make and their browsing activity. “Private information is private and I don’t expect any social media platform or online quiz platform to be perfect about keeping information private,” a respondent said.

        However, with that in mind, students use social media regularly for schoolwork and to communicate with their classmates. Said junior Anirudh Krishnakumar, “Sometimes it becomes a bit difficult because we kind of have to use social media for schoolwork and stuff, so it’s hard to keep a lot of private information private.”

        The event has shed light on the potential dangers of social media. 43.6 percent of the responses to the survey reported that the breach revealed to them the corporate side of social media, and 54.4 percent stated that they will be more careful online in the future. Although none of his nor his friends’ data were taken, Sarma stated that he will disconnect all third-party applications from his account when he is not using them.

        Facebook updated its privacy policy early in April, giving users and their friends and group members more protection within third-party applications. For example, developers now cannot access information about their users who are inactive for three months or more. (A complete list of changes can be found at  https://newsroom.fb.com/news/2018/04/restricting-data-access/.)

        Nonetheless, there still are and will be ways for outsiders to access user profile information. Students think that any significant change requires a proactive mindset on both consumers’ and the platform’s part. For example, consumers are more susceptible to having personal information unknowingly shared with others if they fail to read the term and conditions of their applications prior to use.

        “Facebook states what can happen to your information in the terms and conditions, but they don’t state it again and again. The problem is, we don’t know how much information Facebook has about us, and our information can be so easily accessed by any company, not just Facebook… Users and consumers have to be vigilant on what information they share and they can’t just blindly click buttons. Just be really careful what you share online, whatever you share online stays online, whether to a closest friend or to the entire world,” Krishnakumar said.

        Some see this as a steep order, especially among young adults. “Even if we educate the public as much as possible, people will probably not read or adhere to warnings. Maybe if things were shortened people will be more inclined to read them.” Sarma said.


        Facebook allows users to download a file containing personal information the platform has stored in its database. Visit https://www.wired.com/story/download-facebook-data-how-to-read/ for more information.