By Rachel Kaser
Facebook announced this week it had made its first outright ban of an app in the company-wide audit its been working on since the Cambridge Analytica scandal earlier this year. The app in question had apparently been setting off red flags since April.
Ime Archibong, Facebooks VP of product partnerships, revealed Facebook banned an app called myPersonality, which hadnt been active since 2012. According to him, the app was banned for failing to agree to our request to audit and because its clear that they shared information with researchers as well as companies with only limited protections in place. The app may have leaked the personal data of up to 4 million people, and Archibong said the company was reaching out to alert those people of the issue.
The app was, as youd expect, a personality quiz. It asked users to share information from their Facebook profiles, and the information gathered was distributed to other researchers. As many as 280 people apparently had access to the full data set, both from universities and other companies such as Google and Microsoft.
Meanwhile, one of the Cambridge University researchers who controlled the apps datasets today fired back, deriding the ban as purely for PR reasons since the app hadnt been in use since July 2012. Dr. David Stillwell told Business Insider that Facebook knew perfectly well what the app was for when it was active, even paying for him to attend a workshop on user data. He also said he never refused an audit, and insisted, There was no misuse of personal data.
Its worth noting that, just as in the Cambridge Analytica case, it wasnt Facebook itself who discovered the suspicious security flaws. The company apparently began investigating the app in April, when an investigation by the New Scientist revealed the researchers had indeed attempted to secure the data, but had stored it in a server easily accessed via a password publicly available on Github presumably thats what Archibong meant by limited protections.
Interestingly, New Scientist also noted there was another connection between the two apps: Aleksandr Kogan, the researcher who initially culled Cambridge Analyticas user data via the thisisyourdigitallife quiz, was listed as a collaborator on myPersonality in 2014. Apparently Cambridge Analytica attempted to gain access to the datasets from the latter app, but were refused, according to Dr. Stillwell.
Archibong also mentioned itd suspended over 400 suspect apps since the inspections began. The company announced the audit in the aftermath of the Cambridge Analytica kerfuffle, and its apparently still going through the apps which had access to user data prior to a 2014 rule change.
This article has been previously published on The Next Web.
Rachel is a writer and former game critic from Central Texas.
Image credit: Shop Catalog