Cambridge Analytica data breach hit 5.62 lakh Indians: Facebook tells govt

Facebook India has admitted that it was misused for over two years to siphon data of nearly 5.62 lakh subscribers to Cambridge Analytica which is facing fire across the continents for clandestine data acquisition and unethical influencing.

The hugely popular social site Facebook is in serious trouble with Indian Information and tech ministry as the revelation wasn't made voluntarily. It was in reply to a tough worded questionnaire/notice by the ministry that Facebook India responded.

The FB admission means that privacy of approximately 5,62,000 lakh Indian users of Facebook was seriously compromised by a company that used the Facebook platform and then after siphoning the data sold it for a huge profit to Cambridge Analytica.

In what can be a serious note of caution for Facebook subscribers who download apps and elements via Facebook and eventually end uploading their data, upload Facebook claims that between November 2013 and December 2015 a quiz app 'thisisyourdigitallife' from its platform was downloaded by 335 Facebook users all of them residents of India.

Facebook admits that the app scrapped the data of the 335 Indian Facebook users who had installed the app first and then the data of friends of these 335 Indians totaling 5,62,120 users too was stolen. This construes a serious breach as those who install app give consent to share their data but for the friends and friends of friends of these there is no consent secured.

Facebook says it's not known exactly what kind of data was siphoned and stored or what the two involved companies - GSR and Cambridge Analytica did with that data. Facebook has admitted that it's investigating if any other apps have similarly violated privacy of users, scraping their data and misusing it.

By 2015, there were 135.5 million Facebook users in India and this was just one of the apps. It's not known if Facebook has been able to find all possible apps which could have leaked data. Today there are 225 million users and millions run the risk of theft of data and privacy.

Facebook in its reply says the app was operated on to Facebook platform by a Cambridge in UK based company- Global Science Research. The company is run by Aleksandr Kogan, who claims to be a psychology researcher at the University of Cambridge. Facebook reply says that the data theft went on till the app was dropped in December 2015.

Even that was not due to filtering or checks at Facebook but following a report in the newspaper The Guardian revealing that Aleksandr Kogan had commercial links to Cambridge Analytica, which in turn used it to target voters in the 2016 US elections.

Facebook says this was a violation. Sources in the government say that the IT ministry is miffed why users whose data had been stolen weren't warned for the last two years by Facebook. Even in its reply to government Facebook is silent on the identity of the 335 directly exposed users and those impacted indirectly.

Facebook says from 9 April, Facebook India will commence informing all the impacted -- 5,62,455 users in India about the breach of privacy of their account The ministry had also shot a notice to Cambridge Analytica but is yet to receive a reply.

After the detection of the theft of data Facebook says it had sent notices asking GSR and Cambridge Analytica to delete all data which was surreptitiously collected.

Facebook's says the two claimed they had done so. But a further probe by Facebook revealed that they had lied and were still in possession of the "loot".

Following this Facebook banned Kogan and Cambridge Analytica from its platform. Facebook says it has made changes to its privacy policy to make it much tougher for thirdparty apps to secure data from its site as they would have to take the sanction of Facebook each time.