Remember that #TrumpRussia has many elements. One aspect is the multiple digital operations of marketing using voter data passively maintained or actively sought and misused, plus the hacking attack on the election system itself.
While this story is about revealing information and the ownership of private data, it really is more important for understanding what the IC probably already knows… that there is a connection between US voter data and Russian mischief. The GOP’s venality and lust for power drove the collusion. And the intermediaries will be in the barrel for how 45* “won”.
Facebook should be treated like a crime scene. The social media company likely has troves of data that could provide critical leads for the investigation into possible collusion between the Trump campaign and the Russian government.
The effort to investigate possible coordination between the Trump team and Russia has so far centered on the growing number of meetings and interactions between the campaign and Kremlin-linked figures.
[...]
More people worked in San Antonio on the Trump digital team than worked on the campaign at Trump Tower. Weeks before the election Bloomberg provided an inside account of Trump’s digital campaign, explaining that “Cambridge Analytica’s statistical models isolated likely supporters whom [Brad] Parscale [digital director of the Trump campaign] bombarded with ads on Facebook.”
[...]
Now we know, the Russians contributed to this effort through buying ads. If the Trump digital team – powered by Cambridge Analytica and other tech contractors – shared their data and content with Russian operatives, the Russians could have acted as a force multiplier for the Trump campaign.
In effect, the Trump campaign could have “painted the targets” in initial ad buys for the Russians to follow-on and carpet bomb with their own ads. To paraphrase Rubio: Imagine being able to call on the resources of a nation state to do targeted ad buys.
The New York Times is reporting that copies of the data harvested for Cambridge Analytica could still be found online; its reporting team had viewed some of the raw data.
The data was collected through an app called thisisyourdigitallife, built by academic Aleksandr Kogan, separately from his work at Cambridge University. Through his company Global Science Research (GSR), in collaboration with Cambridge Analytica, hundreds of thousands of users were paid to take a personality test and agreed to have their data collected for academic use.
However, the app also collected the information of the test-takers’ Facebook friends, leading to the accumulation of a data pool tens of millions strong. Facebook’s “platform policy” allowed only collection of friends data to improve user experience in the app and barred it being sold on or used for advertising.
The discovery of the unprecedented data harvesting, and the use to which it was put, raises urgent new questions about Facebook’s role in targeting voters in the US presidential election.
The result of this case could blow the lid off how
private data was used to shape votes and the outcome of 2016 election—and how it might be used in the future. As University of Maryland law professor and big data expert Frank Pasquale told the Guardian, “I think [this case] will be the model for other citizens’ actions against other big corporations. I think we will look back and see it as a really significant case in terms of the future of algorithmic accountability and data protection.”
In April, Carroll and a group of an unspecified number of Americans who have remained anonymous to protect their privacy hired a British solicitor recommended by Dehaye, Ravi Naik, to launch the first-of-its-kind legal battle against the company.
This case, the group hopes, will clarify the legal requirements for British data-collecting companies—including those with information on non-European citizens. More specifically, the Data Protection Act also states that companies, in most cases,* must obtain “explicit consent” from individuals before processing sensitive personal data, including “political opinions.”
Cambridge Analytica, Naik argues, failed to obtain consent from American voters in 2016. “What the European regulations on data protection make clear is that if you want to collect and process sensitive personal data here, you should get consent to do so,” Naik tells Mother Jones. “Political opinions are recognized as a class of sensitive personal data, as information deserving of higher protection.”
American laws are much less forgiving. “If a [British] company has information about you, you have the right to access it, and if you ask for it, they have to give it to you,” Carroll tells Mother Jones. “We don’t have that right in the United States.”
In the US, companies don’t need consent to collect its citizens’ data and aren’t legally obligated to share it with them.
In fact, Carroll wouldn’t even have a case if the company processed its data in the United States (and won’t, if that turns out to be true). As Naik told the Guardian earlier this year, “It’s this fascinating situation because when it became apparent that Cambridge Analytica had processed Americans’ data in Britain, it suddenly opened up this window of opportunity. In the US, Americans have almost no rights over their data whatsoever, but the data protection framework is set up in such a way that it doesn’t matter where people are: it matters where the data is processed.”