Facebook says it should have audited Cambridge Analytica
Subscribe for unlimited digital access.
Try one month for $1!
Subscribe for unlimited digital access. Try one month for $1!
NEW YORK — Facebook’s No. 2 executive says the company should have conducted an audit after learning that a political consultancy improperly accessed user data nearly three years ago.
Chief Operating Officer Sheryl Sandberg told NBC’s “Today” show that at the time, Facebook received legal assurances that Cambridge Analytica had deleted the improperly obtained information.
“What we didn’t do is the next step of an audit and we’re trying to that now,” she said.
The audit of Cambridge Analytica is on hold, in deference to a U.K. investigation. But Facebook has been conducting a broader review of its own practices and how other third-party apps use data.
• Facebook scandal affected more users than thought: up to 87M
• Facebook revamps privacy tools as tighter EU rules draw near
The company is facing a global backlash over the improper data-sharing scandal. Hearings over the issue are scheduled in the U.S., and the European Union is considering what actions to take against the company.
Sandberg gave several interviews this week as Facebook CEO Mark Zuckerberg prepares to testify before Congress next week. The company is also facing an investigation by the Federal Trade Commission in what’s become its worst privacy crisis in its 14-year history.
It started with revelations that Cambridge Analytica, a data-mining firm, improperly accessed the private information of tens of millions of users to try to influence elections around the world. Over the past three weeks the scandal continued to spiral.
For one, Facebook executives took nearly five days to respond to the Cambridge Analytica reports.
Then, some users who logged in to Facebook through Android devices discovered that Facebook had been collecting information about phone calls they made and text messages they sent. Facebook also acknowledged this week that nearly all of its 2.2 billion users may have had their public data scraped by “malicious actors” it did not name.