据报道, 300万用户通过个性测验曝光的 Facebook 数据
以下内容由机器翻译生成。如果您觉得可读性不好, 请阅读原文或 点击这里.
Facebook data on more than 3 million people who took a personality quiz was published onto a poorly protected website where it could have been accessed by unauthorized parties, 根据 新科学家. In a report exposing the potential leak, 新科学家 says that the data contained Facebook users’ answers to a personality trait test. While it didn’t include users’ names, in many cases it contained their age, gender, and relationship status. For 150,000 people, it even contained their status updates.
All that data was supposed to be accessible only to approved researchers through a collaborative website. However, 新科学家 found that a username and password that granted access to the data could be found “in less than a minute” with an online search, enabling anyone to download the trove of personal information.
The data was gathered by a psychology test called myPersonality, according to 新科学家. Around half of the test’s 6 million participants are said to have allowed their information be anonymously shared with researchers. The team behind myPersonality let any researcher who agreed to use the data anonymously sign up to access the information that had been collected; in total, 280 people were given access, including employees of Facebook and other major tech companies, according to the report.
The basics here all sound remarkably similar to what happened with Cambridge Analytica, which gained access to information from more than 87 million Facebook users thanks to a personality test called thisisyourdigitallife. In both cases, the tests were initially made by University of Cambridge researchers. And both even had one researcher in common: Aleksandr Kogan.
Kogan was the creator of thisisyourdigitallife, and according to 新科学家, he was listed as part of the myPersonality project until mid-2014; it sounds as though the project began around 2009. The University of Cambridge told 新科学家 that myPersonality was started before its creator joined the university and did not go through its ethics review process.
It’s not known whether the data was improperly accessed using the publicly available username and password. A Facebook spokesperson told 新科学家 that the app was being investigated and would be banned if it “refuses to cooperate or fails our audit.” As part of its ongoing investigation into misuse of user data, Facebook said this morning that it had so far suspended 200 apps pending review. That included myPersonality.
While a leak of 3 million users’ data is far smaller than the 87 million obtained by Cambridge Analytica, the story still serves as another warning of how easily this information can spread around and just how detailed it can be. One of the bigger issues here is that, even though the data was supposed to be anonymized, 新科学家 points out that it easily could have been re-identified using the extra Facebook information attached to each personality test.