Trump Campaign Consultants Cambridge Analytica Found Guilty of Breaking Data Laws

Authored by and submitted by Fr1sk3r
image for Trump Campaign Consultants Cambridge Analytica Found Guilty of Breaking Data Laws

LONDON—Cambridge Analytica has been found guilty of breaking data laws after refusing to disclose how much information it holds on an American professor, where it got the data, and—perhaps most importantly—how it used it and who it gave it to.

The British analytics firm, which was hired by the Trump campaign, has been accused of misusing the Facebook data of almost 100 million Americans while working to elect President Trump.

Prof. David Carroll, at the Parsons School of Design in New York, filed a formal request to see what data was held on him after reading about Cambridge Analytica’s role in the 2016 presidential election. Under British data laws, companies are required to disclose what they hold on any individual who makes such a request.

SCL Elections, a parent company of Cambridge Analytica, confirmed it did have data on Carroll, including detailed metrics on his political views, specifically how he was likely to vote and which hot-button issues like gun rights or immigration would motivate him.

The existence of this predictive table suggested Cambridge Analytica must have gathered a large volume of data on the media professor, prompting Carroll to ask where it had come from and with whom it had been shared?

Facebook later admitted that Cambridge Analytica had access to personal data on up to 87 million people, mostly in the U.S. The company collapsed in 2018 after undercover reporters caught its executives bragging about electoral dirty-tricks operations, including the secret use of proxy organizations and super PACs to buy ads targeted at individuals in the U.S. that could not be traced back to the Trump campaign.

SCL Elections refused to provide further information to Carroll, claiming that because he was American, and outside British jurisdiction, he had no more right to the data “than a member of the Taliban sitting in a cave in the remotest corner of Afghanistan.”

Britain’s Information Commission disagreed, and issued a compliance order that would make it illegal for SCL or Cambridge Analytica to continue to rebuff Carroll’s efforts.

In court Wednesday, the administrators of SCL Elections, which declared bankruptcy in May last year, finally admitted that it had broken the law. The last-minute guilty plea came on the day the trial was scheduled to begin.

The judge ruled the company had shown a “willful disregard” for the enforcement of data laws, but sentenced the company to pay less than $20,000—even with the addition of some of the costs, the penalty was around $26,000.

There was no suggestion the administrators will now grant Carroll’s request for access to the full data on him. That information is held on computers seized from Cambridge Analytica by the ICO, and stores around 700 terabytes of data, which the court was told equated to around 81 billion pages of information.

Ben Summers, for the prosecution, admitted that finding the information on Carroll was like searching for a needle in a haystack. “But it was obvious to the ICO that in order to deal with the needle, you had to have access to the haystack.”

The court was told Wednesday that Cambridge Analytica and its related companies had not provided the relevant passwords to the ICO to access that data, but the administrators had now done so. That means the British watchdog may eventually be able to work out what data was gathered on Carroll and millions of fellow American voters, and how it was used—by a company that boasted of its dirty tricks—to help Trump win in 2016.

Chromosis on January 9th, 2019 at 14:10 UTC »

Considering this happened before GDPR was a thing, I am not surprised that the fines are as low as they are.

That said, this is some serious bullshit.

moombai on January 9th, 2019 at 13:28 UTC »

Better article and details here

SCL Elections Ltd, one of the companies linked to scandal-hit Cambridge Analytica, has been fined a total of £21,000 after pleading guilty to not complying with an Information Commissioner's Office enforcement notice.

The information was about a Professor David Carroll a US citizen and they couldn't comply because the servers which have that data was seized by the ICO.

"The answer to the questions about one person, Professor Carroll, sat within that haystack, sat within 700TB of data," said Stockwell. "Which the ICO held at that point. We say that the failure [of compliance with the enforcement notice] was to address that meaning. It was obvious to the ICO and that's why it was explicitly dealt with in the letter of 4th May. In order to deal with the needle, you would need to have access to the haystack."

The reason they were fined though is because they didn't make enough effort to legally comply with Prof. Carroll's notice

Handing down sentence at midday, District Judge Grant said: "No notice of appeal was lodged against the enforcement notice and no efforts have been made by the administrators to actively recover the information held in the computer servers in the possession of the information commissioner."

Instead, the company argued that Prof. Carroll had no right to access because he wasn't a UK* citizen.

Summers told the judge that SCLE had eventually refused Professor Carroll's request because he was not a British citizen or a resident of the UK, quoting from an email the firm sent to the ICO: "He had no right to make a subject access request any more than a member of the Taliban sitting in a cave in the remotest corner of Afghanistan."

kingbane2 on January 9th, 2019 at 13:08 UTC »

whoops we're guilty, but we're also bankrupt so we can't pay the fine you're going to levy. ok thanks see ya.