Cyber security expert on Cambridge Analytica

Data security expert Steve Cockcroft spoke to I Cov about the Cambridge Analytica case and the future of data storage.

Should the 50 million Facebook profiles harvested for Cambridge Analytica in major data breach concern users of facebook and other social media sites?

Any breach of security should be a concern for all involved and others using social media sites or any other site.  Of particular concern is what social media sites (and others) are doing with personal data without the users knowledge and/or agreement.

In my opinion, social media sites (and others) need to understand that it is not their data to do with what they like,the data is the property of the customers signing up to their platforms/services whilst their platforms/services offer a value to the users.  It would be interesting to know how many individuals who were directly affected by the Cambridge Analytica activity would choose not to sign up to Facebook if they knew their data, and that of their connections, was going to be used in such a way.


Do you think we’ll see more cases of data being used for political gain in the future?

Yes, if there is no change.  Profiling and other uses of data will become more frequent for political and non-political reasons as the world changes and as, what has been termed as Industry 4.0, becomes reality.  Personal data, health data, genetic data, biometric data and financial data will increase in value and requires protection if it is not to be misused either maliciously or non-maliciously.


Do you think this will change the way sites store data?

There have been several major breaches in recent months/years, Equifax, Yahoo, Facebook, Talk Talk etc… I would argue most consumers have simply shrugged their shoulders and carried on as usual.  We as customers need to understand that our personal data has a value and needs protection by ourselves and organisations in the same way as for example, our financial data.  Until we understand this and insist on protection of our data, I suspect we will see further issues in respect of how our data is being used.  Organisations will need to secure data and only use it for what they have been given permission to use it for.  Organisations who care about the security of data will no doubt realise a competitive edge in the future as buyers/users of services and in particular social media sites base their buying/the use of sites decisions with security in mind.  Very few organisations would be able to absorb the kind of financial and non-financial impacts that Facebook has suffered during recent weeks and the kind which new legislation, for example the GDPR and NIS Directive, could result in.


How can users keep their data safe online?

Users should ensure they read the terms and conditions of service and privacy notices before making purchases/using sites and only use sites where it is crystal clear what their data is being used for and who it is being shared with.


Benjamin Rees

Leave a Reply

Your email address will not be published.