FACEBOOK IS EXPECTED to tell an Oireachtas committee today that “it could have done better in responding to concerns” from the Data Protection Commissioner in recent weeks.

The social media company believes up to 87 million people’s data was improperly shared with the political consultancy firm Cambridge Analytica.

Representatives from Facebook will tell the Communications Committee this morning that while most of the people impacted by the data breach were predominantly in the US, up to 44,687 people in Ireland may have been impacted.

“This represents 0.052% of the total number of people affected, but any number is too many,” the company said, explaining that the chain of data exposure was started in Ireland when 15 people installed Cambridge University researcher Aleksandr Kogan’s personality quiz app.

Last month, the New York Times and Britain’s Observer and Guardian newspapers detailed how Cambridge Analytica got its hands on data compiled by this app.

The firm, best known for its work on Donald Trump’s US presidential election campaign, used the data – from tens of millions of Facebook users’ profiles in the tech giant’s biggest-ever data breach – to help them design software to predict and influence voters’ choices at the ballot box.

Facebook said Cambridge Analytica continues to claim it deleted the data and has agreed to a forensic audit by a firm the social media platform has hired to investigate this.

‘Cleaning up its act’

The Data Protection Commissioner (ODPC) has said it is “actively supervising Facebook’s progress in cleaning up its act and ensuring users’ data is protected”.

While Facebook said it is working with the UK Information Commissioner’s Office – as Cambridge Analytica is established as a data controller in its jurisdiction – Facebook, which has its European HQ in Dublin Docklands, said the DPC is its “lead regulator” over how Irish and EU users may have been affected.

“We have shared detailed information with them about our past and current practices and we continue to engage with them on this,” said Facebook reps.

The officials from Facebook say they plan to “speak frankly” at today’s Oireachtas Communications Committee meeting.

“The Data Protection Commissioner has been critical of us in recent weeks. We recognise and understand those criticisms – we could have done better in responding to concerns, and we are committed to doing better going forward,” they are expected to say in their opening statement.

‘We are deeply sorry’ 

They are also expected to echo what CEO, Mark Zuckerberg said in front of a US committee last week that “what happened with Cambridge Analytica represents a huge violation of trust, and we are deeply sorry”.

Apologising to Facebook users, the company’s opening statement also reads:

As our CEO explained last week, Facebook is an idealistic and optimistic company. For most of our 14-year existence, we focused on all the good that connecting people can bring.

As Facebook has grown, people everywhere have gotten a powerful new tool to stay connected to the people they care about, make their voices heard, and build communities and businesses.

But it’s clear now that we didn’t do enough to prevent these tools from being used for harm as well. We didn’t take a broad enough view of our responsibility, and that was a mistake. It’s not enough to give people control of their information, we have to make sure that developers who get users’ consent to access data are protecting it too. Across the board, we have a responsibility to not just build tools, but to make sure those tools are used for good.

Facebook said it will take some time to work through all of the changes it needs to make, but added it is “committed to making them, and to getting it right”.

Additional safeguards introduced 

The company is beginning that process by ensuring that developers who got access to a lot of user information in the past, can’t get access to as much information going forward. It said it is introducing additional safeguards, such as minimising the data a user gives an app when you approve it to only: name, profile photo and email address.

It is also in the process of investigating every app that had access to a large amount of information and Facebook said if it detects suspicious activity it will carry out a full forensic audit, telling everyone affected.

Last week Facebook started showing everyone a link so that they can see the apps they’ve used and an easy way to revoke the permissions to data.

Political advertising 

In addition to discussing the revelations surrounding the data breach in committee today, representatives from Facebook will also give their view on a proposed Fianna Fáil Bill which aims to stop false political information being advertised online.

The Online Advertising and Social Media (Transparency) Bill 2017 is understood to have gotten widespread support, with the Sunday Business Post reporting at the weekend that the government’s parliamentary legislation drafters have given the Bill the green light.

Related Reads

Explainer: What is Cambridge Analytica? The firm at the heart of Facebook's alleged data breach

Fianna Fáil’s James Lawless has already met with Facebook about the issue, with the social media company expected to tell committee members that it fully understands what the Bill is trying to achieve adding that the proposed legislation is “aligned with its goals”.

“It mirrors, in large part, what we are trying to achieve with the new ads
transparency tools we have announced. We agree that, when it comes to advertising on Facebook, people should be able to see all the ads that a page is running – and when it comes to political ads, all advertisers should be verified and any ads that they run should be clearly labeled to show who paid for them,” Facebook’s opening statement says on the matter.

Lawless told TheJournal.ie that he has been engaging with the company and other social media firms about his bill since last year but is still  eager to engage the reps at the meeting today. He will be quizzing them on what is feasible, what changes they can make to their platform and ultimately, he will be calling for them to make certain commitments on the issue.

“My Bill is pretty much ready to go. There is an open invitation to the government to work together on it, and with the government’s support we could make it law by the end of the year, in my view,” he said.

“I am looking forward to getting some informed views on my Bill tomorrow.”

He added that as legislators it is their job to ensure there are appropriate safeguards. Lawless said he would not accept the argument from social media companies that they are working behind the scenes on the issues involved.

“Self regulation is not good practice.”

Facebook said it is working hard to build transparency tools and to roll them out globally, but it added that it takes time to do that and, most importantly, to get them right. The company has been testing the first of these products in Canada and it hopes to be able to roll it out globally this summer.

Facebook’s Dublin office is the company’s second largest office globally, next to their headquarters in Silicon Valley in San Francisco. It employs over 2,500 people in Ireland.

The DPC is also due to speak in front of the Oireachtas Committee today.