The Great Hack – Targeted Persuasion

Filtered Reality

Recently it was suggested to me to watch the documentary The Great Hack on Netflix. On this Election Day, it’s an interesting watch. The documentary takes you through the workings of the company Cambridge Analytica and how their extreme data collection was used to target voters in both the US and the UK.

The formula was simple. They mined our data, our friends’ data, and the data of those we were connected with online. The data was then sold to the highest bidder along with a comprehensive plan to bombard voters with whatever message the buyer wanted.

Cambridge Analytica, in many interviews and undercover interviews, bragged about its ability to sway voters in key parts of countries to do what it wanted them to do. They say they were able to bombard voters with propaganda because they had access to over 5,000 data points on each individual person. They used this to build profiles on individual people and then skew the way they were thinking.

It’s unethical at best, but there’s much debate raging on whether or not it’s criminal (it was found in the UK to be criminal and the company was shut down). If nothing else, it is a massive invasion of our privacy. Even if we did willingly give it to them.

How They Collected Our Data

While Cambridge Analytica used several social platforms, Facebook was the goldmine that made this possible. We filled out quizzes, we clicked status updates, we linked our likes to our profiles, basically, we handed over every bit of personal information we had. Meanwhile, Cambridge Analytica was using all of that to make money.

Even if we didn’t fill out these quizzes and “harmless” personality profiles, they were collecting data on us if our friends participated. Using this data, Cambridge Analytica determined who was a “persuadable.” These were the people that didn’t seem to clearly sit on one side of an issue or the other. They then sold this data along with a campaign to bombard those people with advertisements to swing them towards the party paying them.

Professor David Carroll was extremely distraught learning about how his data had been used. He figured since the company was based in the UK, he would hire a lawyer there to petition Cambridge Analytica to return his data. His suit spurred the investigation into the company.

The Suit

David Carroll is an associate professor at Parsons School of Design teaching media design. He was already tuned in to data mining. What disturbed him was the lack of control he had over his, and his children’s, online data points.

After filing the suit, Professor Carroll waited. There were many hearings in the UK which kept unearthing further tampering by many entities. The documentary itself gets way more in-depth than I could in this blog, so I definitely suggest watching it.

Eventually, the UK courts sided with Professor Carroll and made it a criminal offense. That meant Cambridge Analytica had to return his data. In the research I’ve done, it seems they still have yet to comply.

The Takeaway

The general consensus is that the use of our data through mining is at best unethical and at worst illegal. There’s still much debate. What’s the legality of the data on us? Should we own our data the way we own our property? Many experts say yes. Meanwhile, the courts are still figuring out the enforceable ways to protect us.

Unfortunately, it’s impossible for us to erase ourselves from the internet. Even if you deleted all of your social media platforms, quit using the internet, and got rid of your cell phone, companies you rely on still use these services. Even a debit or credit purchase is registered as a data point. Our data is out there. However, we aren’t helpless.

Limiting Data Sharing

We can start by limiting the amount of data we share. Locking down our social media platforms, opting out of cookies on websites, and turning off our geotracking are all ways to reduce our data sharing. Additionally, you’ll want to stop with all those Facebook quizzes.

I’m serious about the quizzes and other third party apps. If you read the terms and conditions, the amount of data they share is scary. Is finding out what pizza topping you are worth giving away your privacy?

Be Aware Of Targeting

The entire goal of Cambridge Analytica and companies like them is to profile us. By creating user profiles, they know how to target advertisements that will create an emotional response. They use that to manipulate us into voting for their candidate or buying their product.

It’s a hard pill to swallow to think we’ve been manipulated. It is, however, exactly what’s happening. This is the control we have though, we can scrutinize everything coming our way. Remember in school when your teachers encouraged you to only believe evidence that was solid and factual? That’s the approach we now need to bring to the internet.

This blog post itself may upset you. I get that. I’m not here to make you feel bad. It is my responsibility though to remind you how to stay safe on the internet. Talking to you about Cambridge Analytica, data mining, and filtered reality is just as important as telling you how to spot a phishing email. In the end, our own common sense and clear thinking is going to keep us from being hacked.

So next time something crosses your feed (or enters your email) that instantly fires you up, take a moment to pause. Look at that article or meme and think, “is this the goal? To scare me into doing what someone wants me to do?” If it seems too extreme to one side or the other, the answer is probably “yes.” Keep a clear head. You’ve got this.

As always, be safe out there.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

How To Update Drivers

Keeping your device drivers up to date on your Windows machine is a great way to ensure that all apps, devices, and processes run smoothly

Read More

What is Application Whitelisting?

Application whitelisting, also referred to as application allowlisting, application execution control, and software asset management, is a cybersecurity measure that provides only approved applications access

Read More