Another Facebook App Leaves Anonymised Data of 3 Million Users Potentially Exposed
Thursday, May 17, 2018
facebook, anonymised data, mypersonality quiz
Print Mail Download i

Recent news reports have revealed that Facebook has been hit with another data scandal.

The anonymised data of approximately 3 million Facebook users has reportedly been published on a poorly protected website. This data was originally collected via a Facebook quiz app called “myPersonality”. The myPersonality app was developed as part of the “myPersonality project” run by academics at the University of Cambridge’s The Psychometrics Centre.

Around 6 million quiz participants answered a number of personality trait questions using the myPersonality app. Half of those quiz participants agreed to share data from their profile. This data, along with quiz answers, were anonymised by the University of Cambridge academics and then placed on a website. Researchers could register to collaborate on the myPersonality project and gain access to the anonymised data on the website. According to New Scientist, more than 280 people from about 150 institutions (universities and companies) registered to access the website.

However, if you were not a researcher there were other ways to access the anonymised data. A username and password to access the website could be found online from a single web search.

On 7 April 2018, Facebook suspended the myPersonalty app from the Facebook platform as part of its clean up of third party applications and its investigation into misuse of user data.

This incident continues to shed light on Facebook’s practice of allowing third parties, such as researchers to use the Facebook platform to gather users’ data. However what is more revealing is the poor approach the academics took to protect the data by third parties with the means to re-identify the data. Providing access to anonymised data is not necessarily a problem per se. However, according to New Scientist the data could be easily re-identified.

Anonymised data will be considered personal information under the Australian Privacy Act if it can be de-anonymised and identify the personal information about an individual. Therefore, care must be taken when dealing with and creating “anonymised datasets” as that data will only fall outside the remit of the Australian Privacy Act if other data cannot be used with the anonymised data to reveal the personal information about an individual. If an anonymised dataset can be de-anonymised then it should be properly protected in accordance with the Australian Privacy Act.

Copyright 2024 K & L Gates

Current Legal Analysis

More from K&L Gates

Europe: Research Cost Re-Bundling – Is the UK Going Back to the Future?
by: Andrew J. Massey , Philip J. Morgan
PFAS Regulation Continues to Take Center Stage: EPA Releases Final Drinking Water Standards
by: Brian S. Montag , Dawn M. Lamparello
The Committee on Foreign Investment in the United States Sharpens Its Enforcement Edge: Proposed Regulatory Revisions Expand Penalty Authority
by: David R. Allman , Guillermo S. Christensen
Kicked Out of the Club: NFA Orders Commodity Pool Operator Not to Reapply for NFA Membership
by: Matthew J. Rogers , Benjamin C. Skillin
SEC Risk Alert Offers Initial Observations on Compliance
by: Michael S. Caccese , Lance C. Dial
Guidance on Use of Artificial Intelligence-Based Tools in Practice Before the United States Patent and Trademark Office
by: Matthew S. Dicke
Global Survey of ESG Regulations for Asset Managers
by: Lance C. Dial , Keri E. Riemer
The UKIPO Updates its Policies to Tackle Ineffective Addresses for Service
by: Simon Casinader
Doing Business in Australia: A Guidebook for Investing in Australia
by: Betsy-Ann Howe
ESG-Australia: Consultation Material for the 5th Edition of the Corporate Governance Council Principles and Recommendations Released
by: Andrew Gaffney , Clive Cachia

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins