Cambridge Analytica Row: Facebook Data Breach Hit 560K Indian Users

User data of more than 560,000 Indians may have been harvested from Facebook Inc. by British researcher Cambridge Analytica, at the centre of a recent storm over data breaches and potential privacy violations on the social media network.

Only 335 users in India installed the thisisyourdigitallife app developed by academic Aleksandr Kogan and his company Global Science Research Ltd that may have been possibly at the centre of the data breaches, according to Facebook. The 335 people make up just 0.1% of the app's total worldwide installs.

Users agreed to take a personality test and have their data collected by the app, which then went on to also access information about the test-takers' Facebook friends, leading to the accumulation of a much larger data pool. "We further understand that 562,120 additional people in India were potentially affected, as friends of people who installed the App. This yields a total of 562,455 potentially affected people in India, which is 0.6% of the global number of potentially affected people," a Facebook spokesperson said.

This week, Facebook said data on as many as 87 million people, most of them in the US, may have been improperly shared with Cambridge Analytica, increasing the figure from a previously estimated 50 million.

"Protecting people's information is at the heart of everything we do, and we require the same from people who operate apps on Facebook. Cambridge Analytica's acquisition of Facebook data through the app developed by Dr. Aleksandr Kogan and his company Global Science Research Limited ("GSR") happened without our authorization and was an explicit violation of our Platform policies. At no time did Facebook agree to Cambridge Analytica's use of any Facebook user data that may have been collected by this app, including with respect to users located in India," the company spokesperson said in an emailed response.

This app first became active on Facebook in November 2013. Facebook removed the app in 2015 when it learnt of violations of its platform policies.

India is a key market for Facebook with 217 million people using the platform every month.

Details of the number of users in India whose data was compromised was shared by Facebook as part of its response to the government of India. On 28 March, the Ministry of Electronics and Information Technology sent a letter to Facebook asking if data of Indian voters and users had been compromised by Cambridge Analytica or any other affiliate. The government also asked what proactive measures were being taken to ensure the safety, security and privacy of such large user data and to prevent its misuse by any third party. Facebook was asked to respond to the questions by April 7.

Facebook's chief technology officer Mike Schroepfer said in a blog that ran under his byline on the company's website that the number of subscribers whose data was shared with the controversial firm was much higher at 87 million than the 50 million it had conceded earlier, "mostly" in the United States.

Subscribers in the Philippines, Indonesia, UK, Mexico and Canada were ahead of Indians, and behind American, in the list of Facebook's new revelations about compromised information.

These details came ahead of a conference call with reporters in which Facebook CEO Mark Zuckerberg said he had made a "huge mistake" personally by not focussing on data privacy. Zuckerberg also faced questions for the first time about his suitability to run the company he founded as a college student — dropped out of Harvard. He answered in the affirmative, but questions are beginning to be raised.

Sunil Abraham, founder of the think tank Centre for Internet and Society, said the thisisyourdigitallife app was one of the many apps that access Facebook's application programming interface. "What Facebook isn't telling us yet is what are the other apps , (whether they) had the same modus operandi and how much data did they manage to scrape," he added. The company said on April 4 that it would display a link on the top of users' News Feed so they can see what apps they use and the information they have shared with those apps. Facebook will also tell people if their information may have been improperly shared with Cambridge Analytica.