When Cambridge Analytica Met Facebook: A story of dark UX and shitty business models

1. W H E N C A M B R I D G E A N A L Y T I C A M E T F A C E B O O K : A S T O R Y O F D A R K U X A N D S H I T T Y B U S I N E S S M O D E L S U X P A @ D A N C H A R V E Y # D A R K U X

2. @ D A N C H A R V E Y # D A R K U X

3. T H E S E T W O F U C K S @ D A N C H A R V E Y # D A R K U X

4. T H I S F U C K I N G N U T @ D A N C H A R V E Y # D A R K U X

5. & T H I S S M A R M Y M O T H E R F U C K E R @ D A N C H A R V E Y # D A R K U X

6. W I T H A B O O G L E O F R A B I D S H I T W E A S E L S @ D A N C H A R V E Y # D A R K U X

7. 8 7 , 0 0 0 , 0 0 0 @ D A N C H A R V E Y # D A R K U X@ D A N C H A R V E Y # D A R K U XS O U R C E : F A C E B O O K

8. 8 2 , 2 9 3 , 4 5 7 🇩 🇪 6 6 , 5 7 3 , 5 0 4 🇬 🇧 6 5 , 2 3 3 , 2 7 1 🇫 🇷 @ D A N C H A R V E Y # D A R K U XS O U R C E : W I K I P E D I A

9. 5 3 , 8 5 5 , 7 3 5 🇲 🇲 @ D A N C H A R V E Y # D A R K U XS O U R C E : W I K I P E D I A

10. @ D A N C H A R V E Y # D A R K U X

11. 2 9 , 0 0 0 @ D A N C H A R V E Y # D A R K U X@ D A N C H A R V E Y # D A R K U XS O U R C E : F A C E B O O K

12. N A M E , F A C I A L R E C O G N I T I O N D A T A , G E N D E R , E M A I L , P H O N E , B I R T H D A Y , E D U C A T I O N , W O R K , E V E N T S , H O M E T O W N , L A N G U A G E , L O C A T I O N , I P A D D R E S S E S , L I K E S , C H E C K - I N S , C R E D I T C A R D S , F A M I L Y , F R I E N D S , D E L E T E D F R I E N D S , P H O T O M E T A D A T A , T I M E L I N E , M E S S A G E S , D E A C T I V A T E T I M E S , A D S , S E X U A L O R I E N T A T I O N , P O L I T I C A L V I E W S , R E L I G I O U S V I E W S , & E V E N F U C K I N G P O K E S@ D A N C H A R V E Y # D A R K U X@ D A N C H A R V E Y # D A R K U XS O U R C E : F A C E B O O K

13. 1 . T H E R I G H T T O B E I N F O R M E D T H E R I G H T O F A C C E S S T H E R I G H T T O R E C T I F I C A T I O N T H E R I G H T T O E R A S U R E T H E R I G H T T O R E S T R I C T P R O C E S S I N G T H E R I G H T T O D A T A P O R T A B I L I T Y T H E R I G H T T O O B J E C T R I G H T S I N R E L A T I O N T O A U T O M A T E D D E C I S I O N M A K I N G A N D P R O F I L I N G @ D A N C H A R V E Y # D A R K U X R I G H T S U N D E R G D P R @ D A N C H A R V E Y # D A R K U X

14. @ D A N C H A R V E Y # D A R K U X S E N S I T I V E I N F O @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

15. @ D A N C H A R V E Y # D A R K U X F A C I A L R E C O G N I T I O N @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

16. @ D A N C H A R V E Y # D A R K U X D A T A C O L L E C T I O N @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

17. @ D A N C H A R V E Y # D A R K U X N E W T E R M S O F S E R V I C E @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

18. @ D A N C H A R V E Y # D A R K U X A C C O U N T D E L E T I O N @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

19. @ D A N C H A R V E Y # D A R K U X P R I V A C Y S H O R T C U T S @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

20. @ D A N C H A R V E Y # D A R K U X A C C E S S Y O U R I N F O @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

21. @ D A N C H A R V E Y # D A R K U X D A T A P O R T A B I L I T Y @ D A N C H A R V E Y # D A R K U XS O U R C E : T E C H C R U N C H

22. 1 . E X P L A I N W H A T D A T A Y O U C O L L E C T , W H Y Y O U C O L L E C T I T , A N D H O W I T M A K E S Y O U M O N E Y . Y O U R D E S I G N S H O U L D E X P L A I N Y O U R A L G O R I T H M S . A L L O W Y O U R C U S T O M E R S T O O P T I N T O D A T A C O L L E C T I O N , R A T H E R T H A N O P T I N G O U T O F I T . E X A M I N E A N D C O N S I D E R H O W B A D A C T O R S C O U L D U S E Y O U R S Y S T E M . T H E N P R E V E N T I T , P R E P A R E F O R I T , A N D B E R E A D Y T O R E A C T I N R E A L T I M E I F I T H A P P E N S . M E D I A L I T E R A C Y M A T T E R S . I T ’ S T I M E W E P R I O R I T I Z E D D A T A L I T E R A C Y . @ D A N C H A R V E Y # D A R K U X D E S I G N F O R T R U S T @ D A N C H A R V E Y # D A R K U XS O U R C E : @ S H E R Y L C A B A B A

23. @ D A N C H A R V E Y # D A R K U X@ D A N C H A R V E Y # D A R K U X

24. T H A N K S ! U X P A @ D A N C H A R V E Y # D A R K U X

Editor's Notes

Thanks for the introduction. A few things before I start: I’m head of product design & brand at The Dots. We’re a London-based startup that Forbes has called a “LinkedIn for Creatives.” So if you’re want to connect with other designers or find your dream job then please check us out at the-dots.com. I lived in New York for 20 years. So I hope you give zero fucks that I’m probably going to say fuck a fucking lot. Cool? Alright. I promise even if you’re deeply up to date on all this stuff you were learn something new today on slide 6. Let’s go!
So I don’t know about you but I felt the full range of human emotions when this scandal came to light back in March. We have the tireless efforts of journalists at The New York Times, The Guardian and Channel 4 News to thank for the info we have now. But before we talk about the what and the how I want to talk about the who.
We have Mark Zuckerberg, a tech bro who famously got inspired by “hot or not” in his college dorm room to make Facebook. It should come as a surprise to no one that he doesn’t understand the concept of “consent.” And Sheryl Sandberg who’s job was to monetise Facebook and generally be the “adult in the room.” Until these two come up with a more disruptive business model than “Senator, We sell ads” there will be no fundamental or financial incentive for change.
We also have Aleksandr Kogan then Aleksandr Spectre then back to Aleksandr Kogan a data scientist (still) at Cambridge University, who developed a quiz app in 2013 called thisisyourdigitallife to be deployed on Facebook. Kogan handed the app over to…
This smarmy motherfucker is Andrew Nix, the now-ex-ceo of Cambridge Analytica. CA helped snooker 270,000 people on FB to take Kogan’s quiz for “academic research purposes only.” Two years later in 2015 FB discovered that Kogan had shared data with CA. FB asked CA to delete the data, took their word for it, and in a SHOCKING PLOT TWIST THEY DIDN’T. What’s more that data is now free game on the wilds of the Internet.
CA is an affiliated corporation with Aggregate IQ and other firms connected to SCL (Strategic Communications Laboratories). Within that web there are easy connections to make to scum like Trump, Farage, Bannon, Mercer, etc. who used the data in both the 2016 US Presidential race and the Brexit referendum. #ScumAttractsScum If you were keeping count this is slide 6. Did you know a boogle was what a group of weasels were called? I had no idea. I had to look it up special for this talk.
It would be bad enough if only 270,000 were lied to by CA and their faux informed consent but because Facebook’s darkUX-friendly settings at the time meant apps could not only read your info but your friends info as well the number of effected people ballooned to 87 million people. Think about that number for a moment…
87 MILLION IS MORE THAN THE POPULATION OF: GERMANY UK FRANCE
AND IT’S MORE THAN THE POPULATION OF MYANMAR WHERE CONTENT ON FB HAS BEEN LINKED BY THE U.N. TO GENOCIDE OF THE ROHINGYA POPULATION IN THE COUNTRY.
Deep breath. Whew. Let’s not go there. Stay focused. And guess what? that number is even higher since CA execs have cited more quizzes like “sex compass” were also used to mine data. Anyway more numbers. Who doesn’t love numbers?
Facebook has 29,000 data points on it’s users. That includes…
Some of this data you can remove, some of it you can’t. Some of it makes sense from a security POV, some of it doesn’t. Never ever let a company trick you into believing there’s some sort of false dichotomy between privacy and security or privacy and convenience. These things don’t have to be mutually exclusive. And they only are when your business model is corporate surveillance. The most salient thing that came from Zuck’s Congressional hearings was during his exchange with Congressman Ben Luján (D-NM). During that Zuck confirmed that FB even has 1,500 data points on people that aren’t on the platform! These so-called “shadow profiles” lead to a particularly dash cunning bit of darkUX… if you’re one of those people and you want to find out the info they have you on… YOU HAVE TO MAKE AN ACCOUNT AND SIGN-IN to get it.
FB can’t be trusted to self-regulate itself. Fortunately we have GDPR coming to save us on the 25th of May. Can I get an amen? How about a hallelujah? These are just some of the principles enshrined in the EU’s privacy law. This is the closest thing we’ll have to an “Internet Bill of Rights” we have. Facebook shared their GDPR designs with journalists the other day. The following screens are via Josh Constine of TechCrunch in a blistering article called “A flaw-by-flaw guide to Facebook’s GDPR privacy changes.”
First up is control of your sensitive profile information, specifically your sexual preference, religious views, and political views. As you’ll see at each step, you can hit the pretty blue “Accept And Continue” button regardless of whether you’ve scrolled through the information. If you hit the ugly grey “Manage Settings” button, you have to go through an interstitial where Facebook makes it’s argument trying to deter you from removing the info before letting you make and save your choice. It feels obviously designed to get users to breeze through it by offering no resistance to continue, but friction if you want to make changes.
Facebook is bringing facial recognition back to Europe and Canada. The Irish Data Protection commissioner who oversees the EU banned it there in 2012. Users in these countries will get a chance to turn it on, which is the default if they speed through. It’s a useful feature that can make sure people know about the photos of them floating around. But here the lack of granularity is concerning. Users might want to see warnings about possible impersonators using their face in their profile pics, but not be suggested as someone to tag in their friends’ photos. Unfortunately, it’s all or nothing. While Facebook is right to make it simple to turn on or off completely, granular controls that unfold for those that want them would be much more empowering.
A major concern that’s arisen in the wake of Zuckerberg’s testimonies is how Facebook uses data collected about you from around the web to target users with ads and optimize its service. While Sherman echoed Zuckerberg in saying that users tell the company they prefer relevant ads, and that this data can help thwart hackers and scrapers, many users are unsettled by the offsite collection practices. Here, Facebook lets you block it from targeting you with ads based on data about your browsing behavior on sites that show its Like and share buttons, conversion Pixel, or Audience Network ads. The issue is that there’s no way to stop Facebook from using that data from personalizing your News Feed or optimizing other parts of its service.
Facebook recently rewrote its Terms Of Service and Data Use Policy to be more explicit and easy to read. It didn’t make any significant changes other than noting the policy now applies to its subsidiaries like Instagram and Messenger. That’s all clearly explained here, which is nice. But the fact that the button to reject the new Terms Of Service isn’t even a button, it’s a tiny ‘see your options’ hyperlink shows how badly Facebook wants to avoid you closing your account. It seems obvious that Facebook is trying to minimize the visibility of the path to account deletion rather than making it an obvious course of action if you don’t agree to its terms.
This is what you get if you click the tiny “see my options” link. First, Facebook doesn’t mention its temporary deactivation option, just the scary permanent delete option. Facebook recommends downloading your data before deleting your account (which you should). But the fact that you’ll have to wait (often a few hours) before you can download your data could push users to delay deletion and perhaps never resume. And only if you keep scrolling do you get to another tiny “I’m ready to delete my account” hyperlink instead of a real button.
To keep all users abreast of their privacy settings, Facebook has redesigned its Privacy Shortcuts in a colorful format that sticks out from the rest of the site. No complaints here.
Facebook has completely redesigned its Download Your Information tool after keeping it basically the same for the past 8 years. You can now view your content and data in different categories without downloading it, which alongside the new privacy shortcuts is perhaps the only unequivocally positive and unproblematic change amidst today’s announcements.
The Download Your Information tool is supposed to let you take your data and go to a different social network. But it only exports your social graph aka your friends as a dumb text list of names rather than something more interoperable and useful so good luck finding the right John Smith on another app.
Sheryl Cababa of Artefact Group wrote a great article called “It’s Time To Start Designing For Transparency.” I’d recommend you all read that. As well as Amber Case’s recent articles on Medium and TechCrunch. #4 Dan Hon, Zuck’s lack of imagination defense, etc. And if you can’t design for trust…
Then you can go zuck yourself.

When Cambridge Analytica Met Facebook: A story of dark UX and shitty business models

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to When Cambridge Analytica Met Facebook: A story of dark UX and shitty business models

Similar to When Cambridge Analytica Met Facebook: A story of dark UX and shitty business models (20)

More from UXPA UK

More from UXPA UK (20)

Recently uploaded

Recently uploaded (20)

When Cambridge Analytica Met Facebook: A story of dark UX and shitty business models

Editor's Notes