Facebook says giving Cambridge Analytica info on 50 million people wasn't a breach. It was a feature

Writing for Bloomberg Businessweek, Paul Ford says Facebook's "not-a-breach" of personal information on 50 millions of its users is just the latest example of why it's time for a digital protection agency.

Facebooks recent debacle is illustrative. It turns out that the company let a researcher spider through its social network to gather information on 50 million people. Then the Steve Bannon-affiliated, Robert Mercer-backed U.K. data analysis firm Cambridge Analytica used that data to target likely Trump voters. Facebook responded that, no, this was not a breach.

OK, sure, lets not call it a breach. Its how things were designed to work. Thats the problem.

...

How might a digital EPA function? Well, it could do some of the work that individuals do today. For example, the website of Australian security expert Troy Hunt, haveibeenpwned.com (pwned is how elite, or l33t, hackers, or hax0rs, spell owned), keeps track of nearly 5 billion hacked accounts. You give it your email, and it tells you if youve been found in a data breach. A federal agency could and should do that work, not just one very smart Australianand it could do even better, because it would have a framework for legally exploring, copying, and dealing with illegally obtained information. Yes, wed probably have to pay Booz Allen or Accenture or whatever about $120 million to get the same work done that Troy Hunt does on his own, but thats the nature of government contracting, and we can only change one thing at a time.

Photo of Mark Zuckerberg: JD Lasica, Attribution 2.0 Generic (CC BY 2.0)