The Cambridge Analytica affair and Internet‐mediated research

Abstract

In recent years, the Internet has become an essential source of data for research. A vast array of information can be collected via platforms, such as Amazon Mechanical Turk [1] and Survey Tools for specific research questions, or from harvesting social networks such as Twitter or Facebook [2]. Questions about data protection, consent and confidentiality will therefore become increasingly important [3], not only for users, but also for researchers and providers of such research and social media services. The European General Data Protection Regulation (GDPR) [4], with its paradigm of security and privacy by default, is a step in the right direction. The recent scandal surrounding Facebook and Cambridge Analytica [5] shows that these aspects of security and privacy are often not taken into account. Cambridge Analytica, a British consulting firm, was able to collect data from as many as 87 million Facebook users without their consent. The company gained access to 320,000 user profiles and their friends’ data through the “thisisyourdigitallife” app developed by psychologist Alexandr Kogan of Cambridge University, UK, when he sold it to the company.