Data Loss Prevention (DLP) , Governance , Privacy

Besieged Cambridge Analytica Shuts Down

Has Data Analysis Firm at Heart of Facebook Scandal Been Reborn as Emerdata?
Besieged Cambridge Analytica Shuts Down

Cambridge Analytica, the data analysis firm that reportedly received data on up to 87 million Facebook users without their consent, shut down on Wednesday. The company had worked on the 2016 campaign of U.S. President Donald Trump.

See Also: Live Webinar | Scaling Security at the Internet Edge with Stateless Technology

In a statement on the company's website, Cambridge Analytica was unrepentant: "Over the past several months, Cambridge Analytica has been the subject of numerous unfounded accusations and, despite the company's efforts to correct the record, has been vilified for activities that are not only legal, but also widely accepted as a standard component of online advertising in both the political and commercial arenas."

The company claims the "siege of media coverage" caused the loss of virtually all customers and suppliers.

Cambridge Analytica completed $15 million worth of U.S. political work in the 2016 election cycle, the Wall Street Journal reports. Since then, it hadn't notched a single U.S. federal political client, and it lost several commercial clients in recent months, the newspaper reports.

Despite the company claiming bankruptcy, probes continue, including in New York, says Eric Schneiderman, the state's attorney general. "New Yorkers deserve to know what happened and that their personal data will be protected," he said via Twitter.

The U.K. Information Commissioner's Office also says its investigation will still "pursue individuals and directors" as well as any successor companies.

"The ICO has been investigating the SCL Group and Cambridge Analytica as part of a wider investigation into the use of personal data and analytics by political campaigns, social media companies and others. We will be examining closely the details of the announcements of the winding down of Cambridge Analytica and the status of its parent company," a spokeswoman tells Information Security Media Group.

"The ICO will continue its civil and criminal investigations and will seek to pursue individuals and directors, as appropriate and necessary even where companies may no longer be operating," she says. "We will also monitor closely any successor companies using our powers to audit and inspect, to ensure the public is safeguarded."

MP Damian Collins, who chairs Parliament's Digital, Culture, Media and Sport select committee, vowed to continue investigating Cambridge Analytica, saying that such probes "into their work are vital."

"We've got to make sure this isn't an attempt to run and hide, that these companies are not closing down to try to avoid them being rigorously investigated over the allegations that are being made against them," Collins told the BBC.

Cambridge Analytica is only one of a number of interconnected firms under investigation. On Wednesday, security researcher Chris Vickery, the director of cyber risk research at cybersecurity firm UpGuard, testified before Collins' committee that he had found evidence that AggregateIQ, a Canadian political consultancy and technology company, had worked with the British groups campaigning in favor of Britain exiting the EU - the subject of the country's June 2016 referendum, known as Brexit. Such coordination would have been illegal under British law.

Vickery says AggregateIQ worked with Cambridge Analytica.

Facebook Talks Data Control

Tuesday at Facebook's F8 developer event, the social media giant announced a number of measures to put the control of data use back in the hands of the user, including the ability to scrub all data.

"Cambridge Analytica should be viewed as a cautionary tale for any firm handling personal data," says Julie Conroy, director at Aite Group. "Just as the rash of breaches took cybersecurity to a C-suite and board-level issue over the past few years, the firestorm around Cambridge Analytica's various abuses illustrate why consumer data control and privacy also need to be top of mind issues for all company executives."

When the news of the Facebook data leak scandal broke in March, the scale of the impact and aftershocks became quickly apparent. Facebook's CEO, Mark Zuckerberg, eventually testified before U.S. House and Senate committees about the firm's privacy practices.

Because Zuckerberg has failed to appear before Collins' committee, despite repeated requests, Collins warned Facebook in a Tuesday letter that he's prepared to issue a summons for Zuckerberg's appearance. But because Zuckerberg is not a British citizen, legal experts say he could only be compelled to testify if he were physically present in the country, thus making the summons more of a pointed, if not polite, request.

CA Executives Launch Emerdata

From a business standpoint, however, it's possible that the Cambridge Analytica operation might simply reappear in a new guise.

On August 11, 2017, executives at Cambridge Analytica as well as its parent company, SCL Group, registered Emerdata Limited as a firm devoted to "data processing, hosting and related activities."

Alexander Nix - the former CEO of Cambridge Analytica who was caught on video describing his firm's ethically questionable tactics - was appointed as a director of the firm in February. In March, Rebekah and Jennifer Mercer - daughters of billionaire Robert Mercer, who bankrolled SCL Group and Cambridge Analytica - were also made directors of Emerdata.

Parliament Investigates Data Processing Firms' Connections

Source: Chris Vickery, via Parliament's Digital, Culture, Media and Sport select committee.

Executive editor Mathew Schwartz also contributed to this story.


About the Author

Nick Holland

Nick Holland

Director, Banking and Payments

Holland, an experienced security analyst, has spent the last decade focusing on the intersection of digital banking, payments and security technologies. He has spoken at a variety of conferences and events, including Mobile World Congress, Money2020, Next Bank and SXSW, and has been quoted by The Wall Street Journal, CNN Money, MSNBC, NPR, Forbes, Fortune, BusinessWeek, Time Magazine, The Economist and the Financial Times. He holds an MSc degree in information systems management from the University of Stirling, Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.