Last week, Facebook confirmed that up to 87 million of its users had had their personal data improperly shared with Cambridge Analytica, a London-based political consultancy. 

The social media network had already been under fire for admitting that the data of some 50 million users had been improperly shared, so the new, higher figure spelled even further trouble for the company. The share price of the company plummeted sharply while, in contrast, the #DeleteFacebook movement gained rapid momentum and began trending across other social media platforms.

Mark Zuckerberg, the co-founder, chairman and chief executive officer of Facebook, admitted during a press conference last week that “clearly we should have done more, and we will going forward”. He also said that he was “wrong in retrospect” for believing people were responsible for the way they used Facebook’s “tools”, which ultimately put the responsibility for the leak on the users rather than the company itself. He added, “Today, given what we know… I think we understand that we need to take a broader view of our responsibility.

“That we’re not just building tools, but that we need to take full responsibility for the outcomes of how people use those tools as well.”

Zuckerberg is currently testifying at two congressional hearings about the data breach, during which he is expected to be grilled on the Cambridge Analytica scandal, whether Facebook interfered in the 2016 presidential election and what the future looks like for the company.

As he presents his testimony, some of which you can read on the BBC here, stylist.co.uk explains everything you need to know about the data leak, how to tell if you were affected and, most importantly, how to keep your information safe in the future.

Who was affected?

Most of those affected were based in the US. However, the BBC reports that 1.1 million users from the UK had their data shared.

How was the information shared?

The leak is thought to have been made possible by a popular personality quiz called This Is Your Digital Life. Around 305,000 Facebook users installed the app, created by Cambridge University academic Aleksandr Kogan and his company Global Science Research (GSR). The data gathered by the app was then sold to Cambridge Analytica.

In a twist in the tale, Cambridge Analytica has publicly denied that it received data from 87 million users. In a tweet sent last week, the company said, “Cambridge Analytica licensed data from GSR for 30 million individuals, not 87 million. We did not receive more than 30 million records from research company GSR.”

It added, “When Facebook contacted us to let us know the data had been improperly obtained, we immediately deleted the raw data from our file server, and began the process of searching for and removing any of its derivatives in our system.”

However, a Channel 4 News investigation revealed that at least some of the information of “thousands of users” obtained by the company had not been destroyed, but was still in circulation.

What is Facebook doing?

Facebook issued a notification titled “Protecting your information” to all users who had been affected on 9 April, with a link that allowed people to see what data had been shared and information on how to protect their data in future.

The notification was estimated to have been released at about 5pm in the UK. If you did not receive a notification, you are unlikely to have been affected.

In light of the data leak, Facebook has also made a number of changes to restrict data access on the site. You can see more information about these changes here.

The company has also announced that all political ads used on the site will be clearly labelled as such. It tweeted, “Soon anyone that sees a political ad on Facebook will see it labeled as such. This label will also include information on who paid for it. People in the US will start to see these labels later this spring, with more countries on the way.”

What is the Information Commissioner’s Office doing?

The UK’s Information Commissioner’s Office (ICO) is currently investigating the use of personal data and analytics by 30 organisations, including Facebook. On its website, the ICO states that “part of this investigation is looking at how data was collected from a third party app on Facebook called ‘thisisyourdigitallife’ and shared with an organisation called Cambridge Analytica.”

Speaking on the issue last month Elizabeth Denham, Information Commissioner, said: “The most significant risks to individuals’ personal information are now driven by the use of new technologies. The revelations…involving Cambridge Analytica and Facebook and political campaigns is a dramatic case in point.

“I have often spoken about how innovation and privacy must go hand in hand. As technological developments progress ever rapidly, I am duty bound to stand up for the privacy rights of UK citizens. I will not allow their fundamental right to privacy to be carried away on a wave of progress.”

The ICO will continue to investigate the evidence before deciding what steps to take next.

How can I keep my data safe?

The ICO recommends that Facebook users make themselves aware of the network’s privacy settings and controls in the first instance.

It recommends, “We always advise those who use social media to check their privacy settings before using a particular service and to review them regularly, particularly after any new settings are introduced.”

The ICO has also published a set of guidelines for Facebook users to follow, in order to protect their data. This includes protecting data that is shared both within and outside of Facebook.

How to protect your data within Facebook

You can change your privacy settings on Facebook by going to “Account Settings” and browsing the various options available. For example, you can choose who is able to see your posts, and block search engines from outside of Facebook from linking to your profile.

You can also go to “Ads” to change your “Ad Preferences”. Here, you can change how Facebook personalises the adverts it shows to you. For example, you can stop it from showing you ads based on websites and apps that you use, by going to “Ad Settings” and selecting “off” next to the option “Ads based on my use of websites and apps”.

How to protect your data outside of Facebook

Facebook apps can share your personal data including your birthday, hometown and interests. The ICO recommends checking the individual privacy settings of every app you use on Facebook.

To see what information the apps you use are collecting from you, go to “Menu”, then “Account Settings”, then “Apps”. Here you will find a list of apps that are logged in with Facebook and therefore able to collect personal data from you. You can remove apps individually from this list.

If you wish to restrict all third-party apps from collecting your data, you can disable their ability to interact with your Facebook profile. Under “Apps”, select “Platform”, then “Edit” and “Turn Off Platform”.

What else can I do?

There are a couple of other ways to protect your data when using Facebook:

• Keep your password protected and never share it with anyone
• Ensure the email account you used to sign up to Facebook is secure
• Log out of Facebook if you use it on a public computer

Images: Unsplash, Joy Real, Christin Hume, Brooke Cagle, Vojtech Okenka