Cambridge Analytica-linked researcher wants to stop the next data scandal

Aleksandr Kogan tells Congress how Cambridge Analytica got data on 87 million people, and how to stop it from happening again.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
3 min read
Cambridge Analytica Accused Of Collecting Personal Information From Facebook Users

Aleksandr Kogan, a University of Cambridge professor, helped Cambridge Analytica obtain data on 87 million people. He called it a mistake on Tuesday.

Chesnot / Getty Images

Aleksandr Kogan helped get Facebook in its Cambridge Analytica mess. Now he has suggestions on how to stop the next one from happening.

The University of Cambridge professor, who testified before the Senate Committee on Commerce, Science and Transportation on Tuesday, said Facebook's issues with Cambridge Analytica were "inevitable" because of how much data digital marketing harvests from people online.

"They give us technological products and services, not in exchange for money, but in exchange for intimate details about ourselves that we are willing to share," Kogan said. "We became the product."

The psychologist then criticized Terms of Services for providing blanket consent. Kogan called for opt-in consent, giving people the right to choose how much data they hand over to companies.

He said getting "informed consent" was the key to "avoiding a future Cambridge Analytica situation."

Kogan is in a unique position to make these comments, since he created the quiz app that harvested a majority of the data used by Cambridge Analytica to create targeted political ads, setting off a massive scandal that has overwhelmed Facebook. The hearing comes as lawmakers and people are becoming much more aware of their data privacy, and how much information companies like Facebook are collecting on them.

That realization has lead to changes, including Facebook CEO Mark Zuckerberg welcoming regulation. In May, the European Union's General Data Protection Regulation introduced sweeping changes to privacy and tech companies.

"Facebook has embarked on an apology tour, but it is in fact, reaching a turning point," Sen. Richard Blumenthal, a Democrat from Connecticut, said in his opening remarks. "My hope is that Facebook will be more forthcoming, that we will expose through these hearings the full range of its activities that may infringe on privacy."

Facebook didn't respond to a request for comment.

Facebook has been dealing with the fallout from privacy issues after it was revealed that Cambridge Analytica obtained data on 87 million Facebook users without their permission. 

Watch this: Zuck faces the EU over Cambridge Analytica flap

While the "thisisyourdigitallife" app was supposed to tell people about their personality, it ended up siphoning data from anybody who took it, along with data on their friends, without their explicit consent. Cambridge Analytica had worked with multiple political campaigns during the US presidential election, including the Trump campaign.

Kogan noted that while Facebook approached him to audit his app, he told the committee that Facebook never followed up. "They just went away," he said.

But in Kogan's opening statement (PDF), he denied the impact of Cambridge Analytica's data on US politics.

"People may feel angry and violated to the extent that their data may have been used as part of a mind-control effort," Kogan said. "I believe there is almost no chance this data could have been helpful to a political campaign -- and I still have not seen any evidence to indicate that the Trump campaign used this dataset to micro-target voters."

Kogan said he regretted not understanding privacy concerns when he created the quiz, calling the backlash an "understandable emotional reaction." Kogan said at the time, the data-harvesting program did not strike him as invasive -- given the way that Facebook and many other data brokers worked at the time. 

He called the decision a mistake, and opened his testimony with an apology.

"We thought collecting people's data was normal, and accepted," he said.

But he also pointed his finger at the way Facebook runs its network.

"The Facebook platform is run in a way that runs counter to getting true, informed consent," Kogan said.

While only 300,000 Facebook users actually took Kogan's quiz, because of the social network's rules at the time, it was able to collect data from millions of other people who never even saw the personality test.

He's not optimistic that companies will adopt this suggestion, as it would greatly reduce how much data they could gather.

"The current way tech companies get people's consent is fundamentally broken," Kogan said.  

CNET's Roger Cheng contributed to this story.

Cambridge Analytica: Everything you need to know about Facebook's data mining scandal.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.