The Central Bureau of Investigation (CBI) has now written to Facebook, Cambridge Analytica, and Global Sciences Research seeking further information on the data breach scandal that rocked the world last year, according to reports.
“The CBI has written to Facebook (USA), Cambridge Analytica and Global Sciences Research in the case of the alleged data leak. A PE has also been registered. This is being done to probe if Cambridge Analytica had picked data from Global Sciences Research, which relates to the personal data of Indians on Facebook. The probe will see if data was harvested and misused,” a person familiar with the development was cited as saying.
Facebook claimed last year that personal data of over 87 Mn was shared with political consultancy firm Cambridge Analytica in the run-up to the US presidential election; of this, 5.62 Lakh users were Indians. The incident came as a rude shock, making governments, international organisations, and companies the world wake up to the perils of data leaks and privacy hacks.
A month ago, the CBI registered a preliminary enquiry (PE) against Cambridge Analytica and Global Sciences Research on the alleged data theft of Indian users.
Earlier in July, Union Law Minister Ravi Shankar Prasad had informed Parliament about the government asking the CBI to investigate the issue. “It is suspected that Cambridge Analytica may have been involved in illegally obtaining data of Indians, which could be misused,” Prasad said.
Before initiating the investigation, the Indian government had issued a couple of notices against the now-defunct Cambridge Analytica as well as Facebook on the matter but reportedly did not get any response.
Here are the highlights of the Facebook-Cambridge Analytica data breach:
- Facebook CEO Mark Zuckerberg, in his blog, informed that the social media company has taken down more than 270 pages and accounts operated by a Russian organisation called the Internet Research Agency (IRA)
- Earlier, Facebook apologised and made assurances to the Indian government that it would make sincere efforts to protect the privacy of user data on the platform
- The social media platform also came up with new services guidelines along with an updated data collection policy in which it has added more privacy control for users
- In May, Cambridge Analytica shut down its operations in the UK and was to file bankruptcy proceedings in the US
- Facebook suspended around 200 apps after a thorough investigation into apps running on its platform that have misused user data
Data Breaches Led To The Draft PDP Bill
In view of the rising incidents of data breaches, the government last year appointed the Justice BN Srikrishna Committee to come up with a draft Personal Data Protection Bill, 2018. The committee recently tabled the bill, which makes it mandatory for data fiduciaries (entities collecting or processing the data) to inform their users about what data they wish to collect, the purpose of collection that data, if it will be transferred to third parties or outside the country, how it will be stored, for how long it will be retained, and so on.
The draft PDP Bill mandates live data mirroring or localisation (meaning that at least one copy of all personal user data must be stored in India), which will drive up costs for companies.
The Bill has evoked much criticism since it was recently tabled by the Justice BN Srikrishna Committee.
The government recently extended the deadline for a public consultation on the Bill to September 30. Meanwhile, Telangana government has raised concerns that certain clauses in the Bill, especially the one on data localisation, will isolate Indian startups and hurt investments in the state and the country.
[The development was reported by Livemint.]