Oregon attorney general considers investigating Facebook
SALEM, Ore. (AP) — Oregon's attorney general says she is reviewing whether to launch an investigation of Facebook, including whether it violated a state law that protects online customers' private information.
Attorney General Ellen Rosenblum told The Associated Press that she and several other state attorneys general are drafting a letter to Facebook, asking about a leak of Facebook customers' data without their knowledge or consent.
"We're just full of unanswered questions at this point, and whether or not it's going to blossom into a full-scale investigation is still somewhat up for grabs," Rosenblum said in a telephone interview late Thursday.
Cambridge Analytica, a data mining firm that worked for Donald Trump's campaign, is accused of lifting data from some 50 million Facebook users to influence voters.
Former Cambridge Analytica whistleblower Christopher Wylie says the firm sought Facebook information to build psychological profiles on a large portion of the U.S. electorate. It amassed the database quickly with the help of academic Aleksander Kogan, who developed a Facebook app called "This is Your Digital Life" that appeared to be a personality test, Wylie said.
That app vacuumed up information from users who gave the app permission to access their accounts — as well as additional data from tens of millions of their Facebook friends.
Cambridge Analytica has denied wrongdoing
Kogan said he has been scapegoated by Cambridge and Facebook. He says the data firm approached him for the project and assured him that everything he did was legal.
Rosenblum credited Will Castleberry, a Facebook vice president for state and local public policy, for reaching out to her on Thursday, but added that tough questions need to be answered.
She said questions being prepared for the letter include how did Facebook monitor what the developers did with the data and did Facebook have protective safeguards, including audits, to ensure developers were not misusing Facebook user data.
"They've known about this for years and they didn't notify any of their users, which really concerns me," Rosenblum said. "What we're trying to do is figure out ... how to keep this from happening in the future."
In an email to AP on Friday, Castleberry said: "We appreciate Attorney General Rosenblum's interest and will be in touch with her office as we continue our review of the situation."
Facebook CEO Mark Zuckerberg apologized Wednesday during a CNN interview but stopped short of endorsing broad privacy legislation. Facebook's No. 2 executive Sheryl Sandberg said in an interview on CNBC Thursday that the incident was a "huge breach of trust." She said she was sorry the company let so many people down.
Rosenblum said her office is looking at whether misuse of Facebook users' data violated a new Oregon law that makes it an unlawful trade practice for a business to collect, use or dispose of a consumer's information in a manner inconsistent with the business's own privacy policy as published on its website.
Rosenblum, who had championed the bill that was passed overwhelmingly by the Legislature last year, said Oregon is among the first states, if not the first, to pass such a law. She noted that much of the activity under scrutiny took place before the law took effect, on Jan. 1, but was confident that it would cover continued misuse of data.
"Facebook is just an unbelievably big platform," Rosenblum told AP. "They have many opportunities to influence people ... and that's why it's so important for them at the front end to be properly monitoring the developers who take advantage of — and have access to — the data of the users."