It might be the start of a whole new week, but the ongoing Facebook privacy scandal is showing no sign of cooling off. CEO Mark Zuckerberg is testifying before Congress tomorrow, but before that kicks off, Facebook will finally be notifying users who had their data stolen by Cambridge Analytica.
In typical Facebook fashion, there’s no simple button you can click to see if your data was stolen. Instead, you’re going to get a notification and see one of two posts at the top of your news feed. Depending on which post you see, you’ll find out whether or not your data was included in the 87 million profiles swept up on behalf of Cambridge Analytica.
Beginning at noon Eastern time on Monday, users should start seeing one of two messages at the top of their Facebook feed with the header “Protecting Your Information.” Both start by saying that Facebook “understands the importance of keeping your data safe,” but that’s as far as the commonality goes.
If your data was swept up by Cambridge Analytica, you’ll get a message saying that “We have banned the website ‘This Is Your Digital Life,’ which one of your friends used Facebook to log into. You can learn more about what happened and how you can remove other apps and websites any time if you no longer want them to have access to your Facebook information.”
If, like the vast majority of Facebook users worldwide, your data wasn’t swept up, you’ll instead get a link to the Apps and Websites privacy page, which lets you control which third-party apps and websites have access to what data. For years, Facebook has kept that page separate from the regular privacy settings, but it’s now bowing to public pressure and making the field more prominent.
Although Facebook’s proactive move to show users whether or not their data was stolen is useful, it seems like just the tip of the iceberg. Cambridge Analytica is one example of how a malicious actor used Facebook’s third-party data consent to sweep up tens of millions of records, but experts agree that it’s not going to be the only case that comes to light. Over the weekend, Facebook kicked two more companies, CubeYou and AggregateIQ, off the platform for misusing data. Facebook appears to have never truly audited the third-party companies with access to its data, and combing back through years of activity on the platform is going to take a whole bunch of time.