Cambridge Analytica is reeling in the wake of a scandal in which a whistleblower alleged the political analytics firm illicitly obtained Facebook data from more than 50 million profiles, and used this information for its work on the 2016 US presidential election.
On Friday, the fallout continued in the UK as the Information Commissioner’s Office, a user privacy watchdog, was granted a warrant to search the company’s offices by a British High Court judge.
“We’re pleased with the decision of the judge and we plan to execute the warrant shortly,” the ICO said in a tweet before entering Cambridge Analytica’s offices. “This is just one part of a larger investigation into the use of personal data for political purposes and we will now need time to collect and consider the evidence.”
Meanwhile, Cambridge Analytica was in damage control mode on Friday. The company’s acting CEO and former Chief Data Officer, Alexander Tayler, emailed a message to the press claiming the company did not use the illicitly obtained Facebook data during the 2016 US elections. He also sought to cast doubt on the veracity of whistleblower Chris Wylie’s claims.
Here’s the full letter:
23 Mar 2018, by Cambridge Analytica, London
As a data scientist I deeply believe in fairness and transparency in
the way data is collected and processed. I am sorry that in 2014 SCL
Elections (an affiliate of Cambridge Analytica) licensed Facebook data
and derivatives from a research company (GSR) that had not received
consent from most respondents. The company believed that the data had
been obtained in line with Facebook’s terms of service and data
I became Chief Data Officer for Cambridge Analytica in October 2015.
Shortly after, Facebook requested that we delete the data. We
immediately deleted the raw data from our file server, and began the
process of searching for and removing any of its derivatives in our
system. When Facebook sought further assurances a year ago, we carried
out an internal audit to make sure that all the data, all derivatives
and backups had been deleted, and gave Facebook a certificate to this
effect. Please can I be absolutely clear: we did not use any GSR data
in the work we did in the 2016 US presidential election.
We are now undertaking an independent third-party audit to verify that
we do not hold any GSR data. We have been in touch with the UK
Information Commissioner’s Office (ICO) since February 2017, when we
hosted its team in our London office to provide total transparency on
the data we hold, how we process it, and the legal basis for us
processing it. I want to make sure we remain committed to helping the
ICO in their investigations.
The recent media frenzy has been distressing. The source of
allegations against the company is not a whistleblower or a founder of
the company. Christopher Wylie was a part-time contractor who left in
July 2014 and has no direct knowledge of our work or practices since
that date. He was at the company for less than a year, after which he
was made the subject of restraining undertakings to prevent his misuse
of the company’s intellectual property while attempting to set up his
own rival firm.
Cambridge Analytica was formed in 2013, out of a much older company
called SCL Elections. Cambridge Analytica is a data science
consultancy and marketing agency which does undertake some political
work in the US, while SCL Elections is a consultancy focusing on
non-US political campaigns. We take the disturbing recent allegations
of unethical practices in our non-US political business very
seriously. The Board has launched a full and independent investigation
into SCL Elections’ past practices, and its findings will be made
available in due course.
As anyone who is familiar with our staff and work can testify, we in
no way resemble the politically-motivated and unethical company that
some have sought to portray. Our staff are a talented, diverse and
vibrant group of people.
I believe that we should all have more control over our data, and
there should be more transparency over how and when it is used. I
welcome Europe’s new data protection laws (GDPR). There are very good
reasons for updating current data regulations, which date back years
to a very different time. From giving everyone more protection, to
promoting a more equal privacy landscape, these changes will be good
for the industry as a whole.