Facebook Quietly Cuts Off Sensitive Ad Data Before It Can Get Cambridge Analytica’d Again

Facebook Quietly Cuts Off Sensitive Ad Data Before It Can Get Cambridge Analytica’d Again
Photo: Getty

A good rule of thumb is to be sceptical of the privacy-forward changes Facebook touts to the public, and to deeply interrogate any of the quieter changes it rolls out behind the scenes since those—surprisingly—often mark the real efforts that the company’s taking to be a little bit less of an invasive shitshow.

In the latest change, Facebook is tightening its rules around the use of raw, device-level data used for measuring ad campaigns that Facebook shares with an elite group of advertising technology partners.

As first spotted by AdAge, the company recently tweaked the terms of service that apply to its “advanced mobile measurement partner” program, which advertisers tap into to track the performance of their ads on Facebook. Those mobile measurement partners (MMPs) were, until now, free to share the raw data they accessed from Facebook with advertisers. These metrics drilled down to the individual device level, which advertisers could then reportedly connect to any device IDs they might already have on tap.

Facebook reportedly began notifying affected partners on February 5 and all advertising partners must agree to the updated terms of the program before April 22, according to Tencent.

While Facebook didn’t deliver the device IDs themselves, passing granular insights like the way a given consumer shops or browses the web—and then giving an advertiser free rein to link that data to, well, just about anyone—smacks hard of something that could easily turn Cambridge Analytica-y if the wrong actors got their hands on the data. As AdAge put it:

The program had safeguards that bound advertisers to act responsibly, but there were always concerns that advertisers could misuse the data, according to people familiar with the program. Facebook says that it did not uncover any wrongdoing on the part of advertisers when it decided to update the measurement program. However, the program under its older configuration came with clear risks, according to marketing partners.

Gizmodo reached out to Facebook for comment about the changes—we’ll update this story if they respond.

A bit of background here: When you see ads on Facebook for—I don’t know, a giant furry suit—there’s a chance that the person advertising that furry suit didn’t do it alone. The company works with literally hundreds of marketing partners that can help that fur-vertiser every step of the way. A chunk of these partners specialises in “measurement” and “attribution”—in making sure that the right ad for the right fursuit gets seen by the right Instagram user at the right time.

Folks in the attribution space are plugged into every major platform and a ton of major ad networks themselves, aside from Facebook. An advertiser could go to one of these measurement partners and, to stick with our example, figure out which fursuit is driving the most e-commerce sales, or whether the way a retailer worded its ad might be scaring potential customers off.

Device-level data can be a huge part of the appeal of working with MMPs. In the case of mobile measurement, an advertiser could use that data to figure out which members of his target market respond best to which kind of fursuit, how long it took these target members to buy one of these things after seeing the ad, and where they made the eventual purchase.

That same device-level data could also give an advertiser a heads up if a person, say, isn’t really feeling furry ads in their feed all the time, or if they’re really feeling these ads and is in danger of potential bankruptcy from buying out a warehouse of merch.

Until now, this raw data could be passed freely from Facebook to its trusted ad tech partners, which could then share it with advertisers. Now, its partners can only use that data “on an aggregate and anonymous basis,” according to Facebook’s new terms of service for MMPs.

While the data here wasn’t as personal as names or addresses, it provided insights into the way an individual Facebook user responded to a piece of content, which could be just as useful for fursuit enthusiasts and political pundits alike—especially when they could potentially connect that to a given mobile device ID, which is unique to each phone.

As one marketing exec told AdAge, “Facebook saw this as potentially a really big data leakage problem. Nothing was stopping the advertiser from syndicating this data; Facebook couldn’t control whether or not the advertiser leaked it.”

With the ToS update, Facebook’s quashing that chain of command and keeping advertisers from getting their mitts on potentially sensitive user data. The changes also prohibit those advertisers—or the marketing partners, ostensibly—from taking these raw data points to create entirely new profiles of people off of the data that Facebook provided.

It’s worth noting that this isn’t the first time that Facebook’s floated this idea. Way back in 2015, mobile marketers revolted when the company approached them with the idea of throttling the amount of device-level data they had access to, causing them to drop the proposal. Likewise, the new update is leaving a lot of these same parties less than chipper about their on-Facebook targeting aspects, but it looks like Facebook’s been beaten down by enough congressional hearings to hold strong this time around.