5000万用户信息泄露!扎克伯格发声明认错
近日,英美媒体曝出美国社交媒体脸书多达5000万用户信息“失窃”,这是脸书创建以来遭遇的最大规模用户数据泄露事件之一。
脸书公司股价接连两天下挫,这家全球最大社交网站公司两日内市值蒸发近500亿美元。
扎克伯格发声明认错
3月22日,脸书创始人兼CEO马克·扎克伯格打破沉默,在用户数据泄露丑闻后首次发声,并承认对数据泄露事件负有责任。
Zuckerberg has admitted that the social network "made mistakes" that led to millions of Facebook users having their data exploited by a political consultancy.
扎克伯格承认脸书“犯了错误”,致使上千万用户数据被一家政治咨询公司利用。
扎克伯格发表声明称:
"We have a responsibility to protect your data, and if we can't then we don't deserve to serve you. I started Facebook, and at the end of the day I'm responsible for what happens on our platform. "
“我们有责任保护好用户数据,如果连这都做不到,那么就不配向用户提供服务。我创建了脸书,最终我要对发生在这个平台上的事件负责。”
事件梳理
3月17日,美国《纽约时报》和英国《卫报》发布报道,曝光脸书上5000万用户信息数据被一家名为“剑桥分析”(Cambridge Analytica)的公司泄露。
“剑桥分析”公司分析数据、建立模型,以预测并影响政治活动中公众的选择。
这家企业曾经受雇于美国总统唐纳德·特朗普的竞选团队和推动英国脱离欧洲联盟公民投票的“脱欧”阵营。
报道称,2014年,27万脸书用户下载该平台上一款个性分析测试的应用软件;应用软件开发者、英国剑桥大学心理学教授亚历山大·科根将这些用户及其脸书好友的数据卖给“剑桥分析”公司。数据包括脸书用户档案信息以及他们“点赞”的内容。
Facebook has since changed the amount of data developers can gather in this way, but a whistleblower, Christopher Wylie, says the data of about 50 million people was harvested for Cambridge Analytica before the rules on user consent were tightened up.
此后,脸书更改了开发者可通过此种方式获取数据的数量,但事件披露者克里斯托夫·怀利称,“剑桥分析”在“用户同意”规定收紧之前,就已获取了约5000万用户的数据。
扎克伯格22日发声明称,2015年,脸书从《卫报》记者那里获知,亚历山大·科根将其应用程序所获取的用户数据共享给了“剑桥分析”。这违背了脸书关于开发者在没有征得用户同意的基础上不得分享数据的政策。
他表示:
“We immediately banned Kogan's app from our platform, and demanded that Kogan and Cambridge Ana 47 31763 47 14940 0 0 2789 0 0:00:11 0:00:05 0:00:06 2932lytica formally certify that they had deleted all improperly acquired data. They provided these certifications.”
“脸书立即在其平台上禁用科根的应用,并要求科根和‘剑桥分析’正式证明他们已经删除了所有违规获得的用户数据。科根和‘剑桥分析’提供了相关证据。”
“Last week, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified.”
“上周,我们从《卫报》、《纽约时报》和第四频道了解到,‘剑桥分析’或许并没有像他们宣称的那样删除数据。”
据英国广播公司22日报道,“剑桥分析”否认存在任何违规操作。
For its part, Cambridge Analytica says it did delete the data when told to by Facebook.
对此,“剑桥分析”声称,他们根据脸书的要求删除了这些数据。
脸书全球用户超过20亿。涉及如此庞大人群的隐私信息安全,爆料引起广泛关注和讨论。
“删除脸书”(#deletefacebook)19日成为社交媒体“推特”上一大话题标签(hashtag)。政府和评论人士批评脸书无能,呼吁引入法规,加强监管。
US senators have called on Zuckerberg to testify before Congress about how his company will protect users, while consumer watchdog the US Federal Trade Commission has reportedly opened an investigation into Facebook.
美国参议院要求扎克伯格到国会作证,说明脸书将如何保护用户隐私。据称,消费者监督机构美国联邦贸易委员会已对脸书展开调查。
The head of the European Parliament also said it would investigate to see if the data was misused.
欧洲议会主席也表示,将调查泄露数据是否被滥用。
The UK's Information Commissioner Elizabeth Denham is attempting to obtain a warrant to search the offices of Cambridge Analytica.
英国信息专员伊丽莎白·德纳姆正在申请对“剑桥分析”公司办公地的搜查许可。
脸书将采取举措防止用户数据被滥用
扎克伯格在声明中表示,将从这次事件中吸取教训,进一步巩固平台数据的安全性,修复脸书用户对平台的信任:
“This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.”
“这次事件破坏了科根、‘剑桥分析’和脸书之间的信任,但同时也是对脸书和所有将个人数据分享给我们并认为我们能保护这些数据的用户之间信任的一种伤害。我们需要弥补这个错误。”
“While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn't change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward.”
“尽管此类特殊事件不会再发生,但这并不能改变过去已经发生的事情,我们将从这次经验中吸取教训,进一步巩固平台数据的安全性,并且在未来让我们的社区变得更安全。”
他表示,针对此次信息泄露事件,脸书将采取以下措施:
Investigate all Facebook apps that had access to large amounts of information before the platform was changed "to dramatically reduce data access" in 2014
对2014年脸书“关闭数据入口”前,所有脸书平台上可获取大量数据的应用程序进行调查
Conduct a full audit of any app with suspicious activity
对所有存在可疑行为的应用进行全面审查
Ban any developer that did not agree to a thorough audit
禁止服务不同意进行彻底审查的开发者
Ban developers that had misused personally identifiable information, and "tell everyone affected by those apps"
禁止服务违规使用用户个人身份信息的开发者,并告知“所有受影响的用户”。
扎克伯格还承诺,为防范用户信息被利用,未来脸书将采取的措施包括:
Restrict developers' data access "even further" to prevent other kinds of abuse
对开发者获取数据进行“更严格”的限制,以防止其他形式的滥用
Remove developers' access to a user's data if the user hadn't activated the developer's app for three months
关闭用户近3个月内未使用过的应用程序获得用户数据的权限
Reduce the data that users give an app when they sign in to just name, profile photo, and email address
减少用户登陆时向应用程序提供的数据信息,只限于用户的名字、头像照片和电子邮件地址
Require developers to obtain approval and also sign a contract in order to ask anyone for access to their posts or other private data
要求开发者在询问用户获取他们的数据和其他私人信息时,不仅要获得授权,还需要签订合约
来源:新华网,BBC
编辑:董静 许雅宁