What did Cambridge Analytica do?
Used Facebook data from a quiz app to influence elections through targeted political ads.
How was the data collected?
Cambridge Analytica
One person using the quiz app exposed all their friends’ data, leading to 50–60 million profiles being taken.
Why were privacy settings useless?
Cambridge Analytica
Facebook let third-party apps access user data even when users set it to “friends only.”
What had the FTC already found in 2011?
Facebook misled users about privacy, made private info public without warning, and allowed apps to access too much data.
How did fake news spread so widely?
Clickbait made by teenagers and fake accounts received more engagement than real news — algorithms boosted whatever got clicks.
Is mass personal social engineering effective?
Yes, especially for targeted groups (e.g., fake BLM accounts told users not to vote → Black voter turnout dropped for the first time in 20 years).
Why is this a threat to democracy?
personalized algorthims
Personalized misinformation can manipulate beliefs, suppress voting, and influence elections at scale.
What is Mass Personal Social Engineering?
manipulation of people at scale using highly targeted and personal data
Masspersonal Social Engineering
Intensive Data Gathering
It requires comprehensive data harvesting
the collection of massive amounts of Facebook data via quiz apps used by Cambridge Analytica
Masspersonal Social Engineering
Deceptive Identities and Pretexts
The process often uses deceptive identities or pretexts
bots posing as specific political or social groups, or the use of fake blogs and entertainment apps to collect data
Masspersonal Social Engineering
Conversational Obfuscation
This technique involves a mix of friendliness, deception, and accuracy to make the communication appear authentic
Masspersonal Social Engineering
Penetration
Targets penetration of minds, media coverage, and/or
democratic processes
Masspersonal Social Engineering
Masspersonalization
Combines personalized targeting with mass media
