Facebook investigates Crimson Hexagon over data policy concerns

23 Jul 2018

Image: Arthimedes/Shutterstock

The Cambridge Analytica scandal rocked Facebook to its very core and the social network is determined to avoid a similar episode.

Facebook has temporarily suspended analytics firm Crimson Hexagon from access to its APIs in order to investigate concerns about the collection of user data.

Boston-based Crimson Hexagon offers “AI-powered consumer insights” for brands and has contracts with government agencies around the world.

‘We don’t allow developers to build surveillance tools using information from Facebook or Instagram’

Facebook is understood to be probing whether Crimson Hexagon’s government contracts – including those with the US government, the Turkish government and a Russian non-profit with alleged ties to the Kremlin – comply with its policies.

What the heck is Crimson Hexagon and why is it being investigated?

Crimson Hexagon claims to be able to analyse more than 1trn social media posts from Facebook, Instagram, Twitter and others, and is understood to be able to analyse more than 160m photographs posted online a day.

The company, which is funded to the tune of $33.5m and was founded by Gary King and Candace Fleming, counts Anheuser-Busch InBev, Adidas, General Mills, Paramount Pictures, Starbucks and Twitter as clients.

In 2017, Facebook prohibited user data being used for government surveillance as a result of pressure from civil liberties groups, which were concerned that protesters were being targeted. However, it does not prohibit third parties from providing data to government agencies for market research purposes.

“We don’t allow developers to build surveillance tools using information from Facebook or Instagram,” Facebook said in a statement.

“We take these allegations seriously, and we have suspended these apps while we investigate.”

The suspension of Crimson Hexagon prevents the firm from accessing user data. Access to the Facebook and Instagram APIs were shut off on Friday (20 July) following queries by The Wall Street Journal about Crimson Hexagon’s government contracts.

For its part, Crimson Hexagon CTO Chris Bingham said that the debate in the fallout of the Cambridge Analytica affair – which saw data on about 87m users gathered potentially to swing electoral outcomes – is timely and the firm is complying with the investigation.

“Public online data is data that anyone can access, including, for example, any tweets from a public Twitter account, public posts or comments on forums, or publicly distributed news articles or blogposts. All of this public data is collected by Crimson Hexagon so that users of our platform can analyse it to understand large-scale consumer trends and preferences.

“What is not considered public online data? Social media posts published by private accounts and profile information from private social media accounts. This is private online data that Crimson Hexagon has never collected, and has no ability to collect.

“Cambridge Analytica raised alarm surrounding the potential for misuse of private Facebook data, but public data appears to be coming under increased scrutiny as well. To be abundantly clear: what Cambridge Analytica did was explicitly illegal, while the collection of public data is completely legal and sanctioned by the data providers that Crimson engages with, including Twitter and Facebook, among others.

“Crimson Hexagon, like all global organisations that gain access to public or private customer data, continues to evolve its data handling policies in accordance with GDPR and other regulations created to champion consumer privacy and choice. We are working closely with our data providers and our customers to ensure full compliance as these requirements as the needs and expectations of consumers around data privacy evolve,” Bingham said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years