Hacker News new | past | comments | ask | show | jobs | submit login

>protected data

What data was being protected? The data was created when the user chose to engage with the facebook apps. CA pays facebook to put something in front of users faces and then CA gets back information on user engagement. How is that different than any other kind of advertising on the web?

We can argue that there needs to be more transparency on facebook but a breach? That's torturing the word.

> What data was being protected?

Personally-identifiable information [1]. Many states require notification in the event this data is found to have been accessed improperly. The definition of a "breach" is not limited to technical malfunctions.

[1] http://www.ncsl.org/research/telecommunications-and-informat...

Personally-identifiable information that users chose to share with the world as part of public profiles.

We might say that you can't sign away the secrecy of your PII, so user consent is irrelevant. Then we had better get on YCombinator, Stack Overflow, Medium, etc. for allowing prominent community members to use their real names on their posts. Someone could [0] use them train statistical models to who-knows-what purpose, after all.

[0] https://www.kaggle.com/hacker-news/hacker-news-corpus

CA state that the data was collected by a third party as "academic research" and they didn't know that when it was given to them - so they violated the terms of service in good faith.

Whether you believe them is another matter.

"protected data" was part of the HIPAA analogy.

> This is similar to a HIPAA "breach" where the word doesn't imply that a security system was compromised, but that protected data was accessed by folks who shouldn't have had it.

Protected data, in the context of HIPAA, would refer to Personal Health Information (PHI)

Why would the HIPAA standard of a breach apply here? Scraping public data to create a political profile is on par with getting access to private health data?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact