Facebook said that around 5.62 lakh people in India could have been impacted by the data breach undertaken allegedly by UK based political consultancy firm Cambridge Analytica.
Facebook said that globally personal information of up to 87 million users, mostly in the United States, may have been improperly shared with Cambridge Analytica, up from a previous news media estimate of more than 50 million.
In March, the government had issued a notice to Facebook seeking to know whether personal data of Indian voters and users was compromised by Cambridge Analytica.
Facebook data breach has snowball into a major controversy in India with main political parties BJP and Congress accusing each other of engaging services of Cambridge Analytica to influence elections in the country. Facebook has over 20 crore users in the country.
In its response to the government, Facebook said that the company is investigating the specific number of people whose information was accessed by the app, including those in India.
“Cambridge Analytica’s acquisition of Facebook data through the app developed by Dr Aleksandr Kogan and his company Global Science Research Limited (GSR) happened without our authorisation and was an explicit violation of our platform policies,” said Facebook.
It said that numbers that “we have now are that only 335 people in India installed the App, which is 0.1 per cent of the App’s total world-wide installs.” “We further understand that 562,120 additional people in India were potentially affected, as friends of people who installed the App. This yields a total of 562,455 potentially affected people in India, which is 0.6 per cent of the global number of potentially affected people,” said a Facebook spokesperson.
However, Facebook said that the information currently available to it is limited to people who installed the App throughout its lifetime on the Facebook platform (that is 2013 to no later than 17 December 2015).
Meanwhile, government sources said it will wait for response from Cambridge Analytica before deciding on the action to be taken in the Facebook data leak case.
Facebook said that these figures are also “over inclusive. “They include any and all friendships that existed at any time between when the app first became active on the Facebook platform in November 2013 and when the App’s access to friends’ data was limited in May 2015. They also include users who may have changed their settings to disallow sharing of their data with the App, due to limited historical information about when or how those settings were updated.
Facebook said that protecting people’s information is at the heart of everything it does.