The Great Hack

A really thought provoking documentary on Netflix The Great Hack is well worth a watch, it looks into the internet’s invasion and manipulation of the democratic process, specifically Cambridge Analytica and Facebook. Though I’m not entirely convinced by all of the ‘facts’ the main concept is well worth discussion.
Can we please have a grown up discussion here and try and avoid a shut down.

A short summary of the documentary is that as a commodity the data collected on us everyday via our use of the internet is now worth more than gold and oil. This data has then been used around the globe to target individuals who have been identified as swing voters who are then sent posts via Facebook that will encourage them to vote one way or another.
It is claimed that Cambridge Analytica used this method with data gathered from Facebook and with information delivered via Facebook to win the US presidential election for Donald Trump whose campaign spent 1 million dollars a day on facebook ads.

I watched it. Incredibly eye opening for sure. Makes you think about the way you live your life and what changes you could make to avoid leaving too big a digital footprint.

1 Like

I’ve been avoiding watching it because I don’t think my blood pressure could take it…

Won’t say anymore due to the moratorium.

1 Like

I’ve always been suspicious of data collection and thought I was being careful by turning of my location on my iPhone but had no idea of the extent of this invasion of privacy and of the power it has put into the hands of companies like Cambridge Analytica.

What really amazed me was not the targeting of single individuals who it was believed could be scared into changing their mind or more precisely making up their mind when it came to voting in elections but that I hadn’t even thought that this type of thing was going on.
It now seems so obvious.

The amount of data collating on populations in many countries is significant… I am professionally involved with some systems that do some of this…
I guess the main consideration is what is done with this data and how it is stored…what databases are cross referenced with it. whether it be stored in the public and/or private sector and the degree of anonymity… and the political motivations of your country.
So much data is now typically collected that it becomes unworkable in real time… so it does need to be narrowed down to become useful… so the subject(s) or targets need to be of specific interest for the target filter… unless you are looking at trends and meta data and in which case the personal identities become rather meaningless.

1 Like

There is an interesting sub plot within the documentary where a private individual seeks to reclaim the data collected on him as his own property through the British courts.

1 Like

Interesting, your personal data is yours, your meta data is not necessarily.
If you walk down your high street, and a stranger sees you… you don’t own the memory of that stranger seeing you walking down the high street, the stranger owns that memory.
But if that memory is stored and attributed to your personal data such as your name and address… then there are responsibilities on that stranger with regard to keeping that data… and you in the UK have the right in many cases to then have personal data removed.
The Argent Kings Cross surveillance investigation by the ICO is therefore interesting… what was being done with that data and what databases was it being cross referenced with… potentially meta data becomes joined with personal data… and that has strict requirements for it not to be unlawful… there could be some big compensations.

1 Like

I believe Cambridge Analytica where ordered by a judge to hand over all data collected on this individual and where fined when they didn’t comply and short while later shut up shop.
You would have to watch the documentary to find out the exact circumstances of this court case. Actually it would be very interesting to hear the view of someone who is so knowledgeable in this field.

1 Like

Also, besides scaring some people into voting for the proposition, I believe they also tried to make others (who would have voted against the proposition) feel secure their side would win so they were less likely to vote.

Tremendously well thought out and executed.

Another exceptionally clever ploy was used in Trinidad & Tobago. The election was very close between the party representing the Indian population and the party representing the non Indian population. Cambridge Analytica ran a campaign on Facebook, WhatsApp and other social media sites aimed at the young, apathetic voters.
It told them not to vote, to abstain from voting in protest and it gave the campaign a snappy title ‘Do So’ it went viral #DoSo. There where songs, wristbands, t-shirts and constant social media posts but what Cambridge Analytica new was that though the Asian youth joined in and paid the Do So campaign lip service when it came down to it they would obey their parents and vote for their party. The non Indians stuck by the campaign and didn’t vote and because it was such a tight election it swung in favour of the Indians.

One of the great tragedies of the current obsession with the B word is that we are sleepwalking into a climate change and surveillance society disaster. The Great Hack was enjoyable but, if you have read on the original story, it’s greatly simplified and inaccurate in a number of key places. The real picture is far far worse.

I know what @Simon-in-Suffolk is saying but there’s a strong argument that reducing discussions on data to the idea that you own your personal data is detrimental and misses where we’re really at. I am particularly taken with the notion that facial recognition is the new plutonium. Once you’ve dwelt on that you’d want it banned immediately but I wonder how many here use it to unlock their phone for example.

Of course it had to be simplified if not it would have been too long perhaps it could have been two or three part film but as a headline it grabbed my attention enough to make me investigate further and find out more for myself.
Mike things that do not live up to your exacting standards can still serve a purpose. We should be encouraging everyone to watch this film as a starting point for a wider debate so by saying it was innacurate and greatly simplified you may discourage someone from watching and so leaving them still in the dark.
This film shines a light on what is for me a titanic problem in todays internet driven society and I would urge everyone as busy as they are and as boring as it is to read the terms and conditions to see exactly what you are signing up for when you use any ‘free’ internet service because not only is big brother watching you, he’s also able to manipulate you in ways you’d think impossible.
And as for facial recogniton if you have a passport then you have already had your face mapped but that has been done with your permission our faces are being mapped everyday and the data being sold without our knowledge or permission. The implications of this for me anyway are truly scary.

It’s not an internet specific matter … it occurs across the board… it is just the internet use is one medium and a transport to many services… if you like think of it like your bank, your car, your phone or your biometrics.
But remember this ihas considerations if this meta data is mapped to personal data.
However for web based services in the internet like social media sites, identity based directory services (google, bing etc) , then personal data is combined with meta data, and yes becomes a bit of a honey pot and one needs to be vigilant and trust the service provider.
If for internet use you don’t want your identity used in this way, then simply don’t use these web services or use them against a login profile, and use anonymisation services and clients such as Tor.
That becomes like using cash, taking the bus / walking etc… but your biometrics are not so easy to evade hence the increased sensitivity.

Oh that it was just an internet based problem but the internet is the vehicle and it is up to government and the law makers to protect us.
Of course personal vigilance offers some protection but unless you go off grid completely modern life dictates that we must use the internet for many things.
I don’t fully understand the details but the data, metadata argument seems like a smoke screen to me.

@Bobthebuilder I doubt anyone has ever been discouraged to watch anything by comments re: inaccuracy or simplification. One could take the Queen biopic as a magnificent example of that. So factually wrong it has entire sites set up describing every inaccuracy and that despite some of the group being involved! Has anyone been put off? I doubt it. I’m no Queen fan but I thought it was rollicking fun. My exacting standards as you call them as not perhaps what you think they are. So, I very much doubt my comments on a forum for what is very much a minority sport are going to discourage anyone.

That said, it’s worth reading the reviews of The Great Hack. They’re pretty much all fantastic but there is one which highlights that the programme plays fast and loose with at least three key facts. Blatant misrepresentation in fact. I had to research separately to understand whether that was true or not. It very clearly is.

That would be fine in probably any other sphere but when it’s this subject matter then the irony is huge. If you want entertainment on an interesting topic then the programme is genuinely terrific. If you want to learn something of the issues then it’s a starting point. If you want people to genuinely understand the issues on CA specifically then you probably don’t want to watch it.

It’s about identity of an individual to the data or not… and is relevant in this area.

If you had a sensor that counted the number of people entering a shop, then that is meta data. Although your personal actions affect the data, your identity is not relevant and so not contained with the data.

If you entered the shop and your presence was recorded and associated with you personally, then that becomes personal data and there regulations and laws on how, whether and what that data can be recorded for any typically your permission is required.

Now on the web as that seems to be something many can get a handle on because of its ubiquity… if you entered an anonymous web site and a visit counter was increased, then that is meta data. Your action is recorded by the web site but you personally are not… meta data.

If you went onto a web site and required a login or profile, then your personal presence has been recorded. This is personal data and you would have needed to give your consent… which could be accepting terms and conditions of using that web site.

Now in sophisticated arrangements some meta data can be analysed and information of the likely subjects can be identified… major advances in these techniques and science was made in the Second World War, when messages could not be decrypted themselves, but information could be determined from the flow of messages from sources to their targets.

However the issue really is about the uses of your personal data. Whether illegally, or by a non U.K. state with different legislation, or you have agreed to unwittingly. That is not internet specific… and in a way the internet could be being used as a smokescreen to divert focus away from other sources and of course provides great sensationalism.


I slightly disagree Simon. There are huge swathes of research on the internet itself showing that the great gift of big data is that metadata can almost always be used to identify individuals without too much difficulty.

What’s largely misunderstood in this debate is the extent to which your data is sold and shared. Almost no metadata exists in isolation. It’s almost always used to compare with existing datasets and from there it’s been shown again and again that vast swathes of your ID and data are exposed. Alongside this is the fact that the data itself is so huge that inference becomes statistically valid.

The debate in the media tends to focus on a GDPR like approach to what is personal. In IT security circles the debate is way beyond that. When you are clocked by CCTV have you consented to your face being scanned? Is your face not personal data? Where is that data held? Under what jurisdictions? Are you aware that your image could be shared with or sold to a company collecting anonymous faces to improve facial recognition technology? Are you aware that despite your face being allegedly anonymous the data is often held on publicly searchable databases? Are you aware that that same technology your image is being used to improve is being sold by universities and researchers to governments far more openly oppressive than our own?

It’s really not as binary as metadata is not personal but other stuff is.


All I’m trying to say mike is that sometimes the over all message is so important that picking it to bits is just being pedantic. Sometimes the message has to be sexed up a bit to make it more accessible to all.
You have many valuable things to add to this and other discussions but when your always tuned into the negative you just come across as being disagreeable.