NEWS20 August 2018

Crimson Hexagon Facebook suspension lifted

Data analytics GDPR News North America Privacy Public Sector Technology UK

US – Social media insights firm Crimson Hexagon has regained access to Facebook’s platform after being suspended by the social network.

Person holding phone with Facebook login screen

Crimson Hexagon’s access to user data was put on hold last month as Facebook investigated surveillance concerns around the collection of data in light of the analytics firm’s contracts with the US government and a Russian non-profit organisation, following a query raised by the Wall Street Journal.

Following “several weeks of constructive discussion and information exchange with Facebook,” according to Crimson Hexagon’s chief financial officer Dan Shore, the company has been reinstated on Facebook and Instagram, with its customers access restored.

Facebook’s investigation was centred around Crimson Hexagon’s government clients, which the company claims represent less than five per cent of its overall business. 

Shore said: “To our knowledge, no government customer has used the Crimson Hexagon platform for surveillance of any individual or group.”

The company has historically only vetted potential government clients in the way it would any other new customer but said it has improved its procedures over time and would begin to monitor such clients on an ongoing basis “to ensure the public’s expectations of privacy are met,” Shore said.

He added: “As governments and government-sponsored organisations change how they use data, we too must change.”

A Facebook spokesperson said: “We have reinstated Crimson Hexagon to Facebook following our investigation. We appreciate their cooperation and look forward to working with them in the future.” 

The investigation was part of Facebook’s review of hundreds of app developers and other companies with third-party access following the Cambridge Analytica scandal earlier this year, when it was revealed that the personal data of up to 87 million people had allegedly been improperly harvested.

The Information Commissioner’s Office (ICO) recently announced it would fine Facebook £500,000 – the maximum fine the regulator can issue for pre-GDPR data misdemeanours – for two data protection breaches, while parenting website Emma’s Diary was issued with a fine for selling personal data on users to the Labour Party. The moves came as part of the ICO’s ongoing investigation on the use of data analytics for political purposes.