Facebook allegedly knew about Cambridge Analytica's data practices months before the media exposed the scandal, court filings suggest.
The scandal, first exposed by The Guardian in 2015, revealed that Cambridge Analytica had managed to obtain data on millions of Facebook users in the UK, US, and beyond, made possible through "improper sharing" practices conducted between an app developer and the company.
It is believed that up to 87 million users were impacted and had their data shared without consent for the purposes of voter profiling.
Facebook has since been fined £500,000 by the UK's Information Commissioner's Office (ICO), a penalty the social networking giant intends to appeal.
In a court filing by the attorney general for Washington DC, as reported by the publication, the allegation has now surfaced that Facebook knew of Cambridge Analytica's data-scraping scheme months ahead of the public.
Read more: Trump-linked data firm Cambridge Analytica harvested data on 50 million Facebook profiles to help target voters | Data breach exposes Cambridge Analytica's data mining tools | How Cambridge Analytica used your Facebook data to help elect Trump | Cambridge Analytica: The future of political data is in the enterprise | Cambridge Analytica: 'We know what you want before you want it' | Election tech: The truth about the impact of political big data
The attorney general is suing Facebook over the scandal, in which Facebook CEO Mark Zuckerberg has previously maintained that the company was only made aware of the issue after journalists published the story.
Facebook seeks not only to have the case dismissed but also to seal a document in relation to the scandal.
The firm has argued that the content in question contains private, corporate information -- described as "an email exchange between Facebook employees discussing how Cambridge Analytica (and others) violated Facebook's policies." However, the attorney general argues there is no basis for keeping such exchanges under seal and this information is not "commercially sensitive."
"Facebook's concerns about the document are entirely reputational," the filing states. "For example, the document contains candid employee assessments that multiple third-party applications accessed and sold consumer data in violation of Facebook's policies during the 2016 US presidential election. It also indicates Facebook knew of Cambridge Analytica's improper data-gathering practices months before news outlets reported on the issue."
A Facebook spokesperson said that while employees did know of rumors relating to Cambridge Analytica, the claims are related to a "different incident" than the main scandal and the company has not misled anyone relating to the scandal's timeline.
"In September 2015 employees heard speculation that Cambridge Analytica was scraping data, something that is unfortunately common for any Internet service," a Facebook spokesperson said. "In December 2015, we first learned through media reports that Kogan sold data to Cambridge Analytica, and we took action. Those were two different things."
This is the second major reveal for Facebook this week which shreds even more of the firm's reputation when it comes to security and privacy. On Thursday, the social networking giant revealed that user passwords for Facebook, Facebook Lite, and Instagram were stored internally in plaintext with no form of protection or encryption from prying eyes.
Facebook claims there is no evidence this has resulted in user account compromise. However, the millions of users thought to be impacted are due to be notified of the incident.
Facebook's worst privacy scandals and data disasters
Previous and related coverage
- Facebook: We stored hundreds of millions of your passwords in plain text
- Facebook blocked over 1.2 million New Zealand shooting videos at upload
- Facebook slammed over covert app that pays teenagers for data