File Copyright Online - File mutual Divorce in Delhi - Online Legal Advice - Lawyers in India

GDPR: Growth Hacking and Cambridge Analytica

Growth hacking is a marketing discipline concerned with a company's rapid expansion. It is referred to as a process as well as a set of cross-disciplinary talents which is now being used in election campaigning also. Voter information is now just as vulnerable to criminal hacks and thefts as financial data, and is similarly vulnerable to inadequately protected internet infrastructure. In reality, the issue has indeed spread to a worldwide scale.

While much international media attention has focused on stolen social media accounts, country engagement in disinformation operations, or vulnerable equipment, voter rolls is at danger. A deliberate attack, an unintentional leak, improperly designed privacy controls, or actual loss of devices can all expose voter data. In most cases, hacked voter data contains delicate and individually individuals keep, irrespective of the source of disclosure. Data on voters may be both an asset and a liability in politics.

According to Oxford Internet Institute, social networking media propaganda is becoming more widespread, including an increasing amount of political parties using unscrupulous social media algorithms, mechanization, and data science to control public perception at scale � with grave repercussions for democracies.

The study reveals that, because to digital media's worldwide reach, the proliferation of disinformation and poisonous ideologies has now become the problematic contemporary 'standard' for political figures all over the world. "While deception by political parties has always been a tool for political rhetoric which is a threat to the democracy of the countries.

Any use of algorithmic manipulation to affect public perceptions via social networks is becoming commonplace," they say. "Supercomputing propaganda's strategies and tactics have become a frequent � and probably important � component of online campaigning and public diplomacy inside an information technology environment defined by huge quantities of data and restricted degrees of user engagement and engagement.

To run, democracy need a free media, but the media is under attack from internet ad behemoths who have disturbed its economic model by allowing them to promote and monetize any propaganda or garbage information. If you want a perfect storm hitting democracy, this is it.

GDPR & It's Data Protection Mechanism

The General Data Protection Regulation is the world's most stringent privacy and security regulation. The GDPR establishes tight guidelines for information extraction depending on permission. These guidelines are in place to guarantee that the person understands very well of whatever he or she is agreeing to.

It implies, permission should indeed be voluntarily offered, precise, educated, and unequivocal, and must be represented in the form of a proposition stated in clear and straightforward words. Positive acts, including such clicking an option or completing a document, ought to get consent.

Whenever anyone gives their approval to have their personal information processed, companies could only use it for the reason described in the permission. It should also allow them to revoke this permission. As per GDPR, a system administrator may only hire a data processor who provides adequate assurances, which must be incorporated in a documented contractual obligation.

A set terms must also be included in the contracts, such as the data processor's obligation to treat personal data just when ordered to do this by the data controller. When a firm gets a demand from a person seeking to exercise their rights following a data breach, the business must react without undue delay, but in any instance within one month of receipt of the order. For difficult or repeated requests, the responsiveness may be prolonged by two months if the individual is advised of the prolongation. Applications must be handled without expense.

If a request is denied, then the company must notify the person why they were denied and that they have the right to register a dispute to the Data Protection Authority. GDPR features data protection by design and default, which implies that companies should consider data protection from the start when developing new ways to process personal information. In line with this concept, a data controller shall take all technical and institutional procedures required to apply privacy principles and safeguard persons' interests. These actions might involve, for instance, the use of pseudonyms.

This implies that the corporation must always make a most confidentiality option its standard. In addition, if several security options are available and now one of them restricts everyone else from accessing personal information, that option must be selected as that of the standard. Fail to abide with the GDPR may lead in hefty fines of upwards to EUR 20 million or 4% of your company's worldwide revenue for specific violations. Additional remedial actions, such as requiring you to actually process personal information, may be imposed by the Data Protection Authority.

Case Study Cambridge Analytica

In early 2018, a breakthrough event inside the case of personal data and data breach occurred when it was disclosed that Cambridge Analytica had stolen and utilised personal data from over 87 million people's Facebook accounts for political gain without their knowledge.

Facts Of The Case
Facebook, the social media behemoth, was created in 2004 by Mark Zuckerberg with the goal of connecting people and has since grown to become the most popular social media firm, with over 2.19 billion active users as of early 2018. Nevertheless, various security issues hampered its expansion over time, one of which being the Cambridge Analytica data hack.

Cambridge Analytica (CA), a London-based elections campaigning consultant, was one of several data and analytics firms that exploited data via social networking websites for academic analysis. As during 2016 United States of America (USA) presidential elections, the information was purportedly utilised to micro-target votes in support of Donald Trump. Furthermore, the data was utilised to sway the Brexit vote in favour of the 'leave' campaign, as well as the Mexican general elections in 2018.

Legal Action Taken
Facebook's founder and CEO, Mark Zuckerberg, confessed openly for the scandal's breach of trust with millions of account holders and promised to take steps to safeguard data. Because of its part inside the Cambridge Analytica controversy, Fb obligated to give a �500,000 (about $643,000) punishment to the Information Commissioner's Office in the Great Britain.

The sanction was first imposed in October 2018 is one of the ICO's inquiry on the use of facebook data for political gain. The penalty was imposed in accordance with the Data Protection Act of 1998, which set the maximum penalty that the ICO may impose. Since Cambridge Analytica obtained the information in 2015, the ICO claims it cannot impose a harsher penalty.

Furthermore, SCL Elections Ltd and its connected organisation Cambridge Analytica submitted an application to initiate bankruptcy processes on Cambridge Analytica's official website on May 2, 2018. Cambridge Analytica has been the object of multiple charges and it has been found doing things who are not only illegal, but also not recognized as a standard component of online advertising in both political and financial spheres." The organization's faith in its capacity to operate ethically and lawfully is lacking. The company also lost nearly all of its customers as a consequence of the media & lawsuits bombardment. As a result, Cambridge Analytica considers that operating this company is no longer sustainable.

The Cambridge Analytica scandal prompted governmental authorities to look into solutions to secure consumers' personal data. As a consequence, on May 25, 2018, the new General Data Protection Regulation (GDPR) was ratified. GDPR regulates all businesses that handle personal data of Eu nationals. GDPR applies to all businesses that collect and analyse personal data on a regular basis in order to construct a user's profile, as well as make decisions for the user, evaluate, and anticipate users ' preferences.

Present Scenario
Cambridge Analytica and the Trump election campaign aren't the only ones who have benefited from electoral manipulation on social media. Political advertisements comes in numerous ways and is under examined in India, Facebook, Twitter etc are an important pair in the Bharatiya Janata Party's (BJP) election victory in 2014 & 2019.

Political campaigns that pay social media giants to promote their material are one example of a direct form. Advertisement is rapidly being delivered through individual accounts of people with massive connections and strong levels of participation, termed "social-media influencers". These agents disseminate material that typically conceals the fact that it was funded for and by political campaigns or social networking corporations.

Most of the information required to address such critical issues is now compartmentalised both in internal and external sources. Simultaneously, most countries, both physical and virtual, lack adequate information protection of data security regulations to safeguard rights of people and develop long-term data usage methods. This is the moment to adopt appropriate data practises that limit unfavourable repercussions while guaranteeing that next phase of goods and technologies are designed to maximise benefits while minimising damages and prejudices.

We are taking chance of perpetuating disinformation for future generations when we do not start to address issues related to data precision and durability, and appreciate that data has to be up to standard.

  1. Social media manipulation by political actors now an industrial scale problem prevalent in over 80 countries � annual Oxford report | Available at:
  2. GDPR | Available at:
  3. Raquel Pita Guerreiro Marcelino Duarte | Available at:
  4. The Politicization of Social Media in India | South Asian Voices.

Law Article in India

Ask A Lawyers

You May Like

Legal Question & Answers

Lawyers in India - Search By City

Copyright Filing
Online Copyright Registration


How To File For Mutual Divorce In Delhi


How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...

Increased Age For Girls Marriage


It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...

Facade of Social Media


One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...

Section 482 CrPc - Quashing Of FIR: Guid...


The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...

The Uniform Civil Code (UCC) in India: A...


The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...

Role Of Artificial Intelligence In Legal...


Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...

Lawyers Registration
Lawyers Membership - Get Clients Online

File caveat In Supreme Court Instantly