Facebook audit leads to the suspension of 400 apps

4 million users of the 'myPersonality' Cambridge University app will be notified.

In May a report by New Scientist revealed that a Cambridge University-developed app called "myPersonality" had collected personal information from millions of Facebook users, and failed to protect it from misuse. At the time, Facebook said it had already suspended the app for passing data to others, and today said it was banned "for failing to agree to our request to audit and because it's clear that they shared information with researchers as well as companies with only limited protections in place."

The researchers behind the project have posted an FAQ here, mentioning that their research has been used in dozens of peer-reviews papers and saying much of it focused on exposing privacy risks. The data is no longer shared, and in a statement, the university's Psychometric Centre said it had never collected info from user's friends.

While this app isn't directly linked to Aleksandr Kogan's app and Cambridge Analytica scandal (although he did have access to the myPersonality data), it came to light after Mark Zuckerberg announced an investigation into "apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014." In May Facebook said it had found 200 such apps and suspended them, and after looking into "thousands" of them, the count of suspended apps has grown to more than 400.

Facebook again reiterated how it's clamping down on data access now, but as New Scientist revealed in May, for years almost anyone could have accessed and copied the data from this app with a username and password that had been shared by a university lecturer on Github. Now the 4 million or so people who had used the app while it was active prior to 2012 will be notified directly.