Overview
This paper examines how the Cambridge Analytica incident exposed systemic weaknesses in data governance and consent, and how it accelerated global privacy regulation. It connects platform design, third-party data access, and micro-targeting to harms such as manipulation and loss of trust, then traces policy responses like GDPR enforcement momentum and the growth of data-protection standards in industry.