I'd say it more a textual encoding of LLVM IR. Which makes the s-expression text format of WebAssembly a text encoding of a binary encoding of a javascript encoding of a compiler intermediate representation of your program. Round and round indeed.
But someone could pay you for your exported Facebook data (which can include data from friends such as your message history, etc). From my understanding, this is essentially what CA did. CA just obfuscated they were doing this by using the Facebook developer program to automate this process and Mechanical Turk to pay users to give them their data. I agree the Facebook developer program made it really easy to phish for this data.
Actually Cambridge Analytica licensed the data from GSR, according to their press release from earlier this week [1].
> A research company (GSR) licensed the data to us, which they legally obtained via a tool provided by Facebook. Hundreds of data firms have utilized Facebook data in a similar fashion.
As mwarkentin included, CA _did_ pay users via mechanical turk to install the quiz app. So they did pay the users directly for their data, but not facebook. It seems there is no way to completely stop this without facebook blocking people from exporting their own data. Since CA could just pay people to send them their exported facebook data.
My understanding is the "quiz app" was more of a phishing scheme to get users to share their Facebook data with Cambridge Analytica (including data that user had access to about their friends).
Did it include information about a user's friends that the user themself didn't have access to? I think one can see one's friend's photos, checkins, and posts, so it makes sense that you would be able to forward that information (not that you should...). I think the grandparent was claiming that you weren't able to share any information about friends that you didn't already have access to.
