The Facebook and Cambridge Analytica data scandal had most of us glued to the news for weeks when the misuse of data was publicised last year.
Political data firm, Cambridge Analytica was able to get its hands on the profiles of millions of unsuspecting users globally, with the bulk affected being in the US, and use this information to micro-target advertising for Donald Trump’s presidential campaign in 2016.
Cambridge Analytica was able to do to this because the data they had access to allowed them to identify people and their network of friends and map their personality traits.
An app developed by the researcher Aleksandr Kogan, exposed Facebook users to the eventual misuse of their data, along with their entire list of their friends in many cases. Facebook CEO, Mark Zuckerberg later admitted to at least 87 million accounts being compromised, even though only 270,000 users had agreed to use the app.
What is a reasonable expectation of privacy on a free platform like Facebook?
As far back as 2011, Judge Richard J. Walsh in Pennsylvania stated that ‘There can be "little expectation of privacy" on a social networking site.” And, "Only the uninitiated or foolish could believe that Facebook is an online lockbox of secrets."
Which is a fair assumption when it comes to content that you post on your own page. But people forget to check their settings on social media platforms and the social media companies themselves haven’t generally been forthcoming with their instructions on how to do so. Beyond that though, it would be a rare person that would agree to having their information shared purely because a Facebook friend played with an app.
Facebook has often allowed researchers to access user data for academic reasons, something which is buried in their terms and conditions, but the data was not meant to be transferred or sold on to a third party (which is exactly what happened with the Cambridge Analytica scandal).
And if you read through Facebook’s current privacy explanation, you’ll see (once you scroll for long enough) that they still allow app developers to see information about you – your profile details, likes, friends list and more if you have agreed that they can do so.
Thankfully, this is changing, with a note stating:
“We are in the process of restricting developers' data access even further to help prevent abuse. For example, we will remove developers' access to your Facebook and Instagram data if you haven't used their app in three months, and we are changing login, so that in the next version, we will reduce the data that an app can request without app review to include only name, Instagram username and bio, profile photo and email address. Requesting any other data will require our approval.”
It not perfect by any means, but it’s a start.
Did the implementation of the GDPR have an impact?
The EU’s GDPR (general data protection regulations) have changed the way in which data can be stored and used by companies, including Facebook. With the implementation of the GDPR, users have much more control over their data – most importantly, they have the right to be forgotten, meaning the company with this information must delete all records pertaining to that individual or face fines that can equal 4% of global revenue or €20 million, whichever is higher.
So, the stakes have never been higher, especially for a company where our data is their bread and butter.
We’ll be watching with interest to see how the GDPR and consumer awareness around the data they create, changes in the coming years.
If you liked this article, you may also like:
Top IT Spending Priorities In 2019: Do Yours Match Up?
Digital Detectives: Uncovering Digital Espionage
Why Australian Cybercrime Is On The Rise And What You Can Do About It
