Facebook breach underscores our own lax privacy standards
April 1, 2018
Facebook users across the world were shocked to learn that private data about them may have been collected—through a breach of Facebook’s policies—by a political marketing firm.
In 2013, Russian-American academic Alexsandr Kogan created a personality quiz app to collect data that he claimed would only be used for academic purposes. Notably, this app was able to collect data not only of the quiztaker, but also of the quiztaker’s friends. Under Facebook’s policies, this data could be collected given that it would only be used for academic purposes.
In a violation of this arrangement, Kogan gave this user data to the political marketing firm Cambridge Analytica. Cambridge Analytica was later hired by the Trump presidential campaign in 2016, and used this data to create voter profiles for enhanced political outreach.
To be sure, these revelations have underscored the need for reform at Facebook. Facebook’s current structuring is woefully opaque; when Facebook first learned that Cambridge Analytica had improperly acquired user data in 2015, Facebook demanded that the information be deleted—but didn’t follow up. Cambridge Analytica clearly had not deleted the data; Facebook should have staged a much more comprehensive investigation in the service of protecting its users’ privacy.
Mark Zuckerberg’s recent apology for Facebook’s dereliction of duty seems sincere, but it is also belated. Regardless of how comprehensive Facebook’s request to Cambridge Analytica to delete the data was, Facebook should have informed its users in 2015 that their data may have been compromised. Certainly, Facebook requires greater transparency so that users know how their data is protected, and when that protection is breached.
But at the same time, it is intellectually dishonest to single out Facebook alone for breaches of user privacy. Facebook is not the only company that collects mass quantities of user data—or to be more precise, that users voluntarily give data to.
One of the defining features of the internet is that information, once uploaded, lasts forever. One can delete posts and images, but copies likely exist somewhere. This is true of the front-end of social media networks, but also of the back-end.
We shouldn’t be surprised when the information that we thought we could give privately to Facebook and Facebook alone can find its way elsewhere. For years it has been public knowledge that one’s social media information is far less secret than it seems. The fact that Facebook is currently the company embroiled in a scandal is secondary to the fact that this could happen with any social media platform.
So perhaps you may #deletefacebook, as the growing movement suggests—but is that truly an escape from the broader problem of private data collection? Is there any reason to believe this same breach of user privacy cannot occur with Instagram or Snapchat or Twitter—or hasn’t already, just without public knowledge?
Again, this is not to say that Facebook shouldn’t be blamed for this outcome. But if you truly desire privacy, it will require reforms to far more than Facebook. It will require the abandonment of all social media platforms, your email account and your smartphone. Data collection is simply a ubiquitous feature of modern technology.
This piece was originally published in the pages of the Winged Post on March 29, 2018.