Update: Facebook CEO Mark Zuckerberg has now acknowledged and apologised for the data debacle. You can read the latest developments here
#DeleteFacebook is trending all around the world and ironically the hashtag is taking over not only Twitter but Facebook as well. The fallout of the Facebook-Cambridge Analytica data leak scandal is even sending jitters down the social network’s top brass with reports of Facebook Security Chief Alex Stamos exiting the company amidst the big reveal over this weekend. The world wants you to delete the social media app from your existence and there's good reason for it- Facebook’s questionable user privacy policies and the way the company handles private data.
A while back, we had a taste of Facebook’s controversial user privacy policies here in India when WhatsApp (owned by Facebook) was asked by the Supreme Court to stop sharing user data with its parent company. Now, in what seems to be a much bigger breach of user privacy, Facebook was found providing private user data to Cambridge Analytica and Strategic Communications Laboratories- two data analytics and mining firms that worked on US President Donald Trump’s election campaign, leading to a data leakage affecting 50 million users.
How did Facebook user data leak?
While Facebook calls it a violation of its data usage policies and has denied any "data breach", the company disclosed that in 2015, a psychology professor named Aleksandr Kogan from the University of Cambridge, created a Facebook app named “thisisyourdigitallife”, designed as a personality prediction tool. The app download required a Facebook login, giving the developers access to information about a user’s city of residence, things they liked on Facebook as well as information about their friends. This data was ultimately made available to Cambridge Analytica and Strategic Communications Laboratories which used it to assess the personality and biases of millions of Facebook users and target election campaign-based ads at them.
Cambridge Analytica employee Christopher Wylie recently told The Observer that the practice was a “grossly unethical experiment” which had no concern for Facebook users’ privacy and consent. In The New York Times’ reveal, the publication notes, “Interviews with a half-dozen former employees and contractors, and a review of the firm’s emails and documents, have revealed that Cambridge not only relied on the private Facebook data but still possesses most or all of the trove.”
What is Facebook’s say in all of this?
Facebook has refused to call this a data breach and would rather choose to deem it a policy violation. The company claims that the user data was sought in the garb of academic research. “This was a scam — and a fraud,” Paul Grewal, Vice President and Deputy General Counsel for Facebook, said in a statement to The Times. Facebook eventually suspended both Cambridge Analytica and SCL but said, “The claim that this is a data breach is completely false. Aleksandr Kogan requested and gained access to information from users who chose to sign up to his app, and everyone involved gave their consent. People knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”
The company further added, “Although Kogan gained access to this information in a legitimate way and through the proper channels that governed all developers on Facebook at that time, he did not subsequently abide by our rules. By passing information on to a third party, including SCL/Cambridge Analytica and Christopher Wylie of Eunoia Technologies.”
Facebook eventually deleted the app from its platform in 2016 and trusted third parties to destroy the remaining user information with them. The Observer reports that “Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was traveling, nor did it follow up with forensic checks on his computers or storage.”
Not that we are telling you to ditch the social media platform right this moment, it’s easy to understand the backlash. Even though most of the harm has actually been done to the American electorate, possibly (and more disturbingly) influencing a country’s general election, Facebook’s method of handling user privacy can be seen as a betrayal of trust.
If Facebook knew about user data getting into the wrong hands back in 2015, why did the company wait till now to suspend the two data mining firms that violated its policies? More importantly, why did Facebook not inform the affected users of this clear privacy violation? Does this mean that anyone who creates a Facebook app has the ability to illegally share user data with third parties without any checks by the social media giant?
Facebook was also recently found to be targeting ads at users based on their race and ethnicity. At the time, Facebook dismissed the issue by expressing regret and calling it a “technical failure”.
The truth of the matter, as it seems right now, is that Facebook is free only because its users are the product. It wasn’t long ago that a former Facebook privacy manager alleged that the company values data collection over user privacy. The ex Facebook employee explained that as more and more data is offered to advertisers by Facebook, it loses incentive to regulate or police this data collection and jumps into action when some negative publicity or regulators are involved.
There are too many coincidental reports of Facebook’s slipshod privacy practices to ignore here. Social media users are demanding that Facebook should come clear about the way it uses, sells and treats its users’ data before people stop believing in its core philosophy - Connecting Human Beings.
Many around the world have already started deleting their Facebook accounts, while some are just deactivating them for the time being.
Finally deleted my @facebook account. If you're angry about what facebook has done with our data then just #deletefacebook We all moved on from MySpace we can move on from facebook too. Remember we aren't the customers we are the product #CambridgeAnalytica — Eric (@ecarpen) March 17, 2018
If you don't pay for the product you ARE the product. Facebook sells all of your information to the highest and lowest bidders. Why sell yourself so cheaply? #deleteFacebook — Donkey_OT (@Donkey_OT) March 17, 2018
Keep in mind that if you delete your Facebook account for good, it might take upto 90 days for all your data to be wiped off Facebook's servers. If you are looking to kill your Facebook presence, don’t forget to backup your account and save an offline copy. Those of you (including this writer) who choose to remain on the platform can only wait for Facebook’s next steps. The company is scheduled to hold an emergency meeting with all its employees at 10AM PT or 10:30PM IST as reported by The Verge.