Facebook Privacy Issues – How the Recent Controversy Affects You

CybeRiskBlog, Cybersecurity

Facebook Privacy Issues

Given the amount of negative publicity and bad blood that’s been generated in the past few months surrounding Facebook privacy issues, the powers that be at Facebook must be worried about the future of the social media giant.

Scandals like the Cambridge Analytica affair – where Facebook was co-opted by a data-gathering agency with a mission to misuse the information it collected to spread fake news and influence US political processes – have unmasked some of Facebook’s less than savory practices regarding data-sharing, and its standards for vetting and displaying online content.

Facebook’s too cozy relationship with advertisers has also come into the negative spotlight, prompting users worldwide to seek ways around location and ad-tracking – all the while pressing the company for greater controls over what’s displayed on their news feeds.

And recent weeks have seen Facebook users leaving the platform in droves, prompted by campaigns such as the #deleteFacebook movement – and empowered by discoveries such as how to download and delete their Facebook data.

Facebook’s data-handling practices and its approach to (not) protecting user privacy have been central to all of this.

Facebook Privacy Issues – An Abysmal Track Record

Speaking in January 2018, Facebook COO Sheryl Sandberg asserted that: “Our apps have long been focused on giving people transparency and control.” Users of the platform and its associated software might disagree.

A 2009 Facebook privacy tweak prompted consumer advocacy group the Electronic Frontier Foundation (EFF) to comment that: “These new “privacy” changes are clearly intended to push Facebook users to publicly share even more information than before. Even worse, the changes will actually reduce the amount of control that users have over some of their personal data.”

Among the changes included in this tweak was a set of pre-selected default settings which resulted in users sharing the content they posted on Facebook with everyone on the internet.

Facebook’s 2009 privacy initiative backfired woefully – and rightly so. Public outcry and intense scrutiny from the FTC (Federal Trade Commission, the body charged with regulating laws on business privacy in the US) forced the company to backpedal, and release a set of what it called “drastically simplified” privacy controls.

A subsequent legal settlement with the FTC in 2011 barred Facebook from making any deceptive privacy claims. That same year saw the company having to negotiate a settlement with the authorities in Ireland, following a data privacy audit in Europe.

There hasn’t been much improvement, since.

In 2016, Facebook’s subsidiary, the messaging giant WhatsApp, announced that it would begin sharing data with its parent company for the purpose of targeted advertising. Information could include users’ telephone numbers and their last seen status on the mobile app.

European privacy regulators (and the public at large) took exception to this, forcing the company to partially suspend data-sharing in Europe. And in May 2017, the European Commission fined Facebook $122 million for attempting to mislead the regulators who had assessed its 2014 acquisition of WhatsApp.

Facebook Privacy Issues and the GDPR Effect

Initiatives from Europe have had, and continue to have the greatest influence on Facebook’s (bad) behavior.

In 2012, when Facebook decided to update its privacy policy (again, in favor of the company itself) and was forced by its earlier court settlements to email all its users about the changes, EU privacy campaigner Max Schrems led a successful initiative to put the measure to a globalized vote.

Schrems also campaigned for Facebook to adopt an “Opt-In” approach to seeking user consent for use of their personal data and proposed limits for the use of subscriber data in targeted advertising. Though these moves were unsuccessful then, they’ve since become highly relevant to Facebook, with the imminent arrival of the EU’s General Data Protection Regulation, or GDPR.

The GDPR’s legal framework (which comes into effect on May 25th, 2018) requires what it describes as “data controllers” (companies like Facebook, which collect and hold consumer data) and “data processors” (agents which process consumer data for a data controller) to be both transparent and crystal clear in describing how their users’ data is collected and used – and to provide equally clear and transparent consent forms at every stage of the data gathering process. Privacy policies and in-platform privacy settings must also be rewritten, in line with the GDPR’s strict recommendations.

Failure to comply with GDPR conditions can be punished with fines reaching the maximum of a company’s annual global turnover, or €20 million (around $24.8 million) – “whichever is the greater”. It’s that qualifying clause which makes the situation grave for giant corporations like Facebook, whose 2016 full year revenue would have threatened the company with the prospect of maximum fines in excess of a billion dollars.

GDPR penalties can also include public censure, or “naming and shaming” – and that kind of bad publicity could have a greater impact on Facebook’s bottom line than any financial hits they might otherwise take.

Facebook Privacy Issues and the Cambridge Analytica Fallout

Following the allegations that Cambridge Analytica (a data-mining firm affiliated to the Trump campaign) used ill-gotten information from millions of Facebook users to try and influence elections in 2014, Facebook CEO Mark Zuckerberg is set to testify before a House oversight panel on April 11, 2018 as US regulators and Congress consider their course of action against the giant social media platform.

  1. Since the story first broke, it’s come to light that up to 87 million people may have had their personal data accessed and misused, in what’s now become Facebook’s worst privacy scandal in years. And with the admission that over a million of those affected are UK users, with more than 620,000 from Canada, and over 300,000 Australians, investigations into the affair have spread to other parts of the globe, as well.

On April 9th, all Facebook users should have received a notice on their Facebook feeds containing a link to reveal which apps they use, and what information they have shared with those apps. Users will also be given the chance to delete apps that they no longer want. Any users whose information was divulged to Cambridge Analytica will also be informed of that fact.

Facebook Privacy Issues – All Change, Again

In an apparent attempt to make amends for its past failings and the Cambridge Analytica gaffe, Facebook has also announced a new set of changes to its privacy policies. These include:

  • Restricting access to what information apps can get about users’ events, as well as information about groups, such as member lists and content.
  • Removing the option for users to search by entering a phone number or email address.
  • The addition of a section explaining that Facebook collects people’s contact information if they choose to ‘‘upload, sync or import’’ this data to the service.
  • An explanation that address books on users’ phones, call logs, and text histories may be used by Facebook to help ‘‘you and others find people you may know.’’
  • A statement that local laws can affect what Facebook does with ‘‘sensitive’’ data on people – like information about a user’s race, ethnicity, health status, political views, or trade union membership.
  • A clear admission that WhatsApp and Instagram are part of Facebook – and that the companies share information about users, among themselves.

And Cambridge Analytica has been suspended from the platform. So. Six of one, and half a dozen of the other.

Facebook Privacy Issues and The Way Ahead For Users

If the words of Joel Winston (a Pittsburgh-based attorney, and former Deputy Attorney General for the State of New Jersey) are to be believed, users seeking legal recourse against the greater excesses of Facebook are likely to be disappointed.

By clicking Yes to the “Terms and Policies” notices periodically delivered by Facebook (typically, without reading them), users have effectively agreed to whatever conditions Facebook sees fit to lay down – and given up any rights to appeal against them.

In addition, the Facebook Platform Policy (which defines the company’s terms for dealing with developers and third parties) absolves Facebook itself from any responsibility for wrongdoing or abuse, shifting that blame to the third-party service or external contractor.

It’s not entirely hopeless for the hapless user, however.

For those who haven’t taken the option of extracting themselves from Facebook entirely, there’s a growing ecosystem of blogs, websites, and online resources detailing how users can better protect their privacy while using the platform. These range from detailed breakdowns on how to configure Facebook privacy settings, through infographics tracing the path of which apps can track your Facebook activities, to general advice on how best to use the platform, while revealing as little of yourself as possible.

Share this Post

Facebook Privacy Issues | How the Recent Controversy Affects You
Article Name
Facebook Privacy Issues | How the Recent Controversy Affects You
Given the amount of negative publicity given to recent Facebook privacy issues and all of the bad blood that's been generated in the past few months, the powers that be at Facebook must be worried about the future of the social media giant.
Publisher Name
CybeRisk Security Solutions
Publisher Logo