We’re only a few months into 2018 and the internet population has already been in uproar multiple times about data collection and online privacy issues, alongside the occasional rumour that our phones are listening to us. If you find yourself struggling to keep up with the developments and what it means for anyone online, here’s a breakdown…
The Facebook and Cambridge Analytica stuff
To kick things off, less than a month ago Facebook announced that a data firm called Cambridge Analytica gained unauthorised access to the data of up to 87 million users. That’s equivalent to nearly four times the population of Australia. And the way the group went about grabbing data is pretty interesting. A researcher created a personality quiz app called thisisyourdigitallife. Users were paid to take the personality test and agreed to have their data collected for academic use under the banner of the researcher’s company Global Science Research, in collaboration with the company Cambridge Analytica. However, in doing this, the app also collected the information of each user’s Facebook friends, which led to a significantly larger pool of data. It was Facebook’s policy at the time that the collection of friends’ data was to improve user experience in apps and it went against the policy to sell it on or use it for advertising.
When the news broke, Facebook confirmed that only 270k people took the quiz, but have since confirmed that 50 million users’ data had been accessed simply by being connected to people who did it. This number has since been updated to “no more than 87 million” users in total now. Wow.
Why exactly are people mad?
Lots of reasons, but let me just mention a few. Firstly, because the friends who had their information accessed through the quiz didn’t consent to the use of their information.
Secondly, because consent was given for the information to be used for academic purposes, however, it was then used to create detailed psychographic profiles. In turn, this was used for highly targeted advertising, most notably online political advertising. Mostly it’s because the information was gathered and used in ways that weren’t transparent to the user.
And thirdly, it is believed Facebook became aware of the data breach and asked the researcher to destroy the data. However, Facebook did not follow up to ensure the data was deleted and it did not notify users that their data had been breached. In a lot of US states and many countries around the world (including Australia), there are laws which mandate that people are notified when their personal information is compromised.
What’s happened in digital privacy news since?
Since the breach, Facebook — along with Instagram (which Facebook owns) and Apple — have taken measures to make users more aware of how, when, where and with whom their data is being shared. This week Facebook CEO Mark Zuckerberg was put in the hot seat in front of US congress to address all the recent controversies on the platform (and live-streamed it, so you can watch it all here).
Facebook’s internal news blog announced that there is now a data abuse bounty in place — yep, you can earn a reward for bringing data violation to their attention — and shared this post since the Cambridge Analytica infiltration, explaining how Facebook will now be limiting access to their platform from third party apps and sites — you know, the ones that ask you to login and connect to Facebook before you can start using them? The kind of apps that ask for permission via Facebook (like thisisiyourdigitallife) make use of APIs, which are essentially a set of functions that allow apps to access the features or data of an operating systems and apps like Instagram or Facebook.
Depending on whether or not your account was affected by the data breach, you might see one of two notifications on Facebook (left if unaffected by the Cambridge Analytica breach, right if your data might have been harvested):
If you don’t get either notification, you can take other steps to check if your data was accessed.
Additionally, as a company owned by Facebook, Instagram has now implemented similar strict measures, meaning apps that can do things like show you who last looked at your profile, or go on a following spree (by using APIs like mentioned above), will no longer be able to access the platform. You may be thinking this doesn’t affect you if you’re not the kind of person to download or sign into that junk anyway, but remember the Cambridge Analytica example? With or without the app, friends of friends and users that came into contact with those accounts were able to have their data snatched too.
In light of such a huge data breach — and the introduction of an updated GDPR: the European Union’s new General Data Protection Regulation — Apple CEO Tim Cook has doubled down on his call for regulation that would limit Facebook and others companies’ ability to use customer data. When asked what he’d do if he was in Zuckerberg’s shoes, Cook responded, “I wouldn’t be in this situation.” Ouch. Apple have previously taken a pretty firm line in relation to privacy — for example, by making location tracking on apps a mandatory opt-in or mandating that app builders ask for permission before tracking location. This video of former CEO Steve Jobs being asked about Apple’s approach to privacy has been shared many times since the Cambridge Analytica scandal broke. It seems they’ve taken this stuff pretty seriously for a long time.
Recently, you might have noticed that the latest iOS update on your device will prompt you with some new privacy warnings. The notification comes in strong, stating, “Apple believes privacy is a fundamental human right,” plus they’ve added a new icon to make users more aware of when and where personal information is being requested.
You might be reading this feeling more stressed than ever about the safety of your personal data online, but I’m here to tell you that it’s not all bad news. And it doesn’t mean you have to deactivate or unplug, but that would be the most sure-fire form of protection. In fact, it’s moments like these — when things fail miserably — that we can become even smarter about how we live online. In fact, you’ve done yourself a favour just by making it through this article and learning a little more about where your data goes and how it can be handled (or mishandled). We’ve done the hard work for you and actually compiled everything you need to know about your privacy online as well as insights from our interview with a privacy pro. Now, go forth and prosper! And double-check all your settings.