In the past, voices have been raised in the public forums by the global citizens with regards to data safety and privacy of the social media users. In the light of the latest scandal which Facebook finds itself embroiled in, the fresh voices have now spoken against the alleged laxity of the tech-giant when it came to managing user data. A whistleblower, Christopher Wylie, revealed to the international media that Cambridge Analytica, a political data analysis firm created to support Donald Trump during the Presidential elections in the United States, had managed to get hold of private data of around 50 million US citizens without their explicit consent.
Facebook and data security
According to a news report in ‘The Guardian’, an ex-Facebook employee, Sandy Parakilas has stated that though the contract that Facebook has with third-party vendors states that Facebook has the rights to audit the firms with regards to use of data but during his stay with the company, Facebook never did it even once.
Further, he also talks about how during his time at Facebook, it was going through a phase of growth and hence had a policy that Mark Zuckerberg had the final say when it came to banning a third-party application. This policy was further eased to better deal with rogue developers, but Facebook, despite the acknowledging that it could audit third-party vendors and could hold them accountable for the use of data, had largely presumed that they were in a better legal position if they could simply state that they did not know about the misuse, as told by Parakilas to The Guardian.
Does the tech giant have any moral or social responsibility towards its users
In this blog post on Quartz, which has been written by a researcher, he talks about the influence and impact Facebook has on the lives of all its users throughout the world. For that matter, what he proposes is that Facebook should change their own perspective about themselves, and should also think about how best to safeguard the interests of its users, and that is exactly where Facebook has been lacking considering that in a survey it has been found that Facebook is the least trustworthy amongst all the tech giants which include Apple, Microsoft, and Google.
Also, there have been media reports which suggest that the Chief Security Officer, Alex Stamos, is leaving the organization because of his stand that Facebook be more open with regards to the findings of the Russian misinformation campaign during the 2016 US Presidential Election. Reports suggest that though Facebook asserts that he is the Chief Security Officer at Facebook, his team has been reduced to just three people reporting to him when previously there were 120.
Scandals not new for Facebook
Before the data breach scandal broke out, Facebook had faced allegations that it was the source of fake news over the internet. This had prompted Facebook to decrease the number of news posts by the leading news media outlet, under the pretext of encouraging more meaningful social conversations over its platform. As per the latest news report, there seems to be a shift in the culture where Mark Zuckerberg has vowed that he would step up. In a Facebook post, he has addressed the community and laid down all the steps that Facebook had taken since 2014 to prevent data harvesting activities by third-party applications like Kogan (the company which had developed the app and harvested data for Cambridge Analytica).
In the past, Facebook had introduced the idea of Facebook Free Basics, which would provide users with free internet as part of the package. As per the media, this had led to Facebook being used extensively during Anti-Rohingya protests in Myanmar, the country which had allowed Facebook to sell the service.
Is the Facebook’s operating model at fault?
Unlike other tech giants, Facebook does not have a physical product or service that it sells to its social media users. For now, creating an account on Facebook is free for most people. But it had always been an open knowledge, that Facebook had been creating social network graphs, which could further help in better-targeted marketing for Facebook’s clients. Considering, how valuable is the data generated, it would make business sense for any organization to want to monetize, and even to an extent perhaps, where it purposefully keeps itself in the dark about the consequent misuse of data, like it happened in case of Cambridge Analytica.
The impact of the scandal on Mark Zuckerberg
With the reports about the scandal coming to light, there have also been reports about the questionable practices which have directly been in contradiction to the interest of the users. And now, that there are reports about the Chief Security Officer leaving the organization because of the alleged lack of transparency when it comes to how Facebook deals with data, this reflects a company culture that is quite lax when it comes to managing user data. And with the reports talking about the dip in Zuckerberg’s personal wealth and also Facebook stock, it seems that the world too now has started to take notice.
The Indian context
On 24th August, the Supreme Court of India had declared that the ‘The Right to privacy is protected as an intrinsic right to life and personal liberty under Article 21 as part of the Constitution.” This judgment was celebrated throughout the country, with criticism mostly about the requirement of a detailed outline of what constitutes a privacy breach and what does not.
India has been one of the few nations which had proactively rejected Facebook’s Free Basic initiative because it views net neutrality as fundamental to the freedom of Indian citizens. There had been a massive outcry against the idea from the citizens. Now, that it has come to light that third-party social apps on Facebook have been harvesting sensitive data, Ravi Shankar, Minister of Law and Justice, has spoken about how if there would be a need, the government will summon Zuckerberg to India. However, how he actually does that remains to be seen, as India as of now does not have a ‘Data Protection Law’.
What about employee data?
The internet is not going anywhere, and till the time blockchain technology matures enough, corporations like Facebook will continue to be dominant players in the online space. It is now up to the world government to formulate clear laws which safeguard the interests of the citizens.
And though Facebook is facing allegations of letting customer data be misused, the focus also needs to shift towards how corporation use employee data as well. And though there are provisions in the Indian law that prevent the selling and transferring of the most private data: medical history, gender, sexual orientation etc, the fact remains that organizations are in a position to make use of many data points that it can glean from employee conversations that happen through work-based tools, and are hosted on company servers.
The most shocking aspect is that most organizations aren’t even aware that what they presume to be part of the company data actually infringes on the privacy of the employees. Like the Facebook example as shown, corporates will have all the reasons in the world to drive a business agenda, but where is it that companies should draw a line?
And a question that is even more important, ‘How many of the employees will be comfortable working for an organization that would have no qualms about making use of employee data without consent?’
A lot of upcoming HR technology firms which boast of using AI technology collect data. Of that data, a lot of it is also the informal chat conversations that employees have with another. How else do you think can tacit knowledge of whom to reach out to for specific questions is solved through using AI chatbots? But would you be comfortable knowing that the organization knows who are close to in the company? And what happens to your data when you leave the organization? Is there any HR policy that ensures that you can request the company to delete all data. And if the technological tool has the option of deleting data for the employees who have left the organization.
The step forward
The Indian government should at least learn to proactively form laws that protect citizens from not just data theft but also prevent the misuse of data through policy loopholes like how Kogan did using Facebook. If the government doesn’t, then who else will?