Mark Zuckerberg faced more than five hours of questioning in his appearance before Congress earlier this week. He answered key questions on how Facebook uses and secures data. This follows Cambridge Analytica harvesting 270 000 Facebook profiles for sale to campaigns like the Brexit Campaign and the Trump Election Campaign.
The Cambridge Breach. What Happened?
The ordeal cost Facebook $3.8 billion USD on the stock market in mid-March- their largest drop since 2015. Cambridge Analytica hid behind a personality quiz which, according to Zuckerberg, was supposed to be for academic purposes only.
Zuckerberg’s Appearance in Congress
Last week Wednesday, Zuckerberg appeared before Congress to answer key questions on data protection and privacy within Facebook. What became clear throughout the questioning was that many congressman were unaware of how data is shared and secured within a company like Facebook. Brian Schatz, a Democratic senator from Hawaii asked, “Let’s say I’m emailing about ‘Black Panther’ within WhatsApp … do I get a ‘Black Panther banner ad?” He suggested that Whatsapp is sharing non-encrypted data with Facebook. “No, we don’t see any of the content in WhatsApp, it’s fully encrypted,” replied Zuckerberg.
The fact that a hearing which aims to grill Facebook over concerns in data security and privacy got taken over by questions which came from a largely uneducated point of view shows how little people understand about data security and privacy. Data, when it is accessed, is always unidentifiable. It is securely encrypted to prevent threats. No data can be linked back to a name of an individual.
Moving Forward to Create a Safe Data Environment
Misuse of data has, in this case, become a source of political debate. Facebook’s breach, together with the upcoming changes to GDPR, has meant the spotlight on data privacy has never been brighter.
“We need to take a more active view in policing the ecosystem and watching and looking out and making sure that all the members in our community are using these tools in a way that’s going to be good and healthy,” said Zuckerberg during the interrogation.
Zuckerberg announced in the hearing that Facebook intended to roll out GDPR compliance on a global scale, not just in Europe where it is written in law.
Want to know more about GDPR compliance? Read Important Changes to the GDPR and the Way we Handle Data.
Facebook’s GDPR roll-out formed part of an effort to stop an event like Cambridge Analytica from occurring again. Third party apps, like the one Cambridge Analytica used, will no longer be able to access check-ins, likes, photos, posts, videos, events and groups like they were before.
Current Facebook users have also been notified of the apps that have access to their account and can now remove this access at any point even after they have given permission for access to be granted.
Although these were helpful changes there is no denying the seriousness of the breach. Concerns for data privacy are felt by all, especially PredictX as we deal with data on a daily basis. PredictX, unlike Facebook, however, deals with data on a private cloud as opposed to the public cloud. Our data security framework is therefore completely different.
GDPR will change a lot regarding how personal data is processed. According to GDPR, personal data should be:
- Processed lawfully, fairly and in a transparent manner
- Collected for legitimate purposes specified explicitly to the data owner
- Should be adequate, relevant and limited to only what is necessary
- Accurate and, where necessary, updated accordingly
- Stored only for as long as necessary
- Processed in an appropriate manner to keep security measures tight
The new GDPR regulations will involve an increased penalty of up to 4% of annual global turnover or €20 Million- whichever is the highest. Companies handling data need to be more careful in the future.
If Zuckerberg has taught us anything its that data protection is a serious matter that can influence many aspects of life, including politics. Private data should only be used when necessary, in a non-identifiable way and with full encryption. So no, we do not know if you like Black Panther, Senator Schatz.