Data Security Continues To Be A Concern Despite New Legislation
The safety of personal data has been an issue since the founding of the internet, however; debate concerning security protocols and corporate ethics has only lately become a hot-button topic. According to a timeline provided by NBC, a June 2013 Facebook bug exposed the email addresses and phone numbers of 6 million users on the social media platform to anyone with a connection to the user or knew a piece of their contact information.
A ‘White Hat’ hacker — an individual who hacks in order to help companies improve security found the flaw, leading to Facebook fixing the exploit and notifying everyone affected. In July 2014, Facebook data scientists conducted a mood-manipulation experiment on thousands of Facebook users, altering their feeds to show more positive or negative posts by using a specific algorithm.
The study was used to show how emotions could spread on social media with the results being published in the Proceedings of the National Academy of Sciences. The data scientist leading the study, Adam D.I. Kramer ultimately apologized for the study on Facebook. New York Times reported his statement:
I can understand why some people have concerns about it, and my co-authors and I are very sorry for the way the paper described the research and any anxiety it caused.
After several other privacy controversies on Facebook concerning applications collecting data unethically and the company collecting data through third-party sites through cookies, the company received further scrutiny following the Cambridge Analytical scandal, “Rules don’t matter for them. For them, this is a war, and it’s all fair,” Christopher Wylie, co-founder of Cambridge Analytica told New York Times in late 2014.
“They want to fight a culture war in America; Cambridge Analytica was supposed to be the arsenal of weapons to fight that culture war,” he continued. The Guardian first reported on Cambridge Analytica harvesting data on Facebook without requiring permission when the company was working with Senator Ted Cruz’s (R – TX) presidential campaign:
As part of an aggressive new voter-targeting operation, Cambridge Analytica – financially supported by reclusive hedge fund magnate and leading Republican donor Robert Mercer – is now using so-called “psychographic profiles” of US citizens in order to help win Cruz votes, despite earlier concerns and red flags from potential survey-takers.
Documents seen by the Guardian have uncovered longstanding ethical and privacy issues about the way academics hoovered up personal data by accessing a vast set of US Facebook profiles, in order to build sophisticated models of users’ personalities without their knowledge.
In January of this year, a strict European law called the General Data Protection Regulation (GDPR) came into effect. According to NPR, the new law protects residents of the European Union (EU) and people living in the jurisdiction of the EU.
Companies like Google and Facebook had to comply with the law, the GDPR contains 99 articles and represents the largest change to data privacy laws on the internet. Article 21 of the legislation, ‘Right to object’ contains some of the more powerful privacy protection within the GDPR:
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence [sic] of legal claims.
While providing protections within the EU, those do not necessarily extend to those living elsewhere internationally. However, Fysical is a blockchain data collection company which uses a transparent peer-to-peer protocol for data collection purposes.
While Fysical collects ‘real world’ offline data, focusing on consumer travel, shopping activity, and popular destinations within a city. The opt-in concept of the technology allows data suppliers to control, monetize, and share their location data.
The concept could present a new age for data collection where only those who choose to share their data do so. Transparency and complex steps needed for users to protect their data on various social media platforms will continue to be a problem until GDPR type legislation passes outside the EU.
Companies concerned over maximizing their profits in unethical manners will fight such legislation attempts, while innovative technology will make it difficult for such practices to continue long-term.