cambridge analytica
Analyzing the Analytica Affair
The extent and nature of politically-motivated online targeting has long been a topic of discussion, but as politics becomes increasingly divided, the line to be walked on the use of such tactics has drawn finer and finer. Now, as the investigation into Russian interference in the US election continues to build, with Britain continuing to reel two years after its decision to exit the EU, the debate has seen sudden attention thanks to a whistleblower. The information released details substantial leaks of private data in attempts—“attempts”, we are told, though in reality, they were likely far more effective than mere attempts—to influence both.
That’s where Cambridge Analytica comes into play. Concerning numbers revealed that 87 million Facebook users had their data accessed or shared with the data-based consulting firm [1]. Further controversy emerged with reports of gross misuse of this data; the data accessed was used to create psychological profiles intended to change audience perceptions and behaviours, eventually employed in support of now-President Donald Trump during the 2016 US Presidential Election and the winning ‘NO’ campaign during the Brexit referendum.
It wasn’t shocking when we found out Facebook collected our private data, nor was it surprising when we learned it was sold, leaked, or given away to third parties, and even less so when it was revealed data was largely accessed thanks to lacklustre security precautions. In cases such as these, it is our conscious choice to share our data, or at least provide it to companies like Facebook. It becomes far more troubling, and in fact severely problematic, when it affects citizens who haven’t made this choice. Look at Brexit, where the decisions made in their country were reportedly influenced by foreign entities.
Ideally, there would be laws or guidelines protecting personal data as well as preventing foreign influence in decisions of national significance. Given the severity of their offences, Cambridge Analytica should be penalized, as should Facebook for its negligence in preventing the breaches. Unfortunately, with a lack of international authority to regulate data security, we are forced to rely on the morals of private companies to protect confidential information.
But Cambridge Analytica is just one company, and as wrong as their actions were, they are evidence of a larger problem. Even if users take necessary steps to protect their data from third parties, Facebook still has access to it—and with it, the privilege to provide it to the highest bidder. The nature of online data collection and selling ensures that companies cannot be trusted with our data, and yet, for those that wish to use online services such as Facebook, they are left with no other option but to continue without legal protection.
However hopeless the overall situation may be, there are solutions to smaller-scale issues that need to be addressed. Of the many problems uncovered in recently-released data, one of the more concerning was the revelation that several agreements asked for permission to access friends’ data, and that no regulations were in place to prevent them [2]. Circumstances where one waives the privacy and rights of another should not exist. Though such circumstances were created through user negligence, the law should serve to protect the average person.
In an ideal world, games and applications would provide specific explanations as to why they need certain permissions, Facebook would limit the permissions that apps can demand, and users would actually read the agreements they sign. In reality, the average user is unlikely to examine permission agreements letter by letter, at least partly because they are unnecessarily lengthy. There needs to be laws ensuring such text is simple and understandable. Such actions have precedent in the forms of labels. In Canada, severe allergens must be declared in a manner that is easily understandable to the average shopper [2]. This means that, for instance, if a food contains eggs, the package must say the word “eggs”, rather than alternatives such as albumin, livetin, or ovo [3].
Needless to say, food labelling and online agreements aren’t identical: whereas food labels are physical, with a clear point of transaction, the internet’s global nature prevents agreements from being overseen as local issues. This again falls into the issue of jurisdiction when it comes to online interactions, and at the current moment, there is no clear solution.
So what is there to do? Little, except being more careful with your personal data. But who knows? It might not even matter. For all you know, someone might have already signed your privacy away.
[2]
https://www.wired.com/story/facebook-privacy-apps-ads-friends-delete-account/
[3]http://foodallergycanada.ca/allergy-safety/food-labelling/
