Data firm Cambridge Analytica may have accessed information on as many as 87 million Facebook users without the users' knowledge, Facebook announced earlier this week.
The number was first thought to be around 50 million, but then the estimate grew by 37 million.
“Starting on Monday, April 9, we’ll show people a link at the top of their News Feed so they can see what apps they use — and the information they have shared with those apps. People will also be able to remove apps that they no longer want. As part of this process, we will also tell people if their information may have been improperly shared with Cambridge Analytica,” Facebook said Wednesday in a blog post.
That leads to even more questions: Is Facebook safe, moving forward? Was it ever safe, from a privacy standpoint? Has your privacy been breached? What does it all mean?
We spoke with two experts to gather five takeaways on the situation and the topic of internet privacy in general.
Here’s what we learned:
1.) Think of it like this: You’re here for Facebook. Facebook isn’t necessarily here for you.
You use Facebook likely because you want to connect with friends. But Facebook doesn’t exist solely to help you do that. The social networking giant has a bottom line, as well.
“The people who are on Facebook are not (Facebook’s) customers,” said Tom Lauer, a security expert and professor of management information systems at Oakland University. “They’re the product.”
Facebook is like any other company or platform in that it has to monetize. Facebook does so by selling advertising and data, Lauer said. Targeted advertisements are a major component.
So, it wasn’t as if Facebook’s situation with Cambridge Analytica was considered a breach or a hack. Facebook sold data to a company that was willing to pay.
Although, in this particular situation, it’s not quite as simple as that sounds.
As for what exactly happened, let’s steal a phrase from Facebook in defining a relationship: It’s complicated.
Facebook has said that the data in question was initially gathered a few years ago -- and properly, by psychology professor Aleksandr Kogan.
But then the information was transferred to third parties, including Cambridge Analytica, in violation of Facebook's policies.
The firm, which was hired by now-President Donald Trump during the 2016 election, is now accused of trying to influence American voters using information gleaned from those 87 million Facebook users.
And it all comes back to data. Facebook is here for your data, not just to help you get in touch with your friends from high school.
2.) The bigger problem is: It’s not just Facebook; it’s the internet.
So, when we get back to the issue of internet privacy and data storage, it’s important to note that this isn’t just a Facebook issue. It’s a “whole internet” thing. This is much more widespread than one website or one particular case.
“It’s all of social media,” said professor Huirong Fu, the director of the Center of Cyber Security at Oakland University. “(Data collection) is unavoidable if you use the internet.”
Photo: Professor Huirong Fu in the cybersecurity lab with a student. Courtesy Oakland University
You don’t really have a choice when it comes to having your information out there, so long as you use the web, Lauer said.
Your internet service provider can spy on you and sell the data. Search engines can track you. Needless to say, the issue goes beyond Facebook.
It’s almost scary when you Google yourself. You can often find your phone number, home address and other personal information right there on the homepage, Fu said.
“There are so many companies (and) you don’t know how they got your information,” Fu said. “But then you see it’s published online.”
3.) Whoa. So, if you’d like some privacy, where do you go from here?
Here’s a description of AdNauseum, written by the site itself, as to how it works: “As online advertising becomes ever more ubiquitous and unsanctioned, AdNauseam works to complete the cycle by automating Ad clicks universally and blindly on behalf of its users. Built atop uBlock Origin, AdNauseam quietly clicks on every blocked ad, registering a visit on ad networks' databases. As the collected data gathered shows an omnivorous click-stream, user tracking, targeting and surveillance become futile.”
So adding one of those would be something to consider. They won’t fix the problem, but they address some aspects. Even just regularly clearing your cookies helps give you back some privacy.
As for Facebook itself, there are some privacy settings you can experiment with, to reduce the amount of exposure of your personal information.
“Although, Facebook changes (its) approach to privacy fairly frequently,” Lauer said. “That makes it a challenge.”
Still, it might be worth poking around your privacy settings and making sure you’re comfortable with the information you’ve provided. And if not ...
4.) Should I delete my Facebook, or my other social networking accounts?
Well, you certainly can. But we have some bad news.
“A lot of people are deleting their accounts,” Lauer said. “But Facebook still has mirror images of (your) data elsewhere. So that won’t necessarily eliminate the problem -- of having them use your data or selling your data to an advertising company.”
Your information can be found in other places, too. Data brokers will sell data about individuals -- to companies, for example, that do targeted advertising, Lauer said.
“It’s just not possible to eliminate personal data about yourself,” Lauer added. “What’s there is there, and it’s in multiple locations.”
Here’s another thing: Even if you’re not on Facebook, the site still knows about you.
For example, Lauer said he’s not on Facebook, but his wife is.
“I’m sure they have data about me because of my connection, or my connections, to other people," he said. "They keep data for people who are not on Facebook.”
Deleting the account doesn’t solve the problem, Fu said.
“That’s not the solution at all,” she said. “(But) from the user’s perspective, there is no good solution.”
So, is there any way to use Facebook without giving up all your data?
“No way,” Fu said with a laugh.
5.) It helps just to be aware.
Lauer said he thinks people underestimate the extent to which companies use and keep data about them, to manipulate them.
There should be more discussion about it, he said, and perhaps more pressure on Congress, too, so that people examine the issue.
“(A site like Facebook) collects information on you, and you don’t know their intention, or how they’ll use that information,” Lauer said. “Facebook could use the information for something later, and you have no idea.”
In the U.S., we have a certain approach to data, and in European countries, for example, they have a much different approach. They’re less tolerant of Facebook selling personal data for advertising.
Different laws are in place that vary country to country, both of the experts said. The issues involved here are social, technical and legal, Fu added. And part of the problem is, there’s no universal agreement when it comes to the definition of privacy.
What about setting up an account to make it look as if you’re in another country?
“That’s a good idea, actually,” Fu said.
Although it’s not immediately clear how that would change the situation, at this point, any ideas seem to be worth a shot.
You can take other measures to help protect your identity too. When Googling an address, Fu said, she doesn’t often use her own address as the start or end point. Perhaps you could use a nearby business instead.
Also, it helps to update your information in any online accounts you maintain. Fu recommended checking your accounts regularly and disabling features that you aren’t comfortable with.
Our activity online is linked to our identity online. It’s important to stay aware of that.
And if you want your privacy, limit your internet activity, or stay off entirely. That’s probably challenging, or downright impossible, for most people. But unfortunately, that’s the reality right now.