In most issues of EFFector, we give an overview of all the work we’re doing at EFF right now. This week, we present a deep dive on the recent Facebook data revelations and Mark Zuckerberg's testimony before Congress.
As the nation searched for answers in the wake of Facebook’s Cambridge Analytica scandal, Mark Zuckerberg testified last week before a joint session of the Senate Judiciary and Commerce Committees as well as the House Energy and Commerce Committee. While many users’ suspicions were affirmed, many important questions went unasked, unanswered, or deflected. Can users trust tech companies to handle their personal information? Can a surveillance-based, advertising-powered platform provide real user privacy protections? If not, how should users, legislators, and the company itself respond?
These have long been important questions for users and platforms to explore. This particular scandal with Facebook and Cambridge Analytica was unique only in that it combined sweeping data collection, indiscriminate sharing, lax safeguards, and manipulative advertising into the perfect privacy storm. Several years ago, Facebook’s Graph API allowed a researcher to engage in voracious collection of millions of people’s data without anything resembling informed consent. Then Facebook failed to step in as Cambridge Analytica subjected that user data to privacy-invasive machine learning techniques for targeted advertising purposes. Perhaps worst of all, Facebook never notified users of a known bad actor’s unauthorized access to their
This Cambridge Analytica fiasco and subsequent fallout serve as a reminder of the serious privacy risks that users face when their personal information is captured, analyzed, indefinitely stored, and shared by a constellation of data brokers, marketers, and social media companies.
Facebook has responded with a stream of statements and changes, from reorganizing privacy settings to locking down APIs to ending relationships with third-party data brokers. But none of these changes have addressed the problem at the core of not only Facebook’s but much of the popular web’s privacy problems: We can’t be full participants in 21st-century
social and political discourse without providing advertisers and others a constant stream of our most intimate personal details.
With the hearings over, the question remains: What next? Above all, the guiding question should not be: What legislation do we need to make sure there is never another Cambridge Analytica? Rather, we should be asking: What privacy protections are missing, and how can we fill that gap while respecting other essential values like speech, user empowerment, and competition?
What Comes Next
A knee-jerk urge to slap rules on Facebook risks enshrining it as the sole guardian of our discourse and data, with the quasi-authoritarian power to police speech and squash rivals. It’s important to consider how any reactions to the Cambridge Analytica scandal, legislative or otherwise, might help or hinder potential future competitors. While Facebook has the vast resources to comply with whatever requirements Congress throws at it, smaller start-ups may not.
Facebook’s surveillance business model and data-hungry design have created real problems for its users’ privacy rights. But some of those problems can be fixed. Going forward, we can look for answers in existing laws, pressure from users and investors, and focused legislative steps where necessary. We need to be both creative and judicious to ensure that today’s solutions don’t become tomorrow’s unexpected problems.
The recent scandal may result in significant reimagining of how we share our information online, and what responsibility platforms have to protect their users' information. But, it's certainly not the first time users have questioned their trust in Facebook. (Wired)
Mark Zuckerberg did face some important questions during the congressional hearings. We're still waiting for answers on many of them. (Gizmodo)
Supported by Donors
Our members make it possible for EFF to bring legal and technological expertise into crucial battles about online rights. Whether defending free speech online or challenging unconstitutional surveillance, your participation makes a difference. Every donation gives technology users who value freedom online a stronger voice and more formidable advocate.
If you aren't already, please consider becoming an EFF member today.
Join us from 6 pm to 11 pm on April 26, for our second annual exploration of the fascinating, obscure, and trivial minutiae of digital security, online rights, and Internet culture. It's the ultimate technology quiz crafted by EFF experts and hosted by our very own Cooper Quintin.
EFF’s Tech Trivia Night is a great opportunity to gather with peers in the tech community AND support the crucial fight for online civil liberties.
The personal information of 87-million Facebook users was collected by a consulting firm called Cambridge Analytica.
How dangerous is this? What do we do about it? These are the questions many activists are now asking themselves. We want to talk about some answers in this latest Need to Know webinar from May First/People Link and the Progressive Technology Project on Thursday, April 19, at 12 pm PT / 2 pm CT / 3 pm ET.
On Wednesday, August 23, from 7 pm to 9 pm, join EFA ally Privacy Watch STL for a community meeting regarding Board Bill 66 and surveillance in St. Louis. We'll have a discussion regarding surveillance technology, how this technology affects St. Louis, and how
you can take action.
A law intended to stop people from making off-brand DVD players now means that security researchers can't warn you about dangers from the cameras in your bedroom; that mechanics can't fix your car; and that your printer won't take third-party ink.
Every three years, the US Copyright Office holds hearings about proposed exceptions to this law. This is one of those years.
On April 24, at 6 pm, come and hear about what we showed and told the Copyright Office, and ask us questions about your freedom and the funny thing that happened to us all on the way to the twenty-first century.
Join EFA ally EYEBEAM, at 6:30 pm ET on April 24, as they livestream a discussion about embodied artificial intelligence (androids) as representation, community generated storytellers, and the animated transmitters of culture.
EFF Staff Attorney Nate Cardozo will be in attendance for Stanford Technology Law Review and Stanford Policy & Law Review's Cybersecurity Symposium on Thursday, April 26, and Friday, April 27, at Stanford Law School in the Law Lounge.
LinuxFest Northwest is a free community event for people of all technical skill levels. On April 28th & 29th, stop by our table in the expo hall to talk about digital rights issues, or to sign up to become a member.