Facebook & Privacy

The continuing privacy news story surrounds Facebook. Facebook’s data leak via Cambridge Analytica is possibly the wake up call everyone needs. Privacy should be a primary concern of everyone that uses the internet, not just organizations with compliance mandates.

In 2015, a Belgium court ordered that Facebook stop tracking internet users even when they were not logged in or even members or the site. Facebook appealed the ruling. Just last month the Belgium court came to the same decision, but Facebook is expected to appeal again. Invisible tracking is one point privacy advocates will use to try to regulate Facebook regarding the collection and handling of private data.

The Cambridge Analytica data mining highlights another Facebook misstep. The New York Times highlights the details of the data mining. It is alleged that Facebook knew about the data mining three years ago. Facebook claims they were misled by Cambridge Analytica who claimed the data had been deleted.

Inadequate privacy policies allow for unknown tracking when enabling specific features

More users are joining the #DeleteFacebook campaign and saying viewing posts of food, pets, kids, and vacations are not worth the privacy invasion. Even as users are deleting their accounts, users find additional information Facebook was collecting such as logs of all the phone calls and text that the user has made. Users did opt-in for this feature, so there is nothing illegal here. It is, however, another example of Facebook’s inadequate privacy policies and lack of protection for the data they possess.

Time will tell if additional regulations are put in place over user data. The Facebook privacy story does highlight the need for organizations to review their privacy policies and their data protection solutions.

With new technologies such as SecureCircle, Facebook could have been certain the user data at Cambridge Analytica was deleted. Facebook would have control of their data regardless of the location that data was moved to and been able to revoke the data at any time. There are tools to help organizations protect sensitive data.