Facebook and Data Protection

Compliance Knowledge Base | Data Protection Training

Posted by: Morgan Rennie Published: Wed, 15 Aug 2018 Last Reviewed: Wed, 15 Aug 2018
Facebook and Data Protection

The severity of breaching an individual's right to privacy online is exemplified with the recent Facebook data scandal, which has set in motion a surge in online privacy reinforcement. The personal data of more than 80 million Facebook users has been compromised following the breach of Facebook's expansive data bank. The media has been dominated by this data scandal following news of Cambridge Analytica's implication in the Trump campaign. Protection regulation has emerged as a necessary response to prevent such a breach of personal data from occurring again, and therefore it is essential for individuals to be aware of the privacy risks across social networking sites.

Why did the Facebook data scandal occur?

The Facebook organisation is most commonly referred to as the data controller; the role of the data controller was brought about under the General Data Protection Regulation (GDPR) to make the roles clearer and data protection more transparent. But essentially, Facebook are responsible for processing Facebook users' personal data and deciding the purpose of this personal data. Therefore, Facebook is in control of a vast amount of personal data.

However, in 2016 this personal data was breached by Cambridge Analytica, a small UK based company. Cambridge Analytica had infiltrated the Facebook profiles of users, without access request, in order to influence the US 2016 election. Cambridge Analytica used the stolen personal data from these Facebook profiles to tailor ads on Facebook, to favour the Trump campaign. Facebook has claimed that this data breach reached around 50 million users, whereas recent examination has increased that number up to 87 million users.

Consequently, the concern which many people had already expressed, with regard to the vast amount of personal data stored by Facebook, has only been heightened. This scandal has demonstrated that Facebook is not free from cyber-criminal activity, and therefore organisations, big or small, are all at risk of data breaches online.

Facebook and Data Protection

Facebook's Response:

Facebook were forced to comply with the new data protection movement which was taking hold, due to the damage their reputation was receiving from all of the media backlash. Therefore, Facebook have now created a new privacy policy, which explicitly states how the personal data of Facebook users is stored and used. Facebook's new data protection regulations do have some compliance with the European Union's GDPR, but it does not conform completely. Facebook incorporates an access request into the re-established terms of service and data policies, which does comply with part of the GDPR.

The GDPR has initiated the use of a data download tool, which has been incorporated in part into Facebook's new terms of service and data policy. The data download tool in theory is supposed to allow a social media user the ability to leave a server with all their data, such as photos, and move this data to their preferred area. Facebook's new data portability tool is complex, and the data export has not been the easiest to tackle, but it is still an attempt to allow users the possibility to leave Facebook with all of their data.

Furthermore, Facebook has now tightened its control on the data which apps can have access to. This is in response to Cambridge Analytica's exploitation of apps. To protect personal data further, Facebook has now removed the option to search for a Facebook user using a telephone number or email address.

What are the implications of this scandal?

This data breach has resulted in a loss of trust within the Facebook organisation, as many users now fear that their personal data will be exploited by Facebook to contribute towards its advertising business. Consequently, Facebook's stocks have fallen by fourteen percent since 2016.

However, Facebook has not lost an overwhelming number of users, therefore there is hope for Facebook users that the new data protection regulations will better protect their personal data online.

What does this scandal mean for the future of social media?

The aspect of social media which will perhaps witness the most effects, will be the marketing sector. Cambridge Analytica's involvement in this data breach has now tarnished social media networking sites as a platform from which marketers can work. Mozilla, a US based company, withdrew their advertisements from Facebook in March 2018 following the data scandal. Mozilla referenced Facebook's default privacy settings as inadequate, as it allows third-party apps to infiltrate personal data of users. Furthermore, Sonos also withdrew its advertising from the Facebook platform during the data scandal.

Facebook now must consider how it is going to combat difficulties with advertising moving forward. It appears that Facebook users are demanding that advertising is tightly controlled, in order to protect their personal data. In response, Facebook has stated that advertisers need to certify and prove that they have user consent, before initiating any advertising campaigns.

The extensive use and growth of social media networks has created the capacity for cyber-criminal activity and the breach of personal data. The recent media scandals have gained prominence in the public eye and have effectively initiated a data protection movement across social media, culminating in the new DPA 2018 legislation. Essentially, training and knowledge on how to protect personal data and how to avoid cyber-attacks, is now critical.

Get in Touch

When you send us a message one of our friendly, knowledgeable eLearning experts will contact you as quickly as possible

* Required Field

Get in Touch

Get in Touch

+44 (0)1509 611 019

We'd love to talk to you about how we can help. Please leave your details below and a member of our team will get back to you.

* Required Field