This week saw Mark Zuckerberg face a two-day congressional-hearing convened by the Senate Judiciary and Commerce Committees. The hearing was given the title “Facebook, Social Media Privacy, and the Use and Abuse of Data”.
Mark Zuckerberg’s hearing came about after it was revealed that Cambridge Analytica, a U.K. based data analytics and political consulting firm that worked on Donald Trump’s 2016 presidential campaign had obtained data of millions of Facebook users.
Last month, an investigation by the New York Times and The Guardian revealed that Cambridge Analytica had access to information of about 87 million people worldwide. The investigations showed that in 2014, around 270,000 people agreed to have their data collected through a personality test via a Facebook app for academic purposes. However, due to Facebook’s application programming interface (API) at the time, the app was also able to collect data of the users’ friends.
Data released by Facebook shows users from the Philippines, Indonesia and Vietnam were among those Cambridge Analytica had access to. Facebook confirmed that Cambridge Analytica could have access to at least 1 million users in the Philippines and Indonesia and 400,000 users in Vietnam.
As a response to this, Indonesia’s Communications Minister, Rudiantara, has threatened to ban Facebook in the country. This will not be the first time that Indonesia bans a social media network as it has banned Tumblr and Telegram (which they have now lifted) in the past.
It isn’t just Cambridge Analytica that has been collecting your data. Aside from them there are more third-party apps that collects personal data. Facebook also collects other information such as age, employer, relationship status, likes and your location. While these might seem innocent and is usually given out voluntarily, the senate hearing showed that Facebook also collects other data as well. Zeynep Tufecki, a techno-sociologist at the University of North Carolina wrote in the New York Times that Facebook also collects users’ browsing histories and purchases external data such as users’ financial information.
Source: Wired, Statista
Data as revenue
“Senator, we run ads”. That was Mark Zuckerberg’s answer when he was asked on the business model of Facebook. While that is technically true, what makes Facebook ads so popular is the vast amount of data Facebook has harvested from its users. Facebook are also purveyors of “microtargeting”, where specific ads are targeted to specific people. In 2017, Facebook amassed a total of US$40 billion in ad revenue. About 98% of Facebook’s global revenue was generated from advertising.
It is not just Facebook that profits off your data. Companies such as Amazon tracks what you buy, what you do not buy, what you’ve searched for as up selling tactics. Netflix builds a profile based on what you watch and uses the data to create entire new shows to keep you loyal to the network.
The data harvested might just seem as marketing tools, but it’s more than that. From an ethical standpoint, users currently do not own this data and it is being used by large corporations against you to shape your consumption habits and gain record profits. More insidiously, this data can be used to influence political outcomes as seen in the US elections.
Many have claimed that “data is the new oil”, but as Zeynep put’s it “…just like oil. It can pollute, spill and poison.” Just like the oil industry, large corporations have to be regulated to keep them accountable.
In 2016, the EU adopted the General Data Protection Regulation (GDPR) which aims to give its citizens control over their personal data. The GDPR regulates businesses that process the personal data of EU citizens, even if these businesses operate outside of the EU such as in the case of United States based Facebook.
During the congressional hearing, Zuckerberg gave a vague answer when he was pressed about enforcing GDPR regulations worldwide. It seems like Facebook will not change unless it is demanded of them.
Facebook currently has a monopoly over social media networks with over 241 million users in Southeast Asia alone. If ASEAN wants to protect the data of its citizens just like the EU, it needs to craft a region-wide response. ASEAN in particular is lagging behind (in terms of data protection) the rest of the world. Now would be the perfect time to update such laws to protect its citizens while also holding large corporations that profit off user data accountable.