For over a decade, Facebook has invaded people’s lives and changed completely the way people communicate, network and share information. It’s the world’s most popular social networking website, which allows millions of users every minute to post comments, share content (like photographs and video), post interesting information (like news and articles), as well as chat, live with friends and colleagues. These functionalities are gradually expanding: for example, during the last couple of years, Facebook makes it possible to order food and to conduct other types of e-commerce transactions.
Recent Facebook statistics are simply breathtaking: There are over 2 billion monthly active users on Facebook, including 1 billion daily active users. The scale of these numbers becomes evident when compared to other platforms of the social networking ecosystem e.g., Instagram has 700 million monthly active users, while Twitter has more than 330 million monthly active users. Moreover, it can be safely said that Facebook is the community of the younger generation as 88% of the population of people using the platform are aged 18-29 years. Combined with Facebook’s stock value evolution, these stats show that the platform has a very bright future.
Nevertheless, a serious data protection incident was revealed earlier this year, which questioned Facebook’s credibility and raised concerns about the impact and implications of its future growth. In particular, as part of the notorious Cambridge Analytica scandal, raw data from many millions of Facebook profiles was leaked to a political consulting firm and this data was (ab)used as part of the political campaign. This data breach incident is not the first and the sole one on the Internet as they have been several similar incidents on other popular platforms like Yahoo, Uber, and Instagram. However, due to the size of the Facebook platform and the volume of data involved, it has attracted great attention by the media and public.
The Cambridge Analytica case involved the exposure of Facebook data to a researcher who was a member of the team which was in charge of political campaign. The exposure was partly based on the development of a quiz-like Facebook app, which was able to collect data from all people (i.e. Facebook profiles) who took the quiz. However, the leak happened when the app was also able to collect data from the Facebook profile of the friends of quiz takers, which increased the amount of data that were collected and later processed. Speaking in numbers, it is estimated that the quiz was taken by approximately 2,70,000 users, while the profiles that leaked ended up being nearly 87 million(!). Note that access to these additional profiles was made possible due to a security hole in Facebook’s API. While Facebook prohibited any sales or commercial exploitation of the data acquired through this API method, Cambridge Analytica went on exploiting these data.
As in most cases of security, privacy, and data protection issues, the ethical analysis is pretty complex: Multiple stakeholders are involved with different roles and actions, which violated laws and ethical rules in various ways. However, despite the unlawful and unethical activity of Cambridge Analytica, the case revealed problems and vulnerabilities of Facebook as well. This was clearly acknowledged by Facebook founder and CEO Mark Zuckenberg, who accepted Facebook’s responsibility and mentioned that the company has been doing a thorough root-cause analysis to find out what had happened. He also asserted that Facebook was intensively working to close any security and privacy holes, as a means of ensuring that similar incidents won’t happen in the future.
Despite immediate and positive reaction by the company, the Cambridge Analytica case revealed internal and external weaknesses of the social networking giant:
While Facebook is working on the above-mentioned issues, it has recently i.e. during September 2018, faced one more attack on its computer network, which has resulted in the exposure of the personal information of nearly 50 million users. This is considered the largest direct security breach in the company’s history. It was based on the exploitation of a security vulnerability in Facebook’s code by attackers that gained access to user accounts and in some cases, they took control of them. This major security incident came on top of the Cambridge Analytica scandal to remind the community that their Facebook data are not secure.
Overall, following these cases, there is an on-going debate about whether users can trust Facebook to store and manage their personal data. This debate highlights the important role of Facebook developers and apps which could be able to exploit holes in the security system of the platform that could lead to data breaches. It has also given rise to an immense debate about the measures needed to avoid similar episodes.
As part of this brainstorming, the following protection and preventive measures can be listed:
These measures refer to what the platform and its users can do to protect themselves from future breaches. However, there is also a discussion about new social networking platforms, which could decentralize data storage and processing in order to avoid large volumes of data to be controlled by a single administrative entity. In this direction, some researchers are experimenting with blockchain-based networks that decentralized data ownership and enable end-users to retain control of their personal data in all cases. While such models can be promising, they are still at the research stage. Therefore, users must practice caution while using social media platforms until stable and secure security methodologies are implemented.
Zero Trust Security: Growing relevance in hybrid work environments
DDoS (Distributed-Denial-of-Service) Attacks and their different types explained
Advantages of Data Tokenization for enterprises
The benefits of cybersecurity mesh for distributed enterprises
The Rising Cybersecurity Threats CIOs cannot afford to ignore
Next-Gen Resilience: Can companies deal with large-scale disruptions?
Technology Enablers of Manufacturing-as-a-Service
The Art & Science of Estimating User Stories Cost
Embedded Finance: The basics you need to know
Five Tips for a Successful ChatGPT Strategy
No obligation quotes in 48 hours. Teams setup within 2 weeks.
If you are a Service Provider looking to register, please fill out this Information Request and someone will get in touch.
Outsource with Confidence to high quality Service Providers.
Enter your email id and we'll send a link to reset your password to the address we have for your account.
The IT Exchange service provider network is exclusive and by-invite. There is no cost to get on-board; if you are competent in your areas of focus, then you are welcome. As a part of this exclusive network you: