Online privacy

The contemporary internet was built on a bargain: Show us who you really are and the digital world will be free to search or share. People detailed their interests and obsessions on Facebook and Google, generating a river of data that could be collected and harnessed for advertising. The companies became very rich. Users seemed happy. Privacy was deemed obsolete, like bloodletting and milkmen. Now, the consumer surveillance model underlying Facebook and Google’s free services is under siege from users, regulators and legislators on both sides of the Atlantic.

In the twenty-first century, it is impossible to meaningfully participate in society without sharing our personal information with third parties. Those third parties should have commensurate obligations to protect that personal information. Unfortunately, it has become increasingly clear that too many third parties are failing to live up to this responsibility. It is therefore incumbent on Congress to step in to protect consumers.

Alexander Tayler, the acting CEO of Cambridge Analytica, defended the firm saying, "As anyone who is familiar with our staff and work can testify, we in no way resemble the politically motivated and unethical company that some have sought to portray. Our staff are a talented, diverse and vibrant group of people." Tayler served as the company's chief data officer in 2015 when Facebook first raised concerns that Cambridge had gained access to the user data via British academic Aleksandr Kogan, in violation of the social network's terms of service.

It was October 2010, and two members of Congress were furious with Facebook. In the eyes of then-Rep. Edward J. Markey and Rep. Joe Barton, the company had failed its users in allowing app developers to take personal data from them and their friends — and transmit it to marketers.

Fretting that those “series of breaches of consumer privacy” had affected millions on the social site, the bipartisan duo then sought to issue Facebook a subtle warning, touting the “comprehensive privacy legislation [that] is currently pending” on Capitol Hill.

The data on millions of Facebook users that a firm wrongfully swiped from the social network probably has spread to other groups, databases and the dark Web, experts said, making Facebook’s pledge to safeguard its users’ privacyhard to enforce. Paul-Olivier Dehaye, a privacy expert and co-founder of PersonalData.IO suspects the data has already proliferated far beyond Cambridge Analytica’s reach. “It is the whole nature of this ecosystem,” Dehaye said. “This data travels.

What would it look like if Congress gave the Federal Trade Commission better tools to address online privacy? The most recent high-profile model comes from the European Union, where General Data Protection Regulation becomes the law of the land on May 25. GDPR focuses on ensuring that people who use online services know not only exactly what data those companies will take, but how they put it to use. One danger of an overly prescribed law is that technological solutions can outpace those mandates. 

Former Federal Trade Commission consumer protection enforcers say Facebook's response to the Cambridge Analytica scandal won't be enough to keep federal investigators at bay. "Just because they make changes moving forward doesn’t mean they can’t be investigated or sued for what they did before," said Jessica Rich, who stepped down as the head of the FTC's Consumer Protection Bureau in 2017.

[Commentary] A storm dubbed #DeleteFacebook is brewing in techie communities, on Twitter and — irony alert — on Facebook. The idea is this time is different from all the other times the social network has violated our trust. There have been many calls to boycott Facebook for past indiscretions. If we want the result to be any different this time, we need to address the broader problem. Aside from a dramatic change of heart from founder Mark Zuckerberg, getting Facebook to reform what data it collects and how it uses it requires destabilizing its business.

[Press release] This was a breach of trust between Cambridge University Researcher Aleksandr Kogan, Cambridge Analytica, and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that. We already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people's information in this way. But there's more we need to do and I'll outline those steps here:

[Commentary] Over and over in the last 20 years we’ve watched low-cost or free internet communications platforms spring from the good intentions or social curiosity of tech folk. We’ve watched as these platforms expanded in power and significance, selling their influence to advertisers. Twitter, Facebook, LinkedIn, Google—they grew so fast. One day they’re a lovable new way to see kid pix, next thing you know they’re reconfiguring democracy, governance, and business. This is an era of breaches and violations and stolen identities.