March 20, 2018
Another day, another data scandal with Facebook. Lawmakers in both the UK and the US are digging into Facebook CEO Mark Zuckerberg, investigating how data analytics company Cambridge Analytica acquired and “exploited” personal identifiable data of over 50 million Facebook users. Meanwhile, Facebook is scrambling to avoid loss of users in the light of a 7 percent stock drop (NYSE: FB).
Here are the seven things Facebook needs to do right now in order to survive their biggest scandal to date.
1. Take this seriously.
I was sitting a few rows away from Facebook COO Sheryl Sandberg when she told Kara Swisher, in conversation at the Castro Theater in San Francisco, that Facebook was making concentrated efforts to make sure what happened in the 2016 election doesn’t happen again.
“Things happened in the last election on our platform that were unacceptable that we were not prepared for, and we are taking that responsibility really seriously,” said Sandberg. “We’re investing heavily in both people and technology to make sure we can prevent these problems … people have tried to undermine our democracy and our values and have tried to use any platform available to do so, and so we take this incredibly seriously. We’re working hard. We’re definitely playing catch-up, and we acknowledge that, but we are working hard to get ahead and stay ahead for the future.”
It’s not enough to spout out the responsibility rhetoric – it’s time for Facebook to act on those promises. The impending departure of CISO Alex Stamos, and reports that his push for bigger investigations into the Russia scandal fell on deaf ears (including Sandberg’s) doesn’t echo her statements on prevention.
2. Set an example with GDPR
DMN recently learned from a high-ranking source within Apple that the company plans to comply globally with the policies set forth in GDPR – yet to be confirmed or denied by Apple PR offices.
If Facebook wants to set a precedent for tech companies, they’ll implement compliance policies worldwide that reflect their commitment to GDPR. My take on this is that the Cambridge Analytica scandal is going to accelerate lawmakers attempts to impose bigger regulations on tech companies, and by getting ahead of the curve, Facebook can help map out what those regulations might be, which is a much better alternative to getting blindsided by unwanted sanctions.
In any case, GDPR will significantly restrict what Facebook can do with the personal data of European data subjects, especially without their explicit (and granular) consent.
3. Make third-party opt-outs CLEAR
Facebook needs to clearly communicate to users how to opt-in or opt-out of the sharing of personal data to third-party vendors. Currently, this option is buried deep within user settings. This does prevent users from logging in to outside sites like Twitter and Instagram (and Tinder) from their Facebook login, but the level of data security far outweighs the inconvenience of having to remember an app password. Until then…
Log into Facebook and visit the App Settings page (or go there manually via the Settings Menu > Apps ).
From there, click the “Edit” button under “Apps, Websites and Plugins.” Click “Disable Platform.”
For further PID protection, click “Edit” under “Apps Others Use.” Then uncheck the types of information that you don’t want others’ apps to be able to access.
4. Build bigger walls of protection between third-parties
Duh. Cambridge Analytica had access to over 50 million users’ data because Facebook users willingly gave access via a personality quiz. Pretty much anybody can build a quiz, share it on Facebook, and then harvest the data acquired through the quiz answers. In every sense of the word, this practice is just invasive. With all that engineer power Facebook possesses, they need to put a system in place that prevents quiz and app builders from gaining access to user pages – if they want to (I’m not sure they do, which is a whole different story).
5. Take responsibility for content
Facebook, like other social media platforms, and online user forums in general, is still living in the lotus-eater land of Section 230 protections. Legislated in the earlier and more innocent days of the worldwide web, Section 230 of the US Code has generally been viewed as a benevolent enabler of web freedoms. Until it got exploited.
Essentially, it means that site-owners are not responsible, except in certain, defined circumstances, for what third parties post on their sites. Imagine the problems free-flowing forums would face if the owners were held liable for defamatory content. But while Section 230 is fine as a foundation for free speech online, businesses like Facebook need to build on it responsibly. That doesn’t mean scrutinizing every personal update by every individual user.
What it does mean is identifying the obvious problem areas – links to supposed news stories, updates from avowedly political accounts, updates from known problem users (like this guy at YouTube), and advertising on contentious issues (who couldn’t list ten of those quite easily?) and taking responsibility for the related content.
Don’t tell us there aren’t bots which can help with that. There are also features which have been available for years to stem the flow of offensive posts and comments. Moderation queue, for example. Yes, this would be expensive; but peanuts next to the value wiped off the stock this week.
6. Own up to being a publisher
From which follows, of course, owning up to being a publisher. Sure, it’s cool to pretend you’re a software company, an adtech agency, a mere neutral conduit for whatever the people want to say. Get real. Facebook, alongside Google, is a major content publisher. It threatens to put other content publishers out of business. Publishers fall over each other to get their content uploaded to Facebook and shared by its vast audience.
Act like a publisher. Not with respect to every cat photo and birthday message, but where it matters. We all know where it matters. And by the way, if anyone reading this is thinking “What about the First Amendment?,” remember that the Constitution places restrictions on what government can do. A brand like Facebook (or DMN, for that matter) isn’t obliged to host just any content, on pain of infringing the First Amendment.
7. Come out, Mark.
Zuckerberg needs to own this, and he needs to come out from behind his screen. For too long he has depended on Sheryl Sandberg to publicly clean up his mess while he posts long essays on his Facebook wall. Mark: You’re the CEO of a company that prides itself in connecting others, so why don’t you connect with us face-to-face and address this situation head on. We’re not hiding out in Harvard dorms waiting for punishment anymore.