The phrase ‘Data Breaching’ has been widely trending across the web in the recent times. Over the years we have witnessed that there have been several data leaks of personal information of people around the globe that is used on daily basis. In some cases, the data breached was made encrypted and inaccessible to the users themselves whereas in other cases, personal details like phone numbers, email ids, birth dates were given to the highest bidder. Talking about the latter – the recent case of data breach that rocked the digital world, the Facebook’s Data breach with Cambridge Analytica. Another big data leak that happened just few days back was the Google+ Data breach.
Facebook’s security breach had exposed accounts of 50 million (which was then revised to 87 million) users across the globe in which 0.6% of Indian users’ information has been breached. This was exposed on March 17 2018 in the articles published by The Guardian and The New York Times where the information of millions of users was handed over to Cambridge Analytica. The co-founder of the same political data analytics firm Christopher Wylie exposed this news to the newspapers.
And the most recent data breach by Google’s social media platform Google+ has compromised 500,000 users’ data which also gives a closing signal for the social media platform. Google+ was launched to compete with rival Facebook but its continuous failed attempts to grow its presence have led to its downfall and the recent data breach hit the final nail in the coffin leading Google to take a decision to shut it soon.
According to an article published by Wall Street Journal, a software bug in its API made it easy for third party applications to access information of users who would use Google+ as the single login. In an internal audit conducted by Google, it was found in March 2018 that more than 400 third-party applications may have improperly collected personal information of global users. However, they decided to stay numb about it until Wall Street Journal published the report, Google came out and elaborated about the data breachin their blog.
However, data breaching is not the only security concern on social media that would result in data leak. Another security concern for users on social media is propagating fake news and other forms of misinformation. Such illegal means and tricks impact various areas like stock markets, business reputations or even politics like it was witnessed in the Facebook’ Data Breach case. With such concerning exploitations on a platform where people globally are connected and use it exhaustively, there is definitely a worry among the users about their data’s security.
Impact on the Users
With the proliferation of social media usage on daily basis, it has caused people to share their personal and professional information expeditiously. Moreover, younger adults who are using social media entirely during their adult lives obviously have a different concept of privacy than members of earlier generation. Even if such a cultural shift has given users to freely share their information with outsiders, it does not directly imply to exploit the users’ information and leak it to someone or to an organization to use it for their propaganda or purpose.
Such data breach comes amid growing annoyance around the usage of consumer behavioural data being used to deliver biased, controversial, harmful or extremist content to consumers. While the social media is used for a lot of positive purposes and has enhanced lives of people around, on the down-side it is also packed with false content and degraded quality of content. Consumers and businesses have been expressing their displeasure about the same and have been urging the CEOs of social media giants to find out solutions and adopt rigid measures to secure users’ personal and professional details.
In February 2018, a month before Facebook’s Data Breach incident, Keith Weed, Unilever’s CMO came out swinging against both Facebook and Google threatening to pull down digital advertising dollars from both the platforms if nothing is done about the controversial and extremist content being published on their online platforms and “breeding division.”
In his words- “As one of the largest advertisers in the world, we cannot have an environment where our consumers don’t trust what they see online,” Weed told attendees at the recent IAB Annual Leadership Meeting. “We cannot continue to prop up a digital supply chain – one that delivers over a quarter of our advertising to our consumers – which at times is little better than a swamp in terms of its transparency.”
Privacy advocates are also calling out social media platform’s CEOs to be more responsible and restrict third-party apps to access to data and prevent them from using users’ personal information improperly.
The founder of SecureMySocial, Joseph Steinberg in an interview with Threatpost said, “People are shocked this happened, but I’m shocked it didn’t happen sooner… it’s so easy to penetrate this kind of thing with social media providers,” “The real issue here is Facebook… not the people who collected the data or those who used it. Facebook knew it happened and didn’t say anything to the public.”
There are also been instincts that Facebook will become less attractive to app developers if it restricts or tightens the norms for data usage. “There will be more scrutiny now. When you do, say, a sign on. The basic data (you can get) is the user’s name and email address, even which will undergo tremendous scrutiny before they approve it. That will have an impact on the timeline,” said a developer with an analytics firm that uses data from Facebook for its customers.
Scrutiny Grows – Impact on Social Advertising Landscape
Social media as a major platform for advertisers has been effective in delivery results. But with such data leaks and breaches, a section of advertisers and business leaders are questioning the social media’s integrity and rethinking on their online marketing strategy.
This is evident from the fact that global leaders like internet browser Mozilla, Germany’s Commerzbank and sound system company Sonos etc. had call off their social media advertisements during Facebook’s data breach. During the same time media planners and buyers said that they would wait for safeguards directed by Facebook’s CEO Mark Zuckerberg.
When Facebook’s Data breach was hot in the news David Raab, Principal of marketing technology research house and the Customer Data Platform (CDP) Institute said “Assuming it is in fact new, it shows Facebook accepting more responsibility to take seriously its obligations to protect customer data.”
Red Planet Executive in an interview to CMO said, “As an industry, data-led marketers and brands therefore need to be transparent to make sure consumers are aware about how their data is being used,” he told CMO. “Having that awareness will help them better understand the benefit of how behavioural data is being used, which is to deliver experiences and interactions that are more relevant to them.”
He further added, “Brands can significantly enhance the customer experience when they have the right data and that’s a good thing for the consumer, but marketers must be transparent for consumers to realise the potential value of their data being shared,”
Data Security Expert, founder & MD of Mumbai based fintech startup BigWinInfotech, Rajiv M. Ranjan tags such data breach as “Breach of Trust” as inadequate safeguards were the reason for the data leak.
“While security experts agree no systems were breached, the concerns about the Facebook debacle points to worrying overarching issues around security, privacy and personal data harvested by social media companies. It may sound controversial to call social media nascent given its current pervasiveness, but the industry is in its infancy from a legal and regulatory perspective, and the complexities social media has introduced into the business environment challenges every organisation today,” as Rajan said in an interview.
So, what is that the advertisers can take or learn from this breach?
According to David Rabb, such data breach will be an alarm to become aware of all the obligations that enforce their policies and monitoring the clients what they actually do with the data provided to them by the users. “It should raise their awareness of obligations to enforce their policies by monitoring what clients actually do with data they provide,” Raab said. “Many marketers have been quite cavalier about this in practice. It’s possible other marketers with less data and less reliance on revenues from that data will decide this is not relevant to them. That would be a mistake from a compliance viewpoint and for their customer relationships.”
Talking about the legal framework of India to curb social media data breach, you will be shocked to hear that even in 2018, India is a country without any legal regulations regarding any social media data breach. India has the highest number of Facebook users (250 million) in world and following it USA with 230 million users.
What are the Measures Taken by Facebook and Google?
Well as soon as Facebook came under the fire and realized that it will have to face a massive loss (monetary and emotionally), Mark Zuckerberg said it has a “responsibility” to protect its users’ data and if it fails, “we don’t deserve to serve you.”
In a Facebook post of March 21st 2018, Mark addressed the Facebook users saying it will ban developers who will disagree to an audit. Moreover an apps developer will no longer have access to data from people who haven’t used the app in three months. Also that data sent to developers be generally limited to user names, profile picture and email unless the developer signs a contract with Facebook and gets approval.
In a different post, Zuckerberg will inform the people whose data was misused by apps and in future when it bans an app for misconducting people’s data, Facebook promises to tell everyone who used it.
Talking about Google’s data breach, it claims that there are major challenges in maintaining their social network, Google+ and because of the low usage they’ve decided to end the consumer version of the site. Giving its users 10 month notice period, the users will be given more information on how users will be able to move their data. So when it comes to protecting users’ information, Google is launching more granular Google Account permissions that will show in individual dialog boxes. What it means is that now users’ will get “more fine-grained control over what account data they choose to share with each app. Instead of seeing all requested permissions in a single screen, apps will have to show you each requested permission, one at a time, within its own dialogue box.” This will give the user the option to give consent and to check what data is being shared with the application.
What it will look like-
Image source- Google
Other measures that Google is taking include, limiting the types of use cases that are permitted and limiting apps’ ability to receive Call Log and SMS permissions on Android devices, and are no longer making contact interaction data available via the Android Contacts API.
On the upside, data breach cases didn’t have a major impact on social media landscape but it did set off alarm bells among all the stakeholders and drove the social giants to take privacy issues more seriously than ever before.
Amid everything, securing users and social advertisers’ trust is now a big task for Facebook and Google and it has become more important to adopt stringent guidelines and to keep a check on third-party apps and the tech giants are already in the process of restoring the lost reputation.
Hope these recent developments lead social media platforms to become more secured and thereby create a win-win situation for all the stakeholders involved.
What are your thoughts?