Recently it was uncovered that Facebook may have inadvertently influenced the results of the 2016 US Presidential elections. The social networking website is said to have provided the platform for a data analytics firm called Cambridge Analytica to harvest the information that they needed to create psychographic profiles of around 50 million Facebook users.
These profiles, the firm’s founder-turned-whistleblower Christopher Wylie, said were used to target the “inner demons” of voters. Strangely, the parties involved in this endeavor did not think they were doing anything inappropriate at the time. Aleksandr Kogan, the developer of the app that Cambridge Analytica used to gain the information said that everyone involved in the data breach thought what they were doing was perfectly normal.
The difficulty of deciding where to draw the line between proper use and misuse of data is proving to be a challenging problem. And more data creators, users, protectors and organizations are finding it to difficult to be self-critical in the matter. Facebook’s response is also a partial admission of guilt in-hindsight after the unraveling of a scandal. The company issued full-page apologies in British newspapers and its billionaire founder Mark Zuckerberg accepted that trust was breached in the popular social networking community.
The admission was followed by an explanation of the measures Facebook has taken and plans to take to avoid similar incidents going forward. It has triggered similar responses from other social media platforms that work with sensitive information. The attention on the problem is causing those working with data – individuals and organizations – to invent sustainable solutions to a growing data breach problem. The number of reported data breaches has increased significantly in recent years – from 614 in 2013 to 1,579 last year – and is demanding serious intervention.
Preventing Data Breaches
Data breaches can only be prevented with serious introspection followed by regular inspections. Individuals and organizations working with must decide on globally-agreed norms for running data systems and managing processes that make the use of data safe for optimizing products, services and organizations.
Once international laws are established with ethical deliberation and considerable consensus, they must be institutionalized and constantly upheld by third-party organizations. With conscientious effort and regular upgradation of security and privacy of data systems, we can foster trust and maintain transparency that will go a long way in tackling the problem of data breaches.
* A version of this article was originally published on Inc 42.