Following a three-month delay due to coronavirus – and more than seven years after its enactment – the Protection of Personal Information (POPI) Act has finally come into force.Continue reading
With a reported 2.2 billion monthly users, Facebook is one of the largest organisations in the world and has access to huge quantities of highly personal data. It’s no secret that the multi-national has had used data as its secret weapon for a number of years, analysing behaviours and giving consumers relevant content while simultaneously monetising this asset to deliver targeted advertising. B2B and B2C organisations small and large are able to get in on the action too, placing ads for users and looking to attract business through the social platform. Data is an increasingly vital asset for organisations but when data subjects start getting put to risk, are organisations being held accountable?
Facebook has been making headlines for all of the wrong reasons in recent weeks. The organisation, which has had data protection hiccups before, is at the heart of a number of accusations and stories of unauthorised data access, data security and politics. The other organisation making headlines in these stories is Cambridge Analytica, also known as the SCL group / SCLE.
Cambridge Analytica is a company that combines data mining, brokerage and analysis with strategic communications for electoral processes. The headlines and subsequent investigations are due to the way in which Cambridge Analytica was able to access Facebook user data and the applications of this data. In 2014, the organisation was able to access data of some 50 million Facebook users which was then used to psychologically profile users; psychological profiling allowed organisations associated with Cambridge Analytica to target users with highly specific political propaganda – whether or not this data was used in the run up to the 2016 US election and Brexit is under question.
Quiz application ‘This is your digital life’ initially collected information of around 270,000 Facebook users but due to a loophole in Facebook’s API (Application Programming Interface) the designers of the application were able to access further public information and the data of ‘friends’ of those who had used the app. This lead to 50,000,000 users’ data being accessed.
Mark Zuckerberg remained tight lipped for some time following the headlines and calls for a response from Facebook senior officials, however when he did speak out he quickly admitted the organisation had “made mistakes”. Furthering this response, the organisation took out a series of full page newspaper ads issuing an apology to users.
‘We have a responsibility to protect your information. If we can’t, we don’t deserve it.’
In addition to knocking billions of dollars from Facebooks value, these recent events have prompted investigations from both sides of the pond into Facebook’s processes and protection of user data. Regulatory authorities such as the Information Commissioner’s Office are likely to be involved in the investigations and Facebook is likely to see some large fines for the unauthorised access to data.
Data is an increasingly powerful tool to businesses, with analytics and profiling at the centre of much of this. By tracking metrics and calculating user interaction, organisations have been able to gain valuable insights into customer journeys and requirements giving a competitive edge. Facebook has been able to leverage its data to become one of the most popular and heavily used social media platforms on the planet. They also offer services, mainly around advertising, that are driven by this data. This has largely driven the profitability of Facebook and is one of the reasons why investors have historically been so confident in the organisation.
Data subjects are becoming more aware of the data that organisations hold on them and with the GDPR set to take effect in May, subjects will have increased rights as to how their data is used. High-profile organisations have been increasingly targeted by cyber-criminals with cyber-attacks infecting networks globally and data from thousands of users being exposed. For both reasons data protection should increasingly be at the forefront of IT staff’s minds. Falling victim to large-scale data breaches will have largely negative effects for organisations, as with Facebook, who have lost $60bn in value since the latest data scandal.
Redstor helps thousands of organisations worldwide to back up their data to highly secure data centres, ensuring that data is recoverable on-demand. To find out more about Redstor’s fully encrypted, automated backups and how you can protect your data, get in touch today.