Another large and egregious Facebook breach reminds us how unsafe our personal data really is.
According to WIRED, over 1.2 billion user records collected from Facebook, LinkedIn and Twitter users were found exposed in plain text on an unsecured AWS Cloud server. Scraped from the social networks by third party data miners, the deeply personal data was available to anyone who knew where to look for it.
This revelation should strike fear into the heart of even the bravest Internet adventurer. So what kind of hope is there for the rest of us?
There can be only one
How does this continue to happen? How many copies of my personal data are out there floating around waiting to be discovered?
Social Media was designed to collect very personal and often private user data. Companies then store it in online databases built to be accessed by friends and family. How do these companies make money? By selling access to your personal data to third party app developers and advertisers with little apparent oversight or control.
It is unclear whether Facebook, LinkedIn and Twitter were directly involved in this data breach through a willful act of negligence, or whether they contributed “by design”.
Sometimes it does not require a hacker to steal your records. Simply compiling all your personal information in one place (Facebook), or even better, compiling multiple copies in multiple places (Facebook, Linkedin, and Twitter) is enough to put you at risk.
The fact that our user data exists in centralised social media databases that are open to theft or ‘scraping’ by data miners is a design problem. It is caused by companies’ need to provide this access to our user data in return for cash.
Figure it out
To correct this behaviour, politicians should be looking out for our interests by creating regulations that guarantee a user’s data is protected and respected. Repeated breaches should be punishable at the corporate ownership level. Management should be personally liable for data breaches. Maybe if Zuckerberg was afraid of the consequences of a data breach he might actually do something about it?
Instead, politicians levy fines and continue to use social media as a tool to influence our opinion at election time.
Be afraid, be very afraid
A lack of political will to defend users’ rights should make you afraid. If more of us were afraid of the Internet and what is is doing to all of us we might demand change.
So what can we do? Consumers must vote with their feet. When big social media companies are negligent with privacy and security, it’s our responsibility to seek alternatives.
We should all be afraid. We should be afraid enough to take action.