The Facebook Cambridge Analytica debate has taken social media users, or for that matter, everyone else for a surprise. The vulnerability of data has damaged the consumer trust to a great extent. As it revealed that data of more than 50 billion users were tampered with, it raises serious concerns over online safety and data privacy. With people being upset that FB abused their trust and with the trend #deletefacebook being on the rise, there is a need to get the situation on track.
Facebook brings new data privacy policies, but is that enough
In Jan 2018, Facebook announced to have published privacy principles for the first time, for which it rolled out educational videos to help users control who can access their information. It said that not everyone wants to share everything with everyone, and it is important to have choices when it comes to how their data is being used. Despite their claims and much concerns, the social media giant fell prey to the accusations of data breach and in light of the heated controversy, in March 2018, there were statements from the company that it will bring necessary changes in its privacy settings again.
The company said it would make more straight forward for the users to change their privacy settings and delete data that they have shared with the social media company. The new system is speculated to allow users to access settings from single place instead of having to go to some 20 different screens.
Despite bringing multiple iterations to its privacy setting over the years, it has been accused of these setting being too complicated for most people to understand. The newer introduction would allow users to delete specific things they’ve shared or liked in the past, stopping advertisers from having access to that information. However, users won’t be able to delete the data that they had given to third party apps on the platform previously even if it was used for reasons other than what users agreed to.
While the company is stressing extensively on changing the privacy settings to bring its user trust back, is that enough?
Data havens can prove to be an effective way to rebuild consumer trust
Data safe havens, as the name suggests is typically a secure place to store data, with exclusive and restricted access to data. The idea is to grant access to specific users only and define strict safeguards for each time that the data is accessed. It is to ensure that data is used only within high standards of security. With provisions like secure file transfer, storing data in a secure system, and facilitating it only with the user consent, data safe haven is all about allowing data from electronic records to be used to support a cause with a particular user consent.
It is being used popularly in maintaining healthcare and patient records where data is obtained with individual patient consent while protecting patient identity and privacy. Accessing sensitive data sources is a complex process and safe havens act as secure virtual data rooms in which the data suppliers deposit data for the research projects to access it.
With big data technologies evolving over years, data safe haven concept has found a close proximity, especially in data-driven clinical research. Having a framework in place ensures a secure handling of healthcare information used for clinical research, thereby complying with the legal and regulatory controls. The idea is to develop trustworthiness especially with regard to public and its view on security.
Careful and defined working practice with encryption and access control not only ensures physical security of data centres but ensures that data is used in a way that is safe, secure and ethically correct.
For social media companies as well, data safe havens can be a way to ensure that privacy and security of data is guaranteed. As data security is becoming increasingly complex, it is important that it becomes a corporate agenda and is set on high priority. Companies such as Facebook need to rethink their approaches to come out clean and safe by taking proactive course of action in defending privacy.
Data privacy and security in India
Given the accusations that Facebook data might have been used to influence the 2016 US presidential elections, the social media giant is under scanner for having influenced elections in India as well. India lags behind substantially when it comes to having law and regulatory bodies to handle users’ data, making it a fertile ground for the misuse and unauthorised access of user’s data by service providers. Especially when the country is dealing with issues such as Aadhaar, which is constantly under the fear of cyber attack, the need to bring national laws on cyber security or introducing the concept of data safe havens becomes even more important.
The Union Ministry of Electronics and Information Technology (MEIT), India recently issued a letter to Facebook seeking information regarding the data leak of any Indian citizens. The ministry said that India would not allow its data to be stored outside its boundaries and service providers must be made to pay high penalty if they are found to misusing data of Indians. Ravi Shankar Prasad, Minister of Information Technology, warned Zuckerberg saying if any data theft of Indians is done with the collusion of Facebook systems, it will not be tolerated. “We have got stringent powers in the IT Act including summoning you in India.”
While the world is debating on how to ensure data security, there are other players in the market who are taking advantage of the controversy to gain user trust. For instance, Apple’s head Tim Cook has been seen stressing on the company’s data privacy ethos, claiming that data privacy is a religion for them. On the other hand, Amazon too is likely to be benefitted as it relies less on data to run its businesses than the other ad-focused companies. Amidst the challenging scenario, it is important that the social media giant gain the consumer trust back by carving out a way for better data security, even if the answer to it is data safe havens.