Here’s a hypothetical scenario. There’s a house on your street that, as bad luck would have it, keeps getting broken into by thieves. Over and over again. The damage varies from attack to attack, but it’s almost always considerable. The police know who the perpetrators are, but their words to the victims are cold comfort, because their hands are basically tied — it seems as though there’s not really much the cops can do. The weird thing about this episode, though, is that (come to find out) the homeowner keeps leaving their front door unlocked, as well as the garage door open. After each incident. As a matter of fact, so do many neighbors on the street. And here’s the strangest part: The thieves have started apologizing, profusely, and promising to live on the straight and narrow going forward. Until they don’t, and the whole cycle starts back up again.
In a very crude and imperfect way, that’s kind of how it seems like the past week has unfolded, in terms of the now all-too-familiar flurry of data privacy-related news headlines stemming from Facebook’s latest data leak. As we noted over the weekend, there’s been another huge Facebook data leak, in case you haven’t heard — this one encompassing personal information from more than 533 million Facebook users from 106 countries. This data was posted in a hacking forum, according to a report from Insider, which is to say — if you have a Facebook account, there’s a good chance your data has once again been exposed to hackers including everything from your phone number to your email address, birthday, full name, and more. In this post, I’d like to talk about something missing in all the hue and cry over Facebook’s latest misstep, and it applies more broadly to include companies like Google, as well.
First, one more note about the Facebook data leak: It should not escape our notice that it was around this time three years ago when we first learned about Facebook’s Cambridge Analytica scandal (back in March of 2018). Facebook later confirmed that data on 87 million users was improperly accessed during that scandal, and do you remember the furor that followed? The incessant news coverage and the never-ending legislative hearings convened by angry politicians?
Take a look again at the number at the top of this post (533 million). The new Facebook scandal is equivalent to six Cambridge Analyticas. Among the high-profile names reportedly caught up in this latest breach is EU Commissioner for data protection Didier Reynders, according to Politico.
But let’s go back to the hypothetical scenario above. At some point, the behavior of tech giants like Facebook (and Google, to a certain extent) gets to be a little like Lucy yanking the football away from Charlie Brown. As noted above, the hypothetical homeowners keep leaving their home unprotected. Lucy, time and again, promises Charlie Brown she’ll actually let him kick the football this time, even though we all know what’s going to happen (he’s going to end up flat on his back for the millionth time). At some point, in other words, user culpability has to become more of an issue when it comes to the tech giants that we entrust our date to.
Companies like Facebook and Google generally can’t steal, leak, or carelessly handle data … that they don’t have in the first place. No one, in other words, is forcing you to use these services!
Some of you just flat-out do not care about data privacy. You’ll live with whatever Facebook and Google throw at you, in other words, in exchange for the convenience they provide. This week’s news, though, should at least be a wake-up call to everyone that, at a minimum, you ought to consider not leaving your digital “house” unlocked, for anyone to enter.
Maybe that means getting off of some services completely. Or switching to more security providers, like to ProtonMail instead of Gmail. Along these same lines, here are some steps and guides you can follow to shore up the security of devices and software offerings that most of us regularly use: