THE FACEBOOK DATA LEAK AND IS IT OKAY FOR COMPANIES TO SELL OUR DATA? Page 2
The Facebook Data Leak and is it okay for Companies to Sell our Data?
West Virginia University
Table of Contents
Abstract……………………………………………………………….. page 3
Introduction…………………………………………………………… page 4-5
Review of Literature………………………………………………….. page 5-8
Discussion…………………………………………………………….. page 8-9
Conclusion…………………………………………………………….. page 9-10
References……………………………………………………………... page 11
In this article, I will be researching how often big data leaks occur and how much users value information security. I will be using peer-reviewed literature to get my results in order to come up with adequate information to support or reject my hypothesis, “big data leaks can happen and do happen, but I do not think people care as much as they should.” With these results I should be able to answer my research question, “How bad was the Facebook data leak and is it okay for apps, companies, etc. to sell our data?” From the research I determined that dig data leaks do occur, but also that it may not be an issue for some people who do not value their privacy. This information supported my hypothesis.
Keywords: big data, information security, Facebook, privacy
Many times I have been searching google and then 10 minutes later, I see an advertisement for what I was searching. This is possible because of big data. Companies take data that they derive from its users and sell it to advertisers. This is how applications and websites are able to users for free. Many users seem to have issues with this and when the data is leaked to the wrong company, there can be issues.
In 2018, Facebook stated that the data of over 87 million users was leaked to a political organization called Cambridge Analytica. This left a very bad taste in many Facebook users mouths as they do not feel it is right for Facebook to be allowed to share its user’s data. I have decided to research this topic and the question I will be trying to answer is: How bad was the Facebook data leak and is it okay for apps, companies, etc. to sell our data?
I feel that this is a very important question because of how big Facebook has gotten and many users put a lot of information out there. These users may not be aware of how much of their data is being shared to different companies. Also, users of various free apps are unaware that these applications are making their money off of advertisements.
This raises concern because the companies that can get their hands on user data can manipulate users. For example: Cambridge Analytica was a political organization that could determine our political affiliation via our Facebook data. They could then use this data to tamper with the 2016 election. The question is, is this okay considering Facebook users knowingly put this information out to the world.
If this issue were to be resolved, users would be able to have full information security while using Facebook and other applications. Without the ability for companies to sell user data, users would be able to share what they want without the fear of having their data shared to the world. Results from solving this issue would not just stop at information security. There would no longer be free applications because the ability to run ads would be no more. Running ads is how users are able to get applications for free. The question is, is information security worth the potential consequences of no longer having free apps?
While information security may sound very appealing, how much do users actually care about having their data shared to companies. I would expect users to understand their data is likely to be shared they sign up for applications. Lack of knowing this would the fault of the user considering they are sharing this information on the internet.
My hypothesis is that big data leaks can happen and do happen, but I do not think people care as much as they should. I hope to be able to determine this by researching various peer-reviewed sources to determine the best answer to my research question and support my hypothesis.
Review of the Literature
The first source I read was an article on the upsides of data privacy. This helps to explain how user privacy would be a good thing and something we should strive for as users. This article uses information derived from research literature to discuss how companies who value their customer relationships should consider meeting the customer expectations and demands regarding information security. For example: if Facebook users gained awareness on their data, they may feel that this is unfair to them and demand they have data privacy or they will not use the application. This would be an instance where data privacy would be good for a company. This article uses information from academic literature, legislative texts, practical recommendations, corporate privacy statements, and expert interviews to come up with 202 statements. These statements revealed customer concern of data privacy which led the author of the article the believe that these companies need to be aware of the customer concerns. The author of the article used the Kano Model and two surveys to analyze customer data.
Fig 1. Illustration of the Kano model factors and applied to the data privacy context. (Gimbel 2018)
The figure is showing the degree of addressing data privacy concerns in correlation with customer satisfaction. The quality of the service or application changes as it leans towards one or the other. This article helps me to understand concerns of the customers of these various companies. I feel as if I am at fault for not knowing this information when I use services such as: Google, Facebook, etc. This is information I feel we should all know, as users, before we sign up for a service.
My second source is an article on the politics of sharing personal data. This article looks at understanding the sharing of user data and understanding whether the data sharing is being purposefully shared or if it is unwillingly shared. This would help to understand the Facebook data leak and determine whether Facebooks Chief Executive, Mark Zuckerberg, purposefully shared millions of user data to Cambridge Analytica or if this data was derived unwillingly from Facebook. Results were derived from surveys and customer evaluations as well as various research articles and insinuated that problems with data privacy and information security need to be addressed to better adapt to user wants and needs. This article helps me to understand the differences in how data is shared from companies and how that doesn’t change the opinions of its users in that they still demand information security.
The next article I read focused on the movement of personal data, specifically on smartphones. It discussed that while the convenience of having a smartphone is impressive, it comes at a cost and that cost is data leaks. People seem unaware of this because they are too focused on smart devices and what they can do. The author explains this as being a result of our current design trend and that is bigger and better, essentially meaning people prefer innovation at all costs. Take iPhone for example. Every time a new iPhone comes out, people rush to stores to purchase them meanwhile the costs of the phones are increasing each year. This is an example of why people love innovation and are willing to sacrifice a lot to achieve innovation. After reading this article, I understand that the issue may not be that the customers may or may not like their information being shared, but that they are unaware of it happening to begin with. With that being said, it makes me wonder how bad data leaks could be if they are happening without users knowing. It must not be that bad after all.
The fourth article I chose to research was on the uses of big data and how the may lead to efficiency. The author of this article discusses how big data is used for innovation and efficiency, but also mentions how big data may be an accident waiting to happen. Data accidents have occurred in the past and are a potential accident for any organization that uses big data. “What seems certain… is that the problem of technological determinism—that is, of the impact of machines on history-will remain germane until there is forged a degree of public control over technology far greater than anything that now exists.” (Heilbroner 1967). Facebook uses big data and our data was leaked to various organizations, whether it was accidental or purposeful does not matter. All that matters in these types of scenarios are likely to happen when dealing with big data. The question is: is the increased innovation and efficiency worth the increased chance of our data being leaked? This article demonstrates ways that accidents can be prevented or controlled and I think this is very important. This leads me to believe this issue is solvable in ways that would be beneficial for the company and its users.
The last source I researched was an article on Facebook privacy management. While this article did not focus on data itself, it is very important for my research because it discusses how much users care about privacy to begin with. The article brought to my attention that men care less about their privacy than women do. The author of the article found an algorithm to determine which gender is more concerned about having privacy on social media. This may also be true for different scenarios such as: do people of different ages, geographic location, and race all care about privacy the same. This would give the companies great insight on who values their privacy the most and if anyone values their privacy so much that they are willing to sacrifice the advantages of having big data. While this is vital information for anyone wanting to know how much users value their privacy, I don’t know if there is a way for companies to give different amounts of privacy to different users. Potentially, companies could give options on whether users get the maximum amount of privacy or little to none. This article answered my question of whether users care if their information is shared to different companies and helps me to get an idea of how bad the Cambridge Analytica leak really was in the eyes of Facebook users.
After researching various peer-reviewed articles, I am now able to understand a lot more about information security. Big data is something that is being used by many companies and it has its perks, such as: innovation and efficiency. While these are great things to have in a company, it comes with the potential risk of data accidents occurring. Data leaks can happen and it can often be unknown whether they occur purposefully or unknowingly. Facebook leaked data to Cambridge Analytica and this may have been an accident or intentional.
Also, while researching I learned that not everyone is concerned with privacy. This information I have derived from these articles are available for everyone. Therefore, if someone still does not understand the risk of using these applications, then they are at fault for whatever may occur with their data.
With all that being said, I believe the proper answer for my research question is that while data leaks are wrong and invasion of user privacy, they should be aware of this and are at fault for sharing such information. Each of my sources provided me with crucial information on data privacy and lead to make this assumption. However, while I gained a lot of information from these sources, I would still like to better understand how users can be unaware of their data being shared and then be distraught when it happens. I think it is the user’s responsibility to understand such information when they sign up for the application. This is something I would have to research myself as I could not find any previous research done on this.
In conclusion, I have come to the understanding that dig data leaks do occur, but also that it may not be an issue for some people who do not value their privacy. If I had the ability to do my own experiment, I would try to research how much people actually care that their information is being shared with other companies. I myself do not see a problem with anyone having my data because I make sure to not share anything I would not want someone to see. I would not consider the IoT to be a place where people can even have privacy. Each of the sources I selected were peer reviewed articles with methods for testing my hypothesis. Each source gave me information that helped me to support my hypothesis of, “big data leaks can happen and do happen, but I do not think people care as much as they should.” This implies that people do not generally care enough about their information being cared that they are willing to sacrifice the applications such as Facebook. It implies that not enough people would be willing to give up Facebook for information security. These implications come with consequences. Companies recognize this and they are continuing to share user data which is inconvenient to the minority of users. This may not seem like a bad thing, but the few users that do value their security will be upset. However, they will always have the option to not use services that share their data. The fact is, the Internet of Things (IoT) plays a major role in our everyday lives. It influences our lives. It is in our houses, our cars, and even our appliances.
Fig 2. How the IoT and the cloud play a role in our everyday lives.
Child, J. T., & Starcher, S. C. (2016). Fuzzy Facebook privacy boundaries: Exploring mediated lurking, vague-booking, and Facebook privacy management. Computers in Human Behavior, 54, 483-490. doi:10.1016/j.chb.2015.08.035
Dai, W., Qiu, M., Qiu, L., Chen, L., & Wu, A. (2017). Who Moved My Data? Privacy Protection in Smartphones. IEEE Communications Magazine, 55(1), 20-25. doi:10.1109/mcom.2017.1600349cm
Gimpel, H., Kleindienst, D., Nüske, N., Rau, D., & Schmied, F. (2018). The upside of data privacy – delighting customers by implementing data privacy measures. Electronic Markets, 28(4), 437-452. doi:10.1007/s12525-018-0296-3
Nunan, D., & Domenico, M. D. (2015). Big Data: A Normal Accident Waiting to Happen? Journal of Business Ethics, 145(3), 481-491. doi:10.1007/s10551-015-2904-x
Tolmie, P., & Crabtree, A. (2017). The practical politics of sharing personal data. Personal and Ubiquitous Computing, 22(2), 293-315. doi:10.1007/s00779-017-1071-8