Any installed mobile app with appropriate access, could be doing anything with our data. Secretively yours.

The recent outrage storm involving Facebook and Cambridge Analytica, is barely the tip of the iceberg in terms of improper use of user data. Consider a quick view on the things that we can grant  installed apps, access to:

  • camera
  • location
  • contacts
  • microphone
  • cell phone
  • and numerous other sensors, the list is ever-expanding

These features were built for convenience, allowing us to reuse content with minimal friction on our devices. Once access is granted, we have no idea what these apps will do with the data. We have no idea how frequently they access the data. Any app that accesses any of these data, can potentially ship them to some servers anywhere in the world. Once the data leaves the device, its destination is almost certainly unknown, its lifespan undetermined and possibly infinite. The servers where the data land may be insecure, they may be sharing it with anything else out there. The possibilities are endless. We have no clue. The device vendors have no clue what could happen. The only thing that smart phone platforms such as Apple or Google could do, is to disable the features, this for the future, that’s it really.

Should we disable sharing data with third-party apps?

No, we shouldn’t, that would be too extreme. Just because apps could use our data for undeclared purposes doesn’t imply that all have nefarious intent. On the contrary, the majority most probably have good intentions, some could simply make mistakes but otherwise trustworthy.

Is Cambridge Analytica (CA) the worst of them all?

We have now profusely heard about CA, and maybe one other. However, we haven’t heard of possibly hundreds if not thousands other companies that, just like CA, have been downloading our data and may be doing things we would not approve of. Those other companies might now have got the message, gone into hiding, taking extra measures to conceal their intentions and activities. How will we know? How will we find out? Can we find out? Can anyone find out and help us? I am not so sure.

Should we start freaking out now?

Well, we could panic, scream out loud, protest, file lawsuits. We could change identities and try to assume a new life. And more. Would that make much difference? Would we ever feel safer? We can never take our data back. We can never go back in time, obviously. Maybe we should first explore our options, assess risks and any potential consequences. It’s certainly pressing, urgent that we start getting informed and have principled views on our digital footprint.

Were we right with all the outrage about Facebook’s conduct?

Maybe. The stunning thing is though, most of us in tech industry knew full well that this was going on. We couldn’t possibly have overlooked it. It may be that everyone assumed that everyone knew and people were ok with the situation. Maybe the shock came through the realisation of the amount of details being kept on our digital footprints, obviously we’ve forgotten about triangulation techniques. Perhaps it was really Cambridge Analytica’s activities, especially what they claimed on hidden camera, that got people angry. If that is so, then we ought to thank the investigative journalists for waking us up. We also ought to thank Facebook for being sloppy, for having an aloof management. Because all of that have contributed to the wake up call.

Are we really awake though? Are we going to put things right, better?

I don’t think we really are. Some activist groups will most probably increase their vigilance, grow more vocal. There are people who will delete their social media accounts, Facebook, Twitter, what not. These will be a minority, their impact negligible in the short-term, totally invisible in the longer term. FB and others will spend big money on PR, put on a couple of shows, people will resume whatever was going on before. If anything, a feature outrage storm will start incubating again on the exact some subject.

Should we blame the programmers that built these features?

In most cases, the programmers are just doing a job. They’re building features discussed in teams, everyone simply trying to get by and make a living. Not every one of them is innocent, but the majority probably is. People often are just doing their job. Let’s not forget that the chance to actually challenge your boss, or seek another job when unhappy with the employer’s business practices, can actually be a privilege.

Companies can change owner (bought, go bust), may pivot, strike alliances

Even if your trusted company is a good custodian of your data, things can change. They may enter into partnership agreement with others and thus share your data. They may be trusting someone whom you wouldn’t trust. The company may adopt new business goals, changing its stance without prior or public notification – unless of course they would be legally bound otherwise. Trust isn’t transferable without all trustees consenting. In this respect, the EU’s GDPR couldn’t be more timely.

Should we be concerned about the future, about our children future?

Reasonably, we should never be naive enough to think that corporations would hold our individual and human interests dear. Paranoia isn’t a solution and would only leave us frustrated and unhappy. Of course, totally departing from all of it, if practical for somebody, would be a way to escape this particular threat. But that only works if we don’t share anything about us with anybody else who is taking part in social media. Because otherwise, our data may escape and spread through our friends and connections.

We should be reasonably skeptical, apply scrutiny to social media and all these fads that befell us through the web. We should always assume that any convenience brought to us by corporations, have a price. Even when we’re paying the agreed price in any kind of currency, there will always be potential for abuse. We should be aware of risks, as much as we can, take steps to reduce risks, seek mitigation strategies if we care and can.

What would be dangerous, is to take on face value any claim that all problems are solved once Facebook or other companies declare to have taken actions. That would just be powder in the eyes, the situation wouldn’t have occurred had they cared.

Facebook is a public company, it is primarily working for its shareholders

Imagine Facebook’s business pitch, the story they tell when raising funds or attracting customers. A crucial differentiator for them, is that they can know everything about us, its users. That must be somewhere on most slide decks that they show. If they can boast about such knowledge, coveted by investors and partners. The amount of advertisement that they can sell, the reason they have a market capitalisation of over $560 bn (since the crisis began, it’s market capitalisation lost a whopping $100 bn), all stem from this intimate knowledge of users. That is the only product they offer to their customers. They will pull all shots to preserve it. Let’s remember that Facebook is a public company, its leaders answerable to shareholders. FB leadership is basically doing its fiduciary job, spend money on PR and sounding all the right things in order to calm down markets. Calls for its boss to quit seem exaggerated, because the company has been doing what it has always done anyway, the same things that helped it grow to what it has become.

Apps need access to our data, otherwise they are not very useful

Ultimately, people need each other,  people want and need to share things. Similarly, the main attraction of a smart phone, the main use of social media, is to share something with somebody or another app. That is just how we live in society, and much good have come from it, much good will keep coming from it. Along the way, some things will go wrong, rogue players will do rogue things. Those caught red-handed are seldom the only bad ones, we shouldn’t be too naive about that. We cannot ignore any of  these facets without impact. For the majority of people, it is not practical nor possible to run their own digital presence.

In the contemporary society, we cannot not have a digital footprint, virtually any interaction we have with people or places is getting digitalised one way or another.  We even enthusiastically take part.We mostly enjoy the experience we get out of it through our smart devices. Facebook owned apps are interwoven in the daily habits of 2 billions so deeply that, that it could take a generation for that to change. However, it would be wise to keep the digital sharing reasonable, if not tame, with the clear assumption that it may get misused by someone. We should keep fighting for ever more say over what gets shared about us, and when and where that happens. Those in charge of the sharing mechanisms will wrestle to maintain their grip. It’s a tug of war that isn’t likley to end anytime soon.

PS: The expression “secretively yours”, is a play of word, it came from what could be heard in the Challel 4 News’s secret filming of Cambridge Analytica, here and here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.