This article was published on April 28, 2018

Cambridge Analytica might finally make Brussels care about data privacy


Cambridge Analytica might finally make Brussels care about data privacy

It was inevitable. One by one, they all lined up to demand that Mark Zuckerberg come to Brussels to explain himself, or, more accurately, explain what the hell Facebook has been doing with our data.

Europe’s political parties have been collectively outraged at reports that Facebook “allowed” private data into the hands of Cambridge Analytica, who then used it to manipulate elections. Of course, the European Parliament is largely responsible for the best bits of the General Data Protection Regulation (GDPR) due to come into force on May 25, and most experts agree that the GDPR might have prevented the activity – assuming the companies in question obey the law. But it’s hard to feel sympathy for those who pushed so hard against to get the landmark privacy law, and are now crying wolf.

Birgit Sippel, S&D MEP and the woman in charge of the ePrivacy law overhaul hit the nail on the head, with this statement:

It is laughable to see the faux outrage from the EPP group on this scandal. Their words say one thing, but their voting record says something completely different. On every major piece of legislation in recent years, they have toed the line of lobbyists from the internet giants and against the interests of citizens.

In one sense Facebook and Cambridge Analytica have done privacy activists a favor. It is rare to see so much praise heaped on a law that was so controversial in its making – widely regarded as the most heavily lobbied piece of legislation ever to pass through the European Parliament, it received a record 3999 amendments.

So, to quote EU justice commissioner, Vera Jourova: “thank you, Mr. Zuckerberg.”

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

However, like everyone else in Brussels, Jourova said she wants The Zuck to come to the city to answer “European kind of questions,” and “European legislators should be given a chance,” she said.

Nuala O’Connor, President and CEO of the Center for Democracy & Technology (CDT) described it as “a time of reckoning for all tech and internet companies to truly consider their impact on democracies worldwide.”

Green MEP Sven Giegold added:

The Facebook scandal is a stab in the heart of democracy. It is about much more than breaches of data protection rules; it is about the legitimacy of democratic elections and referenda. If business models based on collecting data endanger democracy, then democracy must set strict corresponding rules.

And there’s the rub. Facebook’s entire business model is based on harvesting personal data. And the social media behemoth is not alone. Hundreds of thousands of businesses worldwide are doing the same thing.

Facebook takes the basic human need to socialize and communicate and effectively weaponizes it by making its servicing of that need as addictive as possible. It is not the only company in the world to exploit human frailty, but it is one of the biggest and most insidious.

However, if politicians think that simply hauling Zuckerberg into the EU institutions to answer questions – presumably in an as slippery and disingenuous a manner as he did in the U.S. Congress – will change the predatory technologies at the heart of the surveillance capitalism economy, they have another think coming.

Let’s talk about the term “free” for a moment. Most Facebook users are well aware that the media giant is funded by their eyeballs. They know that they are being served adverts, diverted to publishing sites, who in turn sell more adverts, to encourage them to buy things – although they’ll probably be shunted through a half dozen more adverts before clicking “buy.”

However, they probably didn’t expect that they would be buying dodgy political views and fabricated vitriol served to them by self-interested demagogues with no political moral core. It is one thing to arm yourself against the onslaught of non-stop advertising when you know it’s coming, it’s quite another when you can’t even see it for what it is.

When a company the size of Facebook sells our data to the highest bidders with no regard for what they will do with it, there is a problem. Facebook says it didn’t “sell” the data to Cambridge Analytica, but that’s beside the point. It can, and does, sell it to plenty of other third parties without the slightest compunction.

And why should Facebook have all this personal information in the first place? It certainly doesn’t need it to offer the social media experience it’s providing. Most users aren’t fully aware of the enormous amount of data that Facebook compiles on them, not just from posting on the site, but from their phone, other apps, other websites and even private one to one conversations.

Dele Atanda, founder of Digitteria, has this to say:

The core problem is that Facebook acquires data through what can only really be defined as deceptive and nefarious means. Furthermore, many of the tactics for acquiring data involve un-consented tactics and models that go far beyond people’s expectation of what is reasonable and fair

And what’s to stop it happening again? Facebook has suspended Cambridge Analytica from its platform for violating its guidelines on the use of user data. Too little, too late. It was Facebook who opened Pandora’s box, siphoning off as much data as it could to sell to the highest bidder. Cambridge Analytica just happens to be the company that used that data in the most abusive way we know of. But make no mistake, there are countless other similar companies working a way out of the public eye, wishing they had Cambridge Analytica’s abilities. And sooner or later they will.

The Facebook-Cambridge Analytica has caused a “crisis of confidence in the digital ecosystem,” says Giovanni Buttarelli, EDPS:

The solution is to be found beyond content management and transparency, though they may help where appropriate. What we also need is better enforcement of the rules on data processing, especially sensitive information like on health, political and religious views, and accountability.

Buttarelli is right, and the Article 29 Working Group, made up of national data protection authorities from EU countries has announced it will set up a new group specifically to investigate data harvesting from social media platforms. ICO, the UK’s data protection authority, is also conducting the investigation into the matter.

Privacy International also has some good ideas as to what policymakers can do about the Cambridge Analytica and Facebook scandal. Seven to be precise, including a right to know when you’re politically targeted, effective remedies for individuals, and more resources for DPAs.

“Data Protection law is what we need, not market-driven ‘Data Ownership’,” says the organizations’ statement. I agree. Unless we all voluntarily switch off  (which isn’t going to happen) the rage will fade and the status quo continues until the next scandal. The surveillance capitalism model will continue to profile us, manipulate us, and pull the strings of society.

The Cambridge Analytica scandal has provoked massive outrage, not because Theresa May et al. suddenly care about our privacy – she doesn’t, her time as Home Secretary proved she wanted as much right to snoop into citizens’ private lives as she could get – but because they have realized that they are no longer the ones calling the shots, and are terrified the machine they helped build could be turned against them.

As I said in the beginning, I have little sympathy for them, but for once our interests may align in thwarting the onward march of Big Brother.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with