Calls for more regulation in wake of the Facebook scandal ring hollow
In his testimony before the Senate and House, Facebook CEO Mark Zuckerberg expressed that he would be comfortable with government regulation of the social media or technology industry. The testimony comes after a whistleblower revealed a researcher provided primarily public profile data to a Trump campaign-affiliated political consulting firm, Cambridge Analytica.
Government regulation rarely achieves its stated purpose. In this case, politicians are claiming that the regulations are necessary to protect consumers from some ethereal harm. While politicians and some in the media call resoundingly for government regulation now, the calls for regulations were not nearly so loud when the 2012 Obama campaign did something similar. In either case, though, whether Trump campaign-affiliated political consulting firms or the Obama campaign, Facebook users’ public profiles were primarily accessed. Because the public profiles were accessed and because Facebook users control the privacy of their posts, the breaches of trust did not substantially harm Facebook users.
{mosads}When a Facebook member posts a status update, photograph or other information, the member can choose just how “public” the information is made. If the member believes the information is not for public consumption, the member selects any of the many categories but “public.” If the member believes everyone — everyone including individuals who do not have Facebook profiles — should see the post, she may select the “public” category. Some of the privacy categories have changed over the years, but the basic concept of controlling privacy has existed for some time.
The information gleaned by Cambridge in 2016, or the Obama campaign in 2012, came largely from public profiles. That is to say, information Facebook members identified as available for “public” consumption was accessed.
There is a significant difference between public data and private, or personal, data. When bad actors seek to steal identities or credit card information, they seek personal information. Personal information includes birthdays, anniversaries, Social Security numbers, pets’ names, mothers’ maiden names, and so on. They seek any information that will help them guess security questions, passwords, or to set up accounts in other people’s names.
True consumer harm occurs when an individual’s private information is improperly obtained. This is not to say failing to protect data, whether public or private, comes without consequences. A company, such as Facebook, can easily lose consumer confidence. When news of the Cambridge fiasco started to hit the media, for example, Facebook’s stock took a hit. People started talking in negative terms about Facebook. Congress wanted to hear from Zuckerberg.
While Zuckerberg had to appear before Congress and answer for his company’s data protection practices, many in the Democratic Party and the media seem to have forgotten about the access provided to President Obama’s 2012 reelection campaign. Comparing the type of information gleaned between the 2016 and 2012 races provides an interesting perspective.
In 2012, the Obama campaign encouraged supporters to use a Facebook voter engagement app; labor unions, taking a cue from the campaign, appear to have used a similar data collection method during the 2012 election. Once a user signed into the app, the campaign had access to the individual’s public profile and the public profiles of the individual’s friends. The campaign culled through countless numbers of profiles comparing users’ friends lists with lists of registered voters, using the lists generated to identify likely supporters or voters sympathetic to Obama.
The campaign’s data collection practices were so extensive that, according to the New York Times in 2013, it triggered Facebook’s “internal safeguards.” After a review, Facebook told the campaign, “You can do this as long as you stop” after the election.
At least one other source claims Facebook was even more involved, providing “the 2012 Obama campaign direct access to the personal data of Facebook users in violation of its internal rules, making a special exception for the campaign.”
There is very little information available as to where the data collected by the Obama campaign from Facebook went. The campaign’s privacy policy reserved the right to share the data in certain circumstances. And the campaign launched Organizing For America, a “Democratic National Committee outreach program that drew on Obama’s wide network of supporters to generate support for the president’s agenda.”
Cambridge, on the other hand, obtained the data from a researcher, Aleksander Kogan. At the time he accessed Facebook profiles he worked both for Cambridge University as a researcher and for his own company called Global Science Research (GSR). GSR, in collaboration with Cambridge Analytica, used an app to harvest the public profiles of millions of Facebook users.
Both the 2012 Obama campaign and Cambridge Analytica obtained massive troves of data. Both gleaned it from millions of unwitting Facebook users. But there is public outrage only for one of the two instances.
To Facebook’s credit, it has substantially changed its third-party app terms of service since 2012. The company has tried to provide its consumers more and more control over the privacy of their posts. Government regulations, though, will not solve any perceived problem. Regulations, instead, will insulate companies like Facebook from innovators and entrepreneurs who may create a better social media experience.
Jonathon Paul Hauenschild, J.D., is director of the American Legislative Exchange Council’s Task Force on Communications and Technology. The group is a nonpartisan, voluntary membership organization of state legislators dedicated to limited government.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts