Icarus was warned first of complacency, then of hubris before he flew too close to the sun, so the myth goes: an apt sketch of Mark Zuckerberg’s approach to data privacy at the helm of one the most dominant technology companies in the world. The fresh scrutiny ignited by the Cambridge Analytica scandal reached a new peak last week with Zuckerberg subjected to a 10-hour hearing before Congress. However, this revelation is simply the latest in a string of online misdemeanours which have implicated Facebook over the years.
The volume of information Facebook collected and shared with its partners is certainly staggering, only amplified by users’ lack of awareness of the secondary use of their personal data by technology giants. Indeed, research conducted by ComRes finds that one in five (20%) adults in the US, UK, Germany and France believe that Facebook does not have access to any personal information about its users.
An uninformed public should not be mistaken for apathy, however, and this recent breach brought to a head a sentiment which was already bubbling under the surface. Our research also found that half of adults (53%) worry about how much personal information they have shared online. Also only half of users say they trust Facebook to ensure that the personal data they hold is managed and used responsibly (53%), which is much lower than the proportion of users who trust Amazon to do the same (74%).
Mark Zuckerberg’s insistence in last week’s testimony that Facebook’s users are sovereign over their data points to why Facebook has failed to learn lessons from previous breaches. Half of US adults who share information with Facebook (53%) do not feel in control with the information they share with the platform. That users are able to control what is shared online is a largely a technicality for these companies – in reality the myriad controls and settings for users to adjust fuels criticism that they are not interested in designing systems which prioritise users’ consent. In this context, users are quick to point the finger at online platforms to manage data responsibly: a recent ComRes survey on behalf of Experian found that half of British adults (53%) say it is the company’s responsibility to protect personal data from online theft. This is compared to only 9% who think it is their own responsibility.
It’s unclear if or when Facebook’s reputation will recover: the media is awash with reports of users deleting Facebook in protest, chiming with ComRes research which finds that if data was to be shared without permission by a third party organisation, consumers are most likely to react by ceasing to use the company (56%), removing or deleting all the data held by that company (49%) and advising their friends and family against using the service (46%).
What is notable is that the likes of Google and Amazon have so far emerged unscathed; coverage has been focused on specific breaches and the personal profile of Mark Zuckerberg, leaving questions about the ‘Surveillance Capitalism’ of which these companies are a product largely unasked.
Before the conversation turns to policy, there is an opportunity for these and other companies to take proactive steps to tighten their procedures and place consumer consent at the centre of their business, or continue to risk their own reputation by taking the moral of Facebook’s Icarus story to be to ‘forget the wax and feathers, and do a better job on the wings.’