Facebook has been receiving a lot of flak globally for the misuse of user data for influencing their behavior and voting pattern. However, this has been Facebook’s business model for years now.
How else do you think Facebook is able to pay its employees and have such fancy offices despite offering free social media services to users? It was never something that is just being unearthed as the media is projecting the whole episode.
The Consent of Users
When Facebook messenger as a mobile app was launched, I read through its terms and they were clearly taking access to a lot of data in the cellphone than that was needed. Users still gave consent.
A user can choose not to use the service of Facebook, but they chose to ignore the potential issues and consent because using Facebook was fun and the ‘likes’ an ego booster. Ergo, the potential privacy risks were relegated to the background.
Today this has become a major issue in India because the US President Donald Trump won the election due to harvesting psychological data from Facebook and building election campaigns to suit the mentality of the voters and using the services of political data mining company Cambridge Analytica. I will not use the word “influence” here because users by a free will agreed to their information being shared with third party companies such as Cambridge Analytics.
Clearly, this mechanism was a success. Let’s keep Facebook aside.
Every election campaign involves the draft of a party manifesto keeping in mind the issues that the people face and promises to address them. Market research is done to obtain this data -- just that the data obtained from Facebook is a lot more accurate and can yield more accurate results.
The difference is also that the Facebook process is online compared with the offline method of using newspapers and interviews to convince voters and influence their decisions. All major product brands follow the same rulebook with social media marketing.
In India, this has become a pressing issue because the Congress and a few other parties are alleged to have now resorted to using Facebook the Trump way. Thanks to the success rate of this method, it would increase the chances of them engineering favourable results in the elections.
Sudden Realisation of an Old Practice
But remember Facebook has been collecting user data for years. No one cared. Today all of a sudden, it’s become a data breach.
A user was informed well. Even when any third-party application is accessed through Facebook, a user is explicitly asked to consent to their name, public profile, friend list etc being accessed by the application. The user of course has a choice to not accept and not use the application.
From this perspective, Facebook has exercised reasonable security practice. However, it does bother me that with the lack of knowledge of “consent” among users in India, a large number of users are allowing third parties to access their data, which can be grossly misused to commit cyber crimes and even physical crimes.
Many apps on Android playstore too are gaining access to photos, location, messages, microphone and everything that inhabits a user’s device. There have been instances of children being kidnapped by usage of child game apps, which map their location.
This issue is not restricted to Facebook alone.
Clearly, India needs the Data Protection Act to be passed as soon as possible. Citizens should be educated about the concept of “consent”.
The proposed Data Protection Act highlights data localization, which implies that the data of Indian citizens remain in the Indian cyberspace, and any service provider offering online services in India has to set up data centers here.
This has its merits and demerits, and is still being debated, though from a long-term perspective, the merits will outweigh the demerits.
Puneet Bhasin is a cyber law expert and president- of
Cyberjure Legal Consulting.