The Data Privacy Digest is Californians for Consumer Privacy's weekly round-up of relevant consumer data privacy news. You may subscribe here.
This week, new reporting revealed Facebook CEO Mark Zuckerberg oversaw plans to consolidate the social network’s power by treating its users’ data as a bargaining chip, while publicly proclaiming to be protecting that data. It’s a familiar disconnect for Facebook – we recall their brief opposition to the California Consumer Privacy Act being withdrawn during the Cambridge Analytica scandal – but this time, we learn how Facebook 'unintentionally uploaded' and 'mishandled' consumer data and leveraged their trove of consumers’ personal information to hurt small businesses. Meanwhile, a new study shows the health care industry ranks last in protecting consumer data, and Carole Cadwalladr’s riveting TED talk digs into Facebook’s role in Brexit and calls out the "gods of Silicon Valley" for being on the wrong side of history.
It’s time for this week’s Data Privacy Digest:
Mark Zuckerberg leveraged Facebook user data to consolidate Facebook’s power and control competitors – hurting small businesses and consumer privacy.
“Facebook CEO Mark Zuckerberg oversaw plans to consolidate the social network’s power and control competitors by treating its users’ data as a bargaining chip, while publicly proclaiming to be protecting that data, according to about 4,000 pages of leaked company documents largely spanning 2011 to 2015 and obtained by NBC News.
“The documents, which include emails, web-chats, presentations, spreadsheets and meeting summaries, show how Zuckerberg, along with his board and management team, found ways to tap Facebook’s trove of user data — including information about friends, relationships and photos — as leverage over companies it partnered with.”
“The documents include several examples suggesting that these changes were designed to cement Facebook’s power in the marketplace, not to protect users.”
Facebook’s move to leverage user data in this way was a major blow to thousands of competitors and small businesses.
“When Facebook ultimately cut off broad access to user data in 2015, the move contributed to the decline of thousands of competitors and small businesses that relied on what Facebook had previously described as a “level-playing field” in terms of access to data. In addition to Pikinis, the casualties included Lulu, an app that let women rate the men they dated; an identity fraud-detecting app called Beehive ID; and Swedish breast cancer awareness app Rosa Bandet (Pink Ribbon).”
Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent
"Facebook harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts.
Since May 2016, the social-networking company has collected the contact lists of 1.5 million users new to the social network, Business Insider can reveal. The Silicon Valley company said the contact data was "unintentionally uploaded to Facebook," and it is now deleting them."
"At the time, it wasn't clear what was happening — but on Wednesday, Facebook disclosed to Business Insider that 1.5 million people's contacts were collected this way and fed into Facebook's systems, where they were used to improve Facebook's ad targeting, build Facebook's web of social connections, and recommend friends to add."
"Facebook now plans to notify the 1.5 million users affected over the coming days and delete their contacts from the company's systems."
Facebook CEO Mark Zuckerberg under close scrutiny in federal privacy probe, sources say
"In recent weeks, Zuckerberg has promised to reorient Facebook into a “privacy-focused communications platform,” as the company looks to change its “reputation” and focus instead on secure, intimate communications between users along with content that “won’t stick around forever.”
But just this week Facebook revealed another privacy mishap, admitting it mishandled millions of users’ passwords for Instagram, the company’s photo-sharing app. Facebook quietly tucked news of the development into an old blog post Thursday, just as Washington scrambled over the release of the U.S. government’s findings from its probe of Russia and the 2016 election. To privacy advocates and congressional critics, Facebook’s move amounted to the latest sign that the company and its leaders have failed to learn from past mistakes — and should face heightened oversight."
Study: Health care industry worst at protecting consumer data
“The federal government is best at protecting consumer data and the health care sector is the worst, according to a new study by the not-for-profit Internet Society’s Online Trust Alliance.”
“This year marked the first time the survey included the health care sector, but according to Wilbur, it's a vital industry. A person's private medical data could be used for everything from blackmail to insurance fraud.
"Hackers prize medical information to round out the profile of individual they already have information on," he said. "It makes it worth more when they sell it. It gets to the person more deeply."
Facebook’s role in Brexit – and the threat to democracy
“In an unmissable talk, journalist Carole Cadwalladr digs into one of the most perplexing events in recent times: the UK's super-close 2016 vote to leave the European Union.
“Tracking the result to a barrage of misleading Facebook ads targeted at vulnerable Brexit swing voters – and linking the same players and tactics to the 2016 US presidential election – Cadwalladr calls out the ‘gods of Silicon Valley’ for being on the wrong side of history and asks: are free and fair elections a thing of the past?”