1(630)802-8605 Ravi.das@bn-inc.net

We have all heard the news recently about Facebook and its recent saga with Cambridge Analytica.  Long story short, this entity supposedly harvested data on some 50 million users based here in the United States.  Now, the heat is really starting to flare up, and special auditors have been called into play to investigate this matter further.

On the Facebook side, special auditor Stroz Friedberg has been assigned to the case.  In their own words, he was called to conduct a “special and comprehensive audit”.  According to the newswires in the UK:  “This is part of a comprehensive internal and external review that we are conducting to determine the accuracy of the claims that the Facebook data in question still exists . . . If this data still exists, it would be a grave violation of Facebook’s policies and an unacceptable violation of trust and the commitments these groups made.”  (SOURCE:  https://www.scmagazine.com/facebook-sends-auditors-to-cambridge-analytica-ftc-reportedly-probing/article/752397/).

With regards to the side of the Federal Trade Commission (FTC), they have asked to specially investigate further if Facebook violated an agreement they created back in 2011 in which they were required to solicit for user consent when the company changed their rules about their privacy settings.  If it is found that Facebook has violated this, then they face a whopping $40,000 per day for each violation that has occurred.

Whether or not this fine goes all the way back to 2011 is still yet to be determined.  If it is so, WOW, the market cap on Facebook could really tank then.  Of course, Facebook has denied any wrong doing in this specific circumstance.  In fact, in their own words:  “We respected the privacy settings that people had in place . . . Privacy and data protections are fundamental to every decision we make.”  (SOURCE:  https://www.scmagazine.com/facebook-sends-auditors-to-cambridge-analytica-ftc-reportedly-probing/article/752397/).

But according to security researchers at F-Secure, it was discovered that Cambridge Analytica also had access to the same data that Facebook stored in its databases about its users.  Whether or not it was for malicious purposes still yet remains, but the primary objective appears to have been to harvest just names and emails for marketing purposes.

In response to this, Facebook apparently changed the source of their Application Programming Interfaces (APIs) so that third party apps would not be able to access this private and confidential data.  Since Facebook is the 800 pound gorilla in the social media space, other social media sites won’t their tactics unless Facebook does.  This is really scary.  After all, each and every social media site is its own business entity, and they should be able to respond to the Cyber threat landscape in order to protects its subscribers and users.

But, these are for profit companies, so who really cares about what happens to the customer as long as they make money, right?!  As a result of this, there are greater cries now for the US Federal Government to closely investigate the social media companies that are domiciled in the United States to make sure that they are in full compliance with all of the laws as they relate to HIPAA, Sarbanes-Oxley, etc.

Security experts in the UK feel that the it is Chief Privacy Officer at Facebook (or whatever the related title is) that should take the fall for this entire Facebook fiasco.  I have to be honest, how come we never hear about Twitter or Linked In violating the privacy agreements that they have with their subscribers?

It’s probably because they maintain much more scrutinzation over any sort of misuse.  For instance, with Twitter, even the most minute violation will have your account suspended.  With Linked In, if start pushing your products and services for solicitation, your account will also be suspended.  So why couldn’t Facebook do the same?

The problem is that they may have become too gargantuan for their own good.  Being such a monstrously huge social media site, they probably just do not have the resources to police each and every violation that occurs.  Anything and everything that you can imagine is put on Facebook.  Me personally, I don’t use Facebook that much, except for promoting my tech writing business.  In that regard, they do have some really good tools that even far surpass that of Twitter and Linked In.

So, who knows where this drama will continue to unfold.  Maybe it’s time for a change of leadership at Facebook?  Only time will tell.