A watershed moment in case of personal data and data breach came about in early 2018, when it was revealed that Cambridge Analytica had harvested and used personal data of over 87 million people's Facebook profiles, without their consent, for political purposes.
The social media giant, Facebook, was founded by Mark Zuckerberg with a vision to connect people in 2004 and became the most popular social media company with over 2.19 billion active monthly users by early 2018. However, several security concerns marred its growth with time, one such being the Cambridge Analytica data breach issue. Cambridge Analytica (CA), a London-based elections consultancy firm, was one of the many data analytics companies which used data from social networking sites for academic research purposes. The data was allegedly used to micro-target the voters in favour of Donald Trump during the United States of America (USA) presidential elections of 2016. Further, the data was also used to turn the Brexit referendum in favour of ‘leave’ campaign and Mexican general elections in 2018.
The possible electoral manipulations through various surveys by the daughter companies of Cambridge Analytica is presently under scanner in India, too, as various political parties like Indian National Congress (INC), Janata Dal (United) (JDU), etc. have been clients of these companies.
Facebook, initially was defensive in approach and denied such breach. There was a lack of follow-up action by Facebook upon knowledge of use of data by third party such as Cambridge Analytica and lack of deletion of such data later on.
Later, Facebook founder and Chief Executive Officer (CEO), Mark Zuckerberg publicly apologized for the breach of trust of the million users on account of the scandal and promised to take corrective measures towards data-protection.
How the scandal unfolded?
In 2010, Facebook came up with an update through which, external developers (third-party apps) could reach out to Facebook users and request permission to access their personal data and that of their friends. Then the third-party apps would use various quantitative instruments to probe the underlying traits that form the personality to micro-target people by providing them messages which resonated with their personality types more effectively (Echo-chamber effect). Cambridge Analytica collected personal data of people without their consent because of this update and used it for political purposes.
Ethical Issues associated with the Data Breach Scandal:
Political campaigning has become much more data-driven due to increasing role of cyber-space in our lives. However, the tech-companies should use data in a way that complies with the law. Politicians, also, must set an example by promoting data protection and not use data to manipulate the elections in their favour.
People’s perception of their privacy, security and protection of their data is very essential as demand for a strong data protection regime can only come from people’s end. Also, the socialisation process and education system has a role to play to infuse a strong sense of ethics in people.
The service provider, like Facebook, must have some obligations on them as well. The companies need to protect privacy by default and data protection should be the norm. The management of the companies need to have an ethical code to follow while using the public data for their organisational gains. The data-mining must not result in exploitation of people.
Data protection laws like General Data Protection Regulation (GDPR) of Europe, to protect the personal data. India, also, has formed Justice BN Krishna Committee to formulate model data protection law. Privacy has been termed as a fundamental right under the Indian Constitution by the Supreme Court of India.
Data is the new oil and data science is one of the most important field to influence the world that we live in and its role is going to increase further in future. It can help to empower the economy & democracy, but most importantly, it can lead to empowerment of people, improve transparency in politics and business. Its role in policy-making and making a better connected world cannot be undermined, however, protection of data is the clarion call of the time.