There’s a rather interesting documentary on Netflix at the minute called ‘The Social Dilemma’.
In it, former employees of companies ranging from Facebook, to Google, to Instagram and more, layout how these platforms’ users’ have been essentially placed in a glass box for the companies who own these sites to mine their data.
A lot of data.
A metric tonne of data.
Which is mined at nano-second intervals.
This maybe a pact that the lion’s share of users are prepared to make with Big Tech, but over the last two weeks, several events have occurred that may make them want to take a second look and the bargain they struck.
Over the Easter weekend reports emerged that user information from over half a billion Facebook accounts had been posted, for sale, on a forum used by hackers and cybercriminals. Not only did Facebook pass the responsibility for this over to its user base it went so far as to say it wasn’t interested in notifying any of its users who may have had their information compromised.
Last week LinkedIn landed in the dogbox, when it was revealed that 500 million accounts had had their data compromised. Then Clubhouse revealed that the data from around 1.3 million users was out and in the wild.
Think about this for a minute; between Facebook, LinkedIn and Clubhouse, the data from over a billion users’ accounts is now freely available for any Tom, Dick and Harriet to help themselves to, provided they have the requisite money.
As worrying as this all is, what’s more concerning is that the data wasn’t obtained illegally. In all instances, the data was ‘scraped’; it wasn’t collated through a breach of any of these platforms’ infrastructures. Instead, the parties who gathered it gamed the platforms’ user interface. What they did to gather the data didn’t breach any terms and conditions, which is presumably why no red flags were raised until it was too late.
Facebook moved to patch this activity two years ago. There’s no word from LinkedIn or Clubhouse about what they’re planning to do to stop this activity in the future.
This is a problem.
Safeguard your data
It’s easy wave away the last couple of weeks’ worth of shenanigans. After all, when most of us take stock of our relationships with social media sites and the amount of interaction we have with them, the question arises; ‘who would want to steal my data?’
The answer? Anyone who deems it valuable. And those parties extend beyond the social media and search engine platforms who depend on data gathering as the nexus of their balance sheets.
Anyone signed up to a site that is collating their data should be genuinely worried about these leaks, which include (among other aspects) their email addresses, their phone numbers, their ID numbers, their online bios and more. These are tools cybercriminals can use for illegal means. They should be more worried about the reaction these platforms have had in response to these leaks, which for all intents and purposes, has been a shrug and a platitude that essentially says, ‘yeah, well, these things happen’.
Once again: this isn’t good enough.
The internet is a constantly evolving beast. The rules that its founder laid down, no longer apply. Not only have multi-billion dollar corporations gamed the system, nefarious parties have learned how to game the system within the system. It’s no longer good enough for the lords of Silicon Valley to wash their hands and walk away.
It may be time for some law to be brought to what is essentially the digital Wild West.