After a year of troubling mishaps, from the disclosure of Cambridge Analytica harvesting user information in early 2018 to the recent New York Times investigation into its user data sharing with large partners, Facebook faces increasing scrutiny over its privacy practices.
Facebook of course explains itself by asserting that it is sharing user data for the purpose of enhancing user experience on other popular apps or websites such as Netflix or Spotify. For example, people can see recommendations from their Facebook friends while staying on Netflix. Facebook used to operate independently from other websites and services but was then asked to open up its data for access by other service providers for them to be able to improve user experience. It seems Facebook has remained consistent with its data practices. But why is it all of a sudden getting the finger-pointing now?
I look at this from two perspectives.
First: Scale
Facebook now has 2.2 billion users. Given the massive user base, even a small issue that would otherwise not be a problem at all becomes a major challenge that requires serious attention. Needless to say, technological issues are certainly the case. As to data mishandling, even if data breach, such as bank data or medical data, happens to only one third of the population of any region, there could be grave consequences. If data breach happens to Facebook, it means the data of billions of users across time zones and countries will be at risk.
In any region where data breach occurs, the government has to deal with the situation. If data breach occurs in Facebook, who is in charge of responding to the situation? Just think about it in more detail. Whether people like their government or not, the government handles people's confidential data and any information that can be derived from it and implements certain supervisory and protection mechanisms. What about Facebook and Google, another data conglomerate?
Second: History
Such a situation is not a rare event in history. There have been conglomerates that established predominance during a certain period or in a certain region because they did something right by chance or because of foresight. Examples can be found in every country including the Rockefeller family in America and the oil exporting countries in the Middle East.
Traditionally, conglomerates were able to build up dominance in a region because they controlled certain natural resources. As opposed to natural resources in the past, data is the critical resource of the future. Being able to control data will unleash profit potential, making the oil business small potatoes. Oil production is limited to certain regions while data is being generated around the clock all over the world.
This sheds light on why Facebook and Google are under public scrutiny and why EU is implementing the General Data Protection Regulation (GDPR) to establish lawful basis for the processing of personal data.
Among the conglomerates that have established their regional dominance based on possession of natural resources, many of them have just come to realize "data is the new oil" while some of them that already knew so are struggling to find ways to harvest data like harvesting oil. However, amid data conglomerates like Google and Facebook, is it people's only option to simply accept the "do no evil" and "connect the whole world" missions and philosophies? (I personally embrace such missions and philosophies.)
I think the EU GDPR initiative, aiming to regulate the collection, storage, protection and disclosure of personal data and enable EU citizens to delete, change and transfer their data, institutes changes at the fundamental level. Without fundamental changes to rules and regulations, the next rising conglomerate to claim dominance will be no different from the current monopoly. This is the same as the situation where blockchain technology firms advocating decentralization are actually scheming to become the center.
GDPR in layman's terms
Take having a meal for example. We may have always thought there are only two options - getting one's fill of hearty food or nibbling at fancy delicacies. Are there really no other choices? Of course there are.
The EU GDPR is like a third choice, for example, eating organic food. It is not aimed to replace either of the two choices but presents a healthy alternative, which may become mainstream.
I suppose most readers would opt for eating healthy. As to the world of data, I'll leave the question open as to who is getting their fill and who is nibbling at fancy delicacies.
Lman Chu, co-founder and CEO of BiiLabs
