Over the weekend it was reported that data from over 500 million Facebook users was found online for purchase. However this is no surprise, as it is just one case of many instances where user data was been stolen or leaked after it was taken by Facebook. Back in 2018 and 2019 there were two big cases where a combined 354 million user's data was leaked online that including information such as full names and phone numbers. The site claims that this data was several years old however, and that it was part of the 2019 breach that was subsequently dealt with. With this leak, user's phone numbers, locations, birthdates, full names and emails were available for purchase to hackers online, just to be dismissed by the company. This news holds a very important message about data security and social media that is often ignored by users, and that's the risk you take when you give these sites your personal information.
It's not just Facebook that takes your data for economic gain. Companies like Twitter, Instagram, Tinder, Uber, Spotify, etc all take your information for various reasons, but most do with the intention to sell to advertising companies. These companies require data to present relevant ads to you, to help companies trying to sell you things make money. Its a process that entirely forgets about the users, and ignores their rights for the pursuit of capital gain, subsequently endangering users in the process. With identity theft as the biggest threat coming from these leaks, it exposes another problem with companies that lack motivation to effectively protect your private data. If you remember the Equifax leak from back in 2017, 148 million user's Social Security numbers, birth dates, home addresses, tax ID numbers, driver's license info and more were stolen by hackers. It put into perspective how prone companies are to being hacked, something that could have way larger implications than just identity theft (which is already a big deal).
According to a study by Deloitte and the ISACA, companies spend on average 10% of their revenue on cybersecurity each year. However, 60% of survey respondents said that their companies cybersecurity is underfunded. With companies susceptible to DDoS attacks, data breaches and employees succumbing to email fishing attempts that could potentially lead to devastating releases of user data, I think that companies should increase their cybersecurity spending with the users in mind. Focusing on other aspects of your company make sense from the capitalist mindset that a CEO possesses, but users have a right to their data being secure online.
I've linked a short but very useful video on how the Equifax leak happened.
https://apnews.com/article/business-media-social-media-fce118b1adfef8f6c51518f71465dd4b
https://www.ramseysolutions.com/insurance/data-breach-impacts
https://cybersecurity.att.com/blogs/security-essentials/how-to-justify-your-cybersecurity-budget
Hudson, I found this article to be extremely interesting but also alarming due to the broad reach and implications that it has. One of the points that you highlighted in the first paragraph is the danger in giving your information to the social media sites like Twitter, Facebook , Instagram, and Snapchat. Something that is interesting is that these sites normally demand this information when you create an account for seemingly no reason. As a consumer its hard to decide what to do because you want to use these apps but you are also aware about the data they are collecting about you and the risk involved in that data getting leaked. Over the past couples years we have seen just how powerful these social media companies can be and I would be interested in wondering if legislation is needed to reduce the amount of data there allowed to collect on users to put some retrain on how much reach they have.
ReplyDeleteI was already aware about companies collecting your data to sell as advertisement what surprised me was just how much revenues was made from this. For example, Amazon’s third biggest revenue source is selling advertisements after its retail and cloud computing service. I was amazed when I found this out just cause of how big Amazon is so to think how much money must be in the business selling advertisements is crazy. Another thing I was interested in relating to this article was the recent debate between Apple and Facebook over being able to track users even when they are not using the Facebook app. I am completely on Apple’s side in this case because I think it is absolutely criminal that Facebook can track users across different apps that aren’t even connected with Facebook and use that to run more targeted ads. Something that you highlight is that all this information has the potential to get leaked. I have a banking app on my phone and depending how much Facebook can track me on that what if valuable information gets leaked because of Facebook even though the hack had nothing to do with the bank I used.
I think as consumers we need to hold companies more accountable for better protecting user information. For too long we have accepted their willingness to collect as much data about us as they can without being sure what they are doing to protect that data or even why they need it in the first place. Hopefully as consumers become more aware of this in the modern age they will begin to hold companies more accountable and better protect consumer information.