In March 2018, Facebook was hit by a huge scandal that revealed the social media platform had been using the data of some 87 million users in an alleged attempt to sway voters in the US election. The fallout has been huge, with some saying it even rivals Edward Snowdon’s whistleblowing on the NSA in 2013. It has been defined as a ‘wake up call’ for data protection regulation.
Following the immediate aftermath of the scandal, a survey revealed that 5% of British users left Facebook while a further 6% intended to as a result of the data breach. Worried by the revelations, over half of those that planned to keep using the social media platform said they had or were going to change their privacy settings, with two-thirds worried about the misuse of their personal data.
The negative publicity meant that Facebook had to act swiftly to fix its data protection reputation and encourage users to trust the brand with its details – around appearances at the US Senate and before the UK Houses of Parliament. So, what steps has Facebook taken so far?
As Facebook operates in the EU, it’s had to implement the bloc wide regulations that aim to provide more robust protection for personal data. This includes allowing users to erase the data that the platform holds and being transparent about how the stored information will be used.
Steps to ensure Facebook was compliant under the General Data Protection Regulation (GDPR) in the EU were already underway when the scandal hit. In January this year, Facebook posted an update stating that in response to GDPR it was reviewing and expanding its tool to help people manage their personal data. It also shared that it had hired a dedicated data protection officer and expanded the data protection team in Dublin.
The three areas Facebook identified as being key to its commitment – transparency, control, and accountability – were thrown into question when the scandal of data misuse made headlines.
In a bid to repair its reputation, Facebook has focused on how it will ensure GDPR is effectively implemented, and then gone one step further.
While Facebook only needed to implement GDPR related regulation for its members based in the EU, it announced in April that it would be rolled out globally. Under GDPR, consumers will be protected by some of the toughest data protection rules in the world. However, with a raft of legacy data concerns behind it, only time will tell if Facebook does live up to the data protection promise it’s made users.