Germany has warned Facebook of breaching EU WhatsApp data privacy. Facebook explains the “fundamental misunderstanding.” Data privacy at Facebook has always been an issue. Several revelations disclose that big organizations harvest users’ data for targeted advertisements, especially political advertising from Facebook. The social media platform has over a ten-year track record of events exposing ineffective data privacy protection policies. The most recent incident stands out because of the large number of accounts that were hacked. Personal information from over half a billion Facebook users in 106 countries was leaked online. Over 32 million accounts were compromised in the United States, 11.5 million accounts in the United Kingdom, and 6 million in India.
The leaked data is used to send spam emails, make phone calls, and set up phishing schemes. Such information is also used to plan and carry out a variety of malicious online scams. Hackers can impersonate users and send money on their behalf without their permission. According to reports, anyone with access can skim through the archive of private information on the dark web. Earlier in 2021, the CTO of cyber intelligence company Hudson Rock announced that the stolen data was now being sold to different groups on Telegram.
In a similar EU WhatsApp data privacy situation, Facebook suffered from the Cambridge Analytica fiasco in 2019. The Cambridge Analytica data privacy controversy revolves around the political consultancy and strategic communication firm’s collection of personally identifiable information from “up to 87 million users” on Facebook. Due to several factors, such as insufficient protection against companies engaging in data mining, little to no supervision of developers by Facebook, and users agreeing to excessively broad terms and conditions, the company and others could gain access to the personal data of Facebook users. This was not a hacking event but rather a misuse of a legitimate Facebook feature. First, the company accessed the data legally. Later as per the reports, the company passed all information to a third party without any consent.
On 11th May 2021, Germany ordered Facebook‘s WhatsApp to stop collecting users’ data. Johannes Caspar, head of Hamburg Data Protection and Freedom of Information (HmbBfDI) said, Facebook’s attempt at making users agree to the policy in its revised terms isn’t acceptable. In fact, he ordered a three-month emergency ban preventing Facebook from collecting any further data. He also requested the panel of European Union data regulators to take immediate action. According to him, the new WhatsApp terms allowing data collection are illegitimate. They seem to be too vague, contradictory, and broad.
However, Facebook believes these are false claims and have denied the emergency ban on data collection. Facebook said Caspar’s allegations are “based on a fundamental misunderstanding.” Lately, the tech giant has received many notices for their new guidelines updated by their WhatsApp unit where users must give consent by 15th May. At one point, Facebook even threatened to remove users’ accounts if they did not adhere to the terms. After widespread criticism, the social media conglomerate toned down the idea of deleting accounts and instead opted to flood users with compelling confirmation popups. If one misses the reminders, the app will progressively lose key features until it is rendered nearly useless.
On the other hand, WhatsApp said the new security rules wouldn’t affect the privacy of messages sent to family and friends. Instead, the terms are specifically designed to help businesses connect efficiently with their consumers through the platform. It also includes allowing enterprises to sell their goods directly on it. In a statement, WhatsApp’s spokesperson told Euronews that, “as the Hamburg DPA’s claims are wrong, the order will not impact the continued roll-out of the update. We remain fully committed to delivering secure and private communications for everyone.”
Businesses, customers, and clients should be mindful that they are just as vulnerable to data breaches as ordinary users. Since Facebook collects and exchanges metadata between its mobile apps, including SMS and voice call logs. Although unintended or accidental data disclosure can reveal a corporation to liability, IP fraud, extortion attempts, and cybercriminals, the stakes for companies and employees could be higher. The best way to protect oneself is to take some time out and thoroughly read Facebook’s terms of service and data policy.
However, the question of why Facebook is almost always involved in data privacy scandals remains unanswered. Is it the lack of social ethics or just plain ignorance? Imagine what would happen if the company and all the other tech giants took their values and ethics seriously.