Facebook’s latest privacy debacle stirs up more regulatory interest from lawmakers

Facebook’s late Friday disclosure that a data analytics company with ties to the Trump campaign improperly obtained — and then failed to destroy — the private data of 50 million users is generating more unwanted attention from politicians, some of whom were already beating the drums of regulation in the company’s direction.

On Saturday morning, Facebook dove into the semantics of its disclosure, arguing against wording in the New York Times story the company was attempting to get out in front of that referred to the incident as a breach. Most of this happened on the Twitter account of Facebook chief security officer Alex Stamos before Stamos took down his tweets and the gist of the conversation made its way into an update to Facebook’s official post.

“People knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked,” the added language argued.

While the language is up for debate, lawmakers don’t appear to be looking kindly on Facebook’s arguably legitimate effort to sidestep data breach notification laws that, were this a proper hack, could have required the company to disclose that it lost track of the data of 50 million users, only 270,000 of which consented to data sharing to the third party app involved. (In April of 2015, Facebook changed its policy, shutting down the API that shared friends data with third-party Facebook apps that they did not consent to sharing in the first place.)

While most lawmakers and politicians haven’t crafted formal statements yet (expect a landslide of those on Monday), a few are weighing in. Minnesota Senator Amy Klobuchar calling for Facebook’s chief executive — and not just its counsel — to appear before the Senate Judiciary committee.

Senator Mark Warner, a prominent figure in tech’s role in enabling Russian interference in the 2016 U.S. election, used the incident to call attention to a piece of bipartisan legislation called the Honest Ads Act, designed to “prevent foreign interference in future elections and improve the transparency of online political advertisements.”

“This is more evidence that the online political advertising market is essentially the Wild West,” Warner said in a statement. “Whether it’s allowing Russians to purchase political ads, or extensive micro-targeting based on ill-gotten user data, it’s clear that, left unregulated, this market will continue to be prone to deception and lacking in transparency.”

That call for transparency was echoed Saturday by Massachusetts Attorney General Maura Healey who announced that her office would be launching an investigation into the situation. “Massachusetts residents deserve answers immediately from Facebook and Cambridge Analytica,” Healey tweeted. TechCrunch has reached out to Healey’s office for additional information.

On Cambridge Analytica’s side, it looks possible that the company may have violated Federal Election Commission laws forbidding foreign participation in domestic U.S. elections. The FEC enforces a “broad prohibition on foreign national activity in connection with elections in the United States.”

“Now is a time of reckoning for all tech and internet companies to truly consider their impact on democracies worldwide,” said Nuala O’Connor, President of the Center for Democracy & Technology. “Internet users in the U.S. are left incredibly vulnerable to this sort of abuse because of the lack of comprehensive data protection and privacy laws, which leaves this data unprotected.”

Just what lawmakers intend to do about big tech’s latest privacy debacle will be more clear come Monday, but the chorus calling for regulation is likely to grow louder from here on out.


Leave a Reply