Current Awareness Strategy Blog

Librarians and privacy in the age of Cambridge Analytica

Written by Clare Brown | April 11, 2018

Have you deleted your Facebook account? Be honest. Have you even reviewed your privacy settings on any other social media site, let alone Facebook?

A few years ago, I wrote about the Ashley Madison scandal with a focus on the dark web, invasion of privacy and reputation management. Unlike the current Facebook scandal, the information leaked had a salacious, blackmailable aspect, and consequently those unaffected were left shrugging their shoulders. After all, if you go on an adult site and provide potentially embarrassing personal data, that is your responsibility.

How private is Facebook?

On the other hand everyone assumed Facebook was safe and relatively benevolent. How could a free site that brought us the ability to poke and defenestrate friends cause pain or distress by misusing our data? How could cautious people restricting information about their personal lives realise that data on apps connected with Facebook was going to be stored or harvested wholesale?

But as a horrified friend found out, contained within the personal data request that he made, there were many pictures and messages from a previous relationship. He’d assumed that when he deleted them, as an honest good faith gesture to the other person, they were gone forever.

We might ascribe this response to naivety; after all, smoking was not considered a health risk for a long time. For years, we’ve agreed to a basic deal: we give private companies data, they provide ‘free’ internet services. Ironically, Google Glass failed at the time as it was thought to be to be an invasion of privacy - however people now voluntarily wear fitness bands which monitor their every move and sleeping moment. We seem to apathetically welcome the connection of all our data, regardless of where it originated.

What will be the next social media scandal?

The Facebook scandal is just the tip of the information iceberg, and who knows which social media site will be next. And it will happen. It is ironic that the tighter Data Protection Regulations are coming into force just as their reason for existence made the headlines.

Some cynical commentators could suggest that GDPR may not have been so widely reported if it hadn’t been for Cambridge Analytica. Regardless, organisations would still be obliged to ensure compliance simply because the fines for breaches are deliberately huge sums.

As I wrote previously, this new data focused landscape presents an opportunity for information professionals because our ethics and expertise are more important than ever. If Nick Poole1 of CILIP is to be understood, librarians need to ensure that the triad of state, company and individual behave in a transparent and accountable way.

Both private companies and government bodies have proven to be untrustworthy, and alarmingly libraries and information centres are happy to let users access social media from public terminals where data security cannot be guaranteed2.

We have a responsibility for our own privacy

But I would suggest that users have to take responsibility for their actions. Like your doctor, data experts can only advise. This takes me back to my opening question. Despite the security breaches, storage of personal messages, and targeted advertising, I have not deleted my Facebook account.

As a qualified information professional who should know better, this pertinent tweet said it all: ‘I would like to think that I am privacy literate but I am fully aware that I don't know what I don't know. #uksg18’. I would be interested to know how many information professionals have deleted any personal social media accounts.

Tell us why you have - or haven’t!