FACEBOOK FORCED TO FACE THE WORLD?
If you can’t face the world, Facebook, is the adage. The irony of the situation today is that Facebook is rising up to a new music; an unheard of hacking, seems mainly because of its own making & a completely transformed regulatory regime – the European Union’s Data Protection Data Regulation, GDPR, which came into force on 25th of May, 2018. For the first time Facebook has to face the world head on. European citizens PII comes under the purview of this law. This is where the Facebook would be dissected threadbare in an all out legal battle in the coming days.
Hackers have done a neat technical job to understand three different bugs & pull off a coup. It was a “odorless, weightless intruder” making it’s way into company’s systems. Still the issues are sketchy, but reports indicate that 90 odd million users profiles in it’s entirety could be ripped bare. This is whole ecosystem using Facebook log in such as Tinder, Spotify and Airbnb Unlike Cambridge Analytica it’s not a policy or a functional lapse issue. The technology is in question. Does it match the legal requirements? The question playing on everybody’s mind is; “it happened to a company entrusted with 2 billion people’s information is astonishing. And it’s all due to the company’s early, hacky approach to growth and its apparently boundless greed.
This hack is going out to be Europe’s first big online privacy battle. First challenge is the breach notification within 72 hours. It’s the company’s responsibility to identify European citizens amongst the hacked users. From policy decisions and terms of service which GDPR has handled so far, data sharing or an API going haywire this time around GDPR comes into the untested serious arena of optimum technical controls, audit mechanisms & cyber forensics.
The quantum of negligence has be decided; was the company ignoring basic security practices and whether it could have been prevented? The reality is, it was Facebook’s own product code, that created the vulnerabilities. It was also left unpatched for more than a year. If there is evidence to prove that Facebook knew of any of the bugs in advance, the courts would come down very heavily.
BOTH FACEBOOK & GDPR ARE ON TRAIL FOR A SANER WORLD.