Our online society is changing. We’ve had years of unprecedented growth in social media and how we engage as an online community has been ever evolving as a result. Of course, Facebook was one of the originators of this new online world, but we’re entering the next phase now with a much greater emphasis on keeping big data secure.
Stories about data breaches and account hacking are common – when companies we trust with our private information then lose it, it’s headline news. And we’ve all seen Facebook is facing investigations after revelations that data on 50m users were improperly harvested by an analytics firm used by Donald Trump’s campaign. VEEP anyone?!
The damage has been done
Cambridge Analytica, the British firm in question, claims to have deleted all data as soon as it realised it was in violation of Facebook’s terms of service, but this is still up for review. The company is under investigation, and the focus of global media scrutiny. Using questionable sourced personal data to influence elections has opened many people’s eyes as to just how powerful big data can be. Even if Cambridge Analytics did delete the Facebook data, is this not too little too late? Surely the damage has been done.
After 5 days of silence Mark Zuckerberg apologised for the breach and conceded that more needs to be done to protect Facebook users. Protecting such a mass of data to a satisfactory level will be a game changing next step in the social media community as a whole.
Of course, data security is nothing new. We’ve been fighting to improve protection for some time with the likes of the US Federal Government and the NHS publicly falling victim to cyber attacks or hacks of some description. As the amount of data stored and the portability of this data has increased, so too has the pressure to stay secure. Data regulations are becoming even stricter and the rights of people to ask about and control the data being held on them are being made stronger. A current example is the European General Data Protection Regulation (GDPR) that’s due to be implemented in the UK in May this year. Even when Brexit finally takes place the UK will still need to comply, with an equivalent Data Protection Bill already laid out and replicating the requirements of GDPR.
This new legislation should go a long way to protecting big data with the requirement to ensure personal data is processed lawfully, transparently, and for a specific purpose. It will ensure consent is given through active, affirmative action and not by passive acceptance through for example pre-ticked boxes. We won’t go into the full detail of GDPR here – not everything has been finalised yet and there are significant differences between the rules for B2B and B2C companies. However, when it comes to the management of big data, times are-a-changing and with some hefty fines threatened for non-compliance, companies shouldn’t leave it too late to explore what the new legislation means for their business and how they plan to address it.