When news revealed that Cambridge Analytica illegally collected the data of Facebook users who used the company’s third-party application, it led to a massive scandal in the US and all over the world. Many countries like India, Canada, and the EU have filed lawsuits against the company and planned to tighten regulations to protect their citizens. For other companies, it can be a typical case study with many lessons to learn about data protection, information sharing, and cybersecurity.
1. Avoid delay acknowledgments of misconduct
When it comes to data protection, decisive and quick actions are essential when your companies make mistakes to gain confidence from the public. It is always said that the truth always comes out, and this is exactly true in this digital age. Facebook knew about its problem for nearly two years ago but didn’t have any policies to protect the users. It was not until they faced accusations that the firm accepted their wrongdoings. However, it’s too late because data and sensitive information of millions of users have been collected illegally for wrong purposes.
2. User privacy is the top priority at the beginning
Ideally, every company should always put the privacy of its users on top priority by showing through actions and words at the beginning. This means you should set up initial accessible and comprehensive privacy settings, then update gradually to resolve possible issues. In the case of Facebook, they’ve just redesigned their privacy policies recently when so many people have lost their trust after scandals. It is crucial for other firms to look at this example and learn that reactive approaches aren’t preferable. Would the largest social media platform update on data protection if their wrongdoings hadn’t been revealed? Probably not.
3. Third-party tracking is vital
Cambridge Analytica collected information from Facebook users through an interesting quiz app. The issue was that even those who did not use the app directly also had their data gathered. This reveals that Facebook doesn’t have a robust data protection policy enough to prevent third-party companies from doing similar acts. To gain public confidence, third-party tracking is essential for other firms to ensure the data of their users won’t be used elsewhere for wrong purposes.
4. Data collection from non-users would be extremely unsafe
Even when you deleted your Facebook accounts and stopped using this platform, the company can still collect your data. However, every service provider has the responsibilities to be transparent about their practices of collecting data from non-users. Otherwise, it would do more harm than good since the company might under the risks of facing lawsuits from those people or businesses.
5. Acquiring proof is important
Facebook knew about the violation of Cambridge Analytica a few years ago and asked the company to delete the collected data. However, they didn’t have sufficient proof to show what Cambridge did was wrong. Therefore, businesses subjected to data protection problems associated with third-party apps should avoid these issues by requirement verifiable evidence which indicates the required actions have occurred.