Many people are angry about Cambridge Analytica, and seek to blame Facebook for privacy and security issues which are common across many businesses operating online. It is understandable that politicians would be quick to jump on this bandwagon, piling on the blame. Today this culminated when some of the most powerful of our elected officials gathered in a public forum to spar off against one of the most powerful tech leaders in our world.
However, when we ask ourselves who is truly responsible, for most of us, we need only look in the mirror. The majority of us placed blind faith in Facebook, and other tech companies, not fully understanding privacy, security or social implications — some of which were perhaps even unknowable early in the history of these companies. This is understandable since some of the issues we’ve encountered could not easily have been anticipated. Moreover, most people are not knowledgeable enough on privacy and technology issues to fully and accurately understand the implications of our day to day actions while using online services like Facebook.
It is for this very reason that the responsibility of protecting people from themselves falls at least in part on the very elected officials who are so quick to throw stones at Facebook. For as much as these officials wish to use Facebook as a scapegoat, seizing the moment to prop themselves up by putting Facebook down, they are themselves partly to blame.
Our lawmakers have been painfully slow to equip their constituents with a form of digital identity which Facebook and other tech companies can use to effectively differentiate between real and fake users, or to adopt privacy protections provided by contemporary regulations such as the European Union’s GDPR.
While lawmakers may consistently take a reactive posture to incidents like the data breach at Equifax, or the abuse of Facebook user data by Cambridge Analytica, few take a proactive posture to press for upgrades from obsolete identity systems like social security numbers, driver’s license numbers and other human readable credentials.
In a country where consumers regularly lose over $15 billion annually due to identity theft associated with government issued Personally Identifying Information (PII), which of our lawmakers are actually doing something about it? In a country where the economy regularly loses $450–600 billion annually due to industrial espionage, often taking place digitally via data breaches and mass theft of intellectual property, which of our lawmakers is actually doing something about it?
Facebook has indicated they’ve been compelled to hire 20,000 people just to combat fake account creation, an action necessary at least in part because our government has outright failed to equip us with digital identities suitable for proving our identity and legitimacy online. Should all tech companies be similarly burdened? If so, is it fair to insinuate that Facebook is a monopoly, while via gross negligence (failure to protect constituents with digital identities) simultaneously levying requirements across all tech companies, like hiring people to combat fake accounts? Many smaller companies cannot afford to hire extra people just to sort through the government created identity nightmare, and this effectively gives better funded organizations even more of a competitive advantage.
It’s likely that most people who viewed today’s hearing were either rooting for the government or for Facebook, much like spectators at the Super Bowl. Yet it is important to remember that for most of us as spectators, all of these people (on both sides) who we’ve elected to represent us with our votes or online activities, are continuing to let us down. Not once during this lengthy discussion did any side discuss the possibility of arming constituents, citizens, consumers or end users with a digital identity, one which would very efficiently and effectively protect all of us and our privacy from a myriad of cyber and identity related crimes.