The advent of the internet in our daily lives over the past two decades has been celebrated, especially for advancing democracy and exercising rights. It has become a tool for exercising expression, for connecting with others, and accessing a vast amount of information in very little time.
At the same time, we must constantly remind ourselves that the inexpensive — and often free — use of the internet is enabled by corporations that are among the world’s largest companies, and whose owners are among the world’s richest individuals.
How is it that our free social media usage leads to huge incomes for the owners of these corporations? Advertisements. And how do ads work on social media? Through the analysis of our personal information also known as big data. Hence, our free use of social media provides an invaluable amount of data — ‘the new gold’ — to corporations that sell it to individuals and other companies. The latter need this to target users for advertising based on their habits analysed through their online activity.
The latest Cambridge Analytica leaks through a whistleblower in the company tell us that a researcher acquired information of around 50 million Facebook users through a personality quiz application on Facebook that he had promised would be used only for academic purposes. But he ended up selling it for $7m to Cambridge Analytica. The latter used it to bombard citizens with political advertisements, based on their personal profiles, for their political clients in the US during the presidential elections, in the UK during the Brexit referendum, in Kenya’s presidential polls, and in Bihar state elections.
The leaks raise a number of critical questions about personal rights to privacy and the protection of our data, social media corporations’ responsibility, and the ethics of political advertising on the internet.
The usage of our personal data from our social media activity for commercial purposes is extremely concerning. But it is not surprising. Since the use of this platform is free of cost, what incentive is there for these companies worth billions of dollars? Data is sold to advertisers for targeted advertisements which form the source of income for these corporations. But these leaks show us how detailed the data breach can be. Hence, we must realise that any information on the internet is not private, but we can take a few steps to safeguard our information.
First, we should ensure that we share minimal private information on the internet. Details like our date of birth, location history, photographs, travel plans, etc can be critical information for companies greedy to commercialise our private information.
Second, we must see the list of permissions an application asks for before we instal it. Often times, mobile apps ask to detect one’s entire contacts list, call log, photos, besides asking for access to the microphone and camera. This can lead to constant surveillance not only by corporations but governments as well. For instance, in the first six months of 2017, Facebook complied with 63 per cent of data requests made by the PTA and FIA from Pakistan, according to the Facebook Transparency Report, often done under the garb of criminal laws that are known to be vague.
Hence, it is wise to go through the list of details the application on our phone wants to access, and instal it only if we are willing to provide access to that data. An alternative to mobile applications for different facilities is to use these platforms in internet browsers either on the computer or phone, and use the browser in private or incognito mode, which makes it harder for companies to retain information.
Third, one should always avoid clicking undetected links forwarded or sent via spam messages/emails, as these often contain malware — a virus that steals information from our devices including phones and computers. For example, commercial messages promising free tickets or goods like cars etc with links, usually contain malware and spyware that gets access to information on phones once the link is clicked. One should avoid forwarding and clicking these links. Similarly, third-party applications on social media platforms such as personality quizzes on Facebook serve the same purpose of data collection, and it is advisable to avoid them.
This brings us to a subject discussed previously by this writer: the need for stronger data protection and privacy laws. Governments need to get strict with breaches of privacy by corporations, including internet service providers, telecom companies, as well as social media platforms that have access to personal details of users in the form of big data which is used for commercial purposes often without users’ consent. Companies that profit off our data should be made to pay damages under the law to users when their information is sold without their consent to deter the invasion of privacy.
After the Cambridge Analytica leaks, Facebook has announced that the company will follow Europe’s General Data Protection Regulation everywhere in the world in order to increase privacy and data protection for users.
As far as Cambridge Analytica leaks are concerned, there are also valuable lessons to be learnt regarding the ethics of not only corporations, but also public relations firms hired by political parties for election success. Whereas traditional political advertising requires strategising that considers demographics and viewership or readership numbers and transmits effective messages accordingly, political advertising on social media is fuelled by the detailed personal data of habits and views, which has the potential to be extremely manipulative using detailed psychological techniques. The question is, how ethical is such advertising, and whether or not it should be permissible under the guidelines. The Election Commission of Pakistan should look into this domain.
It is imperative for our laws to keep up with the dynamic changes in technology that enable varied usage of the internet for political purposes, invasion of privacy, and potential manipulation. At the same time, we must be wary of any moves by the state that may compromise our privacy and speech rights under the garb of protection, as has been done by several previous legislations such as the Prevention of Electronic Crimes Act, 2016.