The news that Cambridge Analytica harvested data on millions of Facebook users and used it for political purposes has caused many people to declare that they are “deleting Facebook.” I support this choice and believe there is a lot of personal benefit to those who do that, but even though I care deeply about data privacy, I will not be deleting my Facebook account.
I started writing about third-party data privacy (the risk that your personal data will be used by someone you didn’t intend to share with) in graduate school, well before anyone outside of Harvard had heard of Facebook. The only thing that surprised me about the Cambridge Analytica news is how long it took to get to a point that data was used by a third party in a way that outraged people.
When I joined Facebook I knew I was giving up control of the data I put there. I tried to minimize the risk by regularly checking my privacy settings (because the options can change), being mindful of what I post, and limiting connections to other apps.
Facebook, and everything else I do online, is a risk decision. I use Facebook because it allows me to be a part of communities that largely do not communicate elsewhere and to communicate in ways I largely can’t do elsewhere. I’m not saying I value those connections more than I value my privacy, but I try to strike a balance that feels right for me.
One reason I’m not deleting my Facebook is that I don’t want to lose the connections I have with people there. The other reason is that I see the futility of it. Even if all of us quit Facebook it will not save us from the next Cambridge Analytica scandal; our exploited data will just be harvested from somewhere else. Remember the Equifax data breach? Millions of people’s personal data was stolen from a company that we do not have the privilege of deleting our accounts on. And they are not the only ones who have vast amounts of our data.
Individual choices can help minimize some privacy breach scenarios, but true data privacy needs to come from better regulations. It also relies on the creation and widespread use of easy to use privacy-enhancing technologies. We need to elect politicians who understand technology (or are willing to listen to those who do), who understand that creating backdoors for law enforcement means there will be backdoors for everyone. We need to stop saying that you don’t need to care about privacy if you don’t have nothing to hide. (Here are five retorts to that argument.) We all have the right to not be judged or manipulated by people using data we never wanted to share with them. We all have the rights to our stories.
Delete Facebook if you want, but remember that posting information anywhere on the internet always takes some aspects of its protection outside of your control no matter what your privacy settings may say. Think of what possible consequences may come from what you share (or store) online, and determine whether you are comfortable with that before you upload. And, yes, do check your privacy settings on Facebook and elsewhere. This Twitter thread from the Electronic Freedom Foundation (EFF) includes a lot of useful tips on how to improve your privacy on Facebook and other apps.
- Why it’s bad Congress voted to remove internet privacy protections
- Five reasons you should care about privacy