Many of you will be aware that we were meeting Facebook this morning to discuss ongoing issues regarding Facebook and Cambridge Analytica.
I can confirm that ISBA have had a constructive and challenging meeting with Facebook. We welcome the steps they have announced over the last few days to move fast and address public and advertiser concerns.
These steps can be summarised as the following:
- Review our platform. We will investigate all apps that had access to large amounts of information before we changed our platform in 2014 to reduce data access, and we will conduct a full audit of any app with suspicious activity. If we find developers that misused personally identifiable information, we will ban them from our platform.
- Tell people about data misuse. We will tell people affected by apps that have misused their data. This includes building a way for people to know if their data might have been accessed via “thisisyourdigitallife.” Moving forward, if we remove an app for misusing data, we will tell everyone who used it.
- Turn off access for unused apps. If someone hasn’t used an app within the last three months, we will turn off the app’s access to their information.
- Restrict Facebook Login data. We are changing Login, so that in the next version, we will reduce the data that an app can request without app review to include only name, profile photo and email address. Requesting any other data will require our approval.
- Encourage people to manage the apps they use. We already show people what apps their accounts are connected to and control what data they’ve permitted those apps to use. Going forward, we’re going to make these choices more prominent and easier to manage.
- Reward people who find vulnerabilities. In the coming weeks, we will expand Facebook’s bug bounty program so that people can also report to us if they find misuses of data by app developers.
It is clear from our meeting today that this is a priority for Facebook and that they now have a lot of work to do as they commence and conduct their forensic audit. Facebook have committed to work closely with ISBA to share developments and actions from this audit as and when they occur.
MEETING FOR ISBA MEMBERS
Facebook has offered to meet face to face with our members and we welcome their openness and willingness to do this. Please advise Claudia King (claudiak@isba.org.uk) if you wish to attend this meeting and we will confirm details in due course.
This issue is a key priority for us and we are committed to keeping up the pressure on Facebook to deliver clarity and action. We have agreed with them that we will have regular and open dialogue to achieve this.
This situation has brought into sharp focus how important the introduction of the General Data Protection Regulation (GDPR) is. Ensuring you are compliant and have your customer data in order is something we urge all our members to focus on as a priority.