Just another crisis or one scandal too many for Facebook? Having already been accused of spreading fake news, the world’s biggest social network will struggle to escape from the media storm that has been battering it since mid-March without making any concessions. The revelations surrounding Cambridge Analytica’s siphoning off of its users’ data and the fact that it may have been used as part of Donald Trump’s online campaign have taken a heavy toll on the stock’s share price.
Facebook claims to be, “shocked at having been tricked.” The first statements by Mark Zuckerberg, the social network’s founder, were not enough to stem an unprecedented loss of trust. “We have to make sure that there aren’t any others like Cambridge Analytica out there.” So said Zuckerberg, who had been subpoenaed to explain himself before the US Congress, and the European and UK parliaments. In a fire-fighting effort, Facebook will surely have to be more transparent with its users about what happens to their personal data and could, in the longer term, find itself under closer scrutiny. “This situation is extremely serious and has taken on such a magnitude that special regulation has probably become necessary,” Apple CEO, Tim Cook, commented.
The Cambridge Analytica affair has thrust the questions raised about the exposure of our private lives on social media and on the Internet more generally back into the spotlight. Whether we are aware of it or not, by spreading snippets of personal information each time we go on the Internet, or when we are in contact with a device connected to it, we expose ourselves to potential traps.
“The new electricity”
Today, data forms a central part in how our societies and economies function. This means they are one of the most prized resources of the twenty-first century: “data is the electricity of our new economy,” as Cambridge Analytica’s whistleblower at the centre of this storm put it. The more artificial intelligence programs and computers improve their performance, the more our societies will generate data and the more interest in this data there will be, which will multiply the beneficial opportunities (such as medical research and new services), but also the potential for intrusion and malicious use; one only has to look at how many recent votes – such as the US or French presidential elections, or the Brexit vote – have come under intense scrutiny about whether opinion was manipulated by outside influence.
In these sorts of environments, the protection of personal data is a crucial issue. According to the CNRS (French National Center for Scientific Research)’s definition, this protection should be regulated by seven key principles: finality; proportionality; relevance; limited conservation of data; security and confidentiality; transparency; and the respect of individuals’ rights. In the United States, the industry – whose value is built on exploiting this data, such as Facebook with its vast pool of two billion users – has grown up sheltered from self-imposed charters and without any real institutional safeguards. In Europe, in contrast, the abuse of personal data is taken extremely seriously, as witnessed by the EU’s General Data Protection Regulation (GDPR) that is set to come into force in May 2018. This Regulation is designed to reinforce individuals’ rights (such as the right to access their data, the right to be forgotten and data portability), while making businesses responsible for the data they collect.
Founding values in Switzerland
If there is one country that cares about confidentiality more than any other, it’s Switzerland, which has made it one of its founding values. As proof that Swiss society remains viscerally attached to respecting people’s private lives in a world that is subject to what commentators deem to be a “dictatorship of transparency”, political authorities have, after intense debate, come out in favour of maintaining banking secrecy for Swiss clients, after having had to withdraw it for foreign clients.
This dichotomy rests on two apparently contradictory imperatives, which today find themselves juxtaposed in the private banking universe: transparency and data protection. On the one hand, in an effort to get ready for the automatic exchange of information, banks agreed to make massive investments to meet their data collection obligations to the tax authorities. Regulatory obligations regarding the information banks hold on their clients also apply to the harvesting information, which ranges from where their wealth comes from to their risk perception and their financial knowledge. However, on the other hand, banks have never made such a financial and material effort to guarantee the integrity and protection of their clients’ data.
So is this a paradox? Not in the slightest. Whereas Facebook’s business model is based on the monetisation of its users’ data, a private bank’s raison d’être is exactly the opposite, namely its ability to guarantee – within the law – the confidentiality of the data that its clients entrust to it. In a world in which an increasingly large amount of personal data is being collected, compiled and monetised, data protection is once again becoming an increasingly valuable commodity, more valuable even than the data itself. The discussions surrounding the defence of individuals’ private lives, as well as the regulation of big data and its practices, still find themselves centre stage.