Facebook must be held responsible for data mining | Navneet Alang

Facebook’s misuse of my personal information has caused me pain. In 2014, I received my mobile phone and, having received no notification from the mobile network, I became concerned that my social media accounts…

Facebook must be held responsible for data mining | Navneet Alang

Facebook’s misuse of my personal information has caused me pain. In 2014, I received my mobile phone and, having received no notification from the mobile network, I became concerned that my social media accounts on my mobile phone had been hacked. I urgently checked my account and discovered that my personal data had been accessed and my photo’s had been posted without my consent.

I rang Facebook immediately, but because my phone number did not match my details (I was actually a couple of numbers down), I had no way of contacting the company to confirm my mobile phone was indeed in fact hacked. I was horrified. This wasn’t a simple system data breach – it was one that allowed hackers access to my personal data without my knowledge.

Everything you need to know about the Facebook privacy scandal Read more

Facebook, as a dominant part of the online industry, was complicit in allowing data harvesting on customers. There are approximately 500m Facebook users around the world. So, even if, on the total number of users, 200m people had not deliberately given up their private data, a fraction of that group would have still inadvertently allowed their information to be accessed and used against them. An exploit in Facebook’s API was used to trick users into giving up information, which was then used to mine their data for other data. This seemed like a clear criminal action, but Facebook chose to treat my detailed situation as an isolated incident rather than treating it as part of a much larger scheme.

I did not report the incident to Facebook. I have only recently begun making a detailed account of my experience and have come to the conclusion that my disclosure was never collected, and only minimal details that were taken should have been kept. Facebook has attempted to convince me that the information that was stolen was deleted. However, in my case, that was not the case. What my data was lifted from was not even remotely personal information about me, just three numbers I had not opted into uploading – my phone number, my address and my name.

In 2017, again, I contacted Facebook about the Cambridge Analytica incident and was told that my data had not been mined and that any data that was harvested was encrypted. My data had not been misused by Cambridge Analytica. However, in my experience, not only were the Facebook systems in place for the Cambridge Analytica data mining susceptible to my personal data having been extracted from it – the company seemed aware of this very fact. They could not have simply deleted my data as they claimed. The only way I could have avoided having my data extracted was to have the same phone number used by both parties.

• Navneet Alang is a Guardian writer on ethical issues

Leave a Comment