The unethical exploits of Cambridge Analytica and Facebook's gross negligence when it comes to handling user data has caused the social media giant's stock to plummet. At last count, the company had lost over $40 billion in value.
This is all well and good, but the bottom line is just this: Facebook collects an inordinate amount of data on you and freely shares this data with virtually anyone who asks.
The most recent reports indicate that Cambridge Analytica alone managed to access the private information of over 50 million individuals on Facebook. Better yet, the company claims that it uses data "to change audience behaviour".
Cambridge Analytica did this by taking advantage of a loophole in Facebook's policies around 2014. Essentially, the company Cambridge Analytica hired would run a poll via a Facebook app and then extract as much data as possible from the people who participated in the poll, and from their friends.
As The Guardian explains, this mechanism allowed Cambridge Analytica to amplify its reach by 150x. It took a whistle blower named Christopher Wylie to bring Cambridge Analytica's misuse and Facebook's negligence to the fore, and since then, Facebook has been scrambling to limit the damage.
Their strongest argument right now is that "user data wasn't breached", which is an entirely specious argument. Incidentally, this is a favourite refrain of our very own UIDAI, who also refuse to acknowledge the damage that a loss of privacy entails. Even if the core database wasn't breached, user privacy was compromised and that private data badly misused.
For all intents and purposes, Cambridge Analytica acquired sensitive user data via Facebook and used that information to manipulate people.
The only questions right now are whether Cambridge Analytica did so illegally and whether Facebook did enough to protect, or whether it's even capable of protecting user privacy.
The loophole used by Cambridge Analytica was patched in 2015, shortly after the misuse was discovered by Facebook. However, Facebook only had Cambridge Analytica's word that the user data so obtained was destroyed in 2015.
While apps on Facebook today cannot share as much data as they could before 2015, they do still collect a lot of information that you may not even be aware of sharing.
Sure, these apps can serve you better ads with that data, but what's the guarantee that they're not misusing it? While Facebook lets you limit the amount of information shared with an app developer, and even revoke access at a later date, there's no guarantee that the app developer will delete the information already harvested.
What can you do about it?
Short of deleting your Facebook account, the best thing to do is to review your 'App Setting'. This will first give you an overview of apps that have access to your data. If you don't recognise an app, simply revoke access to it by clicking on the 'x' near its name.
If there is an app that you can't live without, click on the edit button next to the app and review the permissions it has and the data that it collects. Most often, apps only need your public profile information (photo, name, age). Access to your friends list, email ID, location data, messaging information, etc. should be revoked unless the app specifically needs that data to function.
Since you're already in the Settings page, we'd recommend that you also review the 'Apps others use' section. It's via this section that Cambridge Analytica gained access to so much user data. This section now limits the data that's shared, but it's best to review it anyway.
'Apps others use' defines the data that your friends inadvertently and unknowingly share on you when they use an app that asks for access to the Friends List.
If you're feeling particularly secretive, you can also head to the ads section and limit the information shared with advertisers. Facebook gives advertisers information like your marital and relationship status, the name of your employer, your job title, etc., on top of the information on your preferences, likes and dislikes.
Of course, you can go the whole nine yards and simply pull the plug on your Facebook account, but that's not always a viable option in this day and age. And besides, unless you shun the internet entirely, there's no way that someone else won't misuse your data.
Facebook is only the company that got caught.
Do you really know for sure what Google, Snapchat and Twitter are doing with the data they're harvesting?