It has been a PR nightmare – there is no doubt about it. Not only that, it is not the first one for Facebook in India. Their Free Basics campaign in partnership with Reliance backfired badly since it was against the principles of the net neutrality campaign. To make matters worse (for them), the telecom regulator ruled in favour of net neutrality.

 To summarise the March 2018 scandal which emerged from a story printed in the New York Times and The Observer (London) revealed that Cambridge Analytica, a British political consulting firm, may have misused data from around 50 million American users to influence elections in the USA – yes the much talked about 2016 one. What’s more, Mark Zuckerberg has owned up and apologised to these.

This week, I am going to take you through how this was an internet security breach, and does it really affect us?

 The Background

 2014: Cambridge Analytica hired Aleksandr Kogan to mine data on voters in the United States on Facebook through a personality test. I know, you are thinking that you are never going to take one of those again!

 This personality quiz was downloaded by 2,70,000 users, but it allowed Kogan to access to not only theirs but their friends’ profiles too.

In short, that’s how Cambridge Analytica got access to the 50 million profiles.

 2015: Facebook cancelled the quiz’s credentials and sought assurances from Kogan that the data has been destroyed. Thus, an internet security breach came to light wherein Facebook had to rely on ‘assurances’ from someone who had information on 50 million users.

 Naturally, the data was passed on to Cambridge Analytica who certainly made full news of it.

 Seeing a flaw in their internet security, Facebook then stopped allowing apps to access information about the user’s friends and has also restricted what can be found out about users themselves.

 The India Story

A lot of people around us are indifferent to this. Don’t believe me? Take a dipstick of your immediate family. You may not think that your folks are the ideal Facebook users, but there are thousands, even millions of them in this country alone.

 Another section says that no, they won’t be deleting Facebook after all. Deleting Facebook means deleting WhatsApp and Instagram too, which roughly translates to your life coming to an end; and that may not even be an exaggeration!

 Also, let’s face it – what other alternative does the market have?

To put things in perspective, did you know that India is the most important market to Facebook – 250 million monthly active users plus over 200 million WhatsApp users and 53 million on Instagram.

 With digital technology and smartphones becoming more user-friendly, we can expect these numbers to grow and how – India will see 100 million new internet users and 250 million smartphone users by 2020 – 2 years from now! Gives you a bit of insight on how Indians communicate, doesn’t it?

In times like we live in, there is a lot of trust we put in our devices and in technology in general – our phones being synced with our watches, bank accounts, credit cards and what not and there is almost nothing that the Siris and Bixbys of the world cannot do.

 But these are just the tech-savvy, do you know something as basic as privacy controls are not something every Indian knows. I am certain you would since you would have at least once, helped a parent, an uncle or a relative with it.

Making amendments:

 So here is what Zuckerberg has shared on how Facebook will be making wrongs right:

• They would conduct an audit of suspicious apps
• Make their privacy policy stricter by limiting user information shared with third-party apps
• Revoke permission to apps that a user has not accessed for three months

 There will, of course, be a separate statement to its users after Cambridge Analytica fiasco.

 What else should they do? Here’s what I found a few experts state in interviews to the Economic Times:

• Sunil Abraham, Executive Director of the Centre for Internet and Society said “Facebook should also ask you every quarter if you want to revoke permission. It’s required in countries where users are naive, unaware and incapable of protecting their own interests.”

• Nayantara Ranganathan, the Programme Manager at the Internet Democracy Project, says, “Privacy policies are tweaked constantly and the changes the companies want us to know about are conveyed through blog posts and such, while there may be changes that we may not be aware of.”
• “Nikhil Pahwa, Cofounder, Internet Freedom Foundation, says, “So often, T&Cs are changed and the company just sends a generic mail to all its users. If they don’t respond, it is assumed they have agreed to the changes. That needs to change.”
• Rama Vedashree, CEO of Data Security Council of India, says, “In markets like India, where millions are just being introduced to the internet, websites may have to look at pictorial representations to explain how user data will be used by third-party developers.”

 Additionally, there is more hope for internet security in India since our country is working on a data protection law, making it more difficult for organisations (like Facebook) to get an away with security lapse (again, like Facebook).

In summation, it is only a matter of time till we find out what Facebook would have to say about the Cambridge Analytica debacle.

 Until then, I would only like to say this much – whether you feel outraged or don’t, indifferent or numb, remember internet security is everyone’s business – and one not to be taken lightly.

 You may choose to delete the three apps (yes, all three) for good or you may choose to forgive and forget, do not let anyone take your (online) life for granted.

On a lighter note, as an Indian, I can’t help but wonder about the whole Aadhaar fiasco and now this one if our lives (virtual or real) are really that accessible!