Facebook Data Privacy, Protection and Security Concerns

• • • |

Data privacy is a global issue. As the world gets more connected, data privacy, protection and security concerns are gathering greater attention. It is concerning to observe that organisations are falling behind in their efforts to protect the privacy of users’ personally identifiable information (PII). In this article, we will provide a summary into the recent Facebook data breach and how Alyne can help global companies respond to increasing privacy, protection and security threats.

Facebook Data Privacy Concerns

As the world gets more connected, data privacy concerns are gathering greater attention. Today, users of the internet value the protection of their Personally Identifiable Information (PII), which they share on the virtual space. As a result, it is becoming imperative for organisations to embed data privacy policies throughout their organisation in order to gain trust and credibility with their customers.

How Facebook Protects Customer Data Privacy

Social media giant Facebook celebrates Data Privacy Day on 28 January every year, as part of a global effort to promote awareness around data and privacy. However, it appears that the social media giant has not provided sufficient privacy assurance for its users. In recent years, there have been multiple Facebook data breaches that have leaked the information of millions of users, putting them in a vulnerable position.

Timeline of Recent Facebook Data Breaches

  • 2019

The data breach was discovered by Bob Diachenko, a cybersecurity expert. It was reported to be caused by a Facebook API abuse or an illegal scraping operation by malicious hackers.

  • 2020

In July 2020, Facebook admitted to sharing user data with at least 5000 third-party app developers, even after the expiry date of data access authorisation.

  • 2021

In April 2021, more than 533 million Facebook users suffered from a data breach. In this incident, personally identifiable information of users were exposed and leaked online. This includes their full name, date of birth, gender, email address, phone number. It was also reported by BBC that The Irish Data Protection Commission will be launching an investigation into the data leak.

What does this mean for you as a consumer?

Being a social media giant, with more than 2.27 billion active users, casts Facebook into the spotlight for hackers and cybercriminals. To avoid being a target for crippling security breaches, it is critical to adopt a systematic and structured approach towards cybersecurity, to prevent and mitigate data breaches where cybercriminals infiltrate data source(s) and extract confidential information. Despite the fact that waves of malicious activities and compromised databases are on the rise, it is imperative that you, as a consumer, take a precautionary stand to practice cyber awareness in order to ensure your data security.

As a consumer, this is what you can do to keep your PII protected and secured:

  • Limit sharing of PII online.

  • Regularly check data protection policy that includes privacy and security settings for updates.

  • Enable two-factor authentication for an added layer of security.

What does this mean for Facebook?

With millions of PIIs being leaked and exposed earlier this year, this is definitely a cause for concern among privacy experts. In a statement, The Irish Data Protection Commission has mentioned that it was “of the opinion that one or more provisions of the GDPR and/or the Data Protection Act may have been, and/or are being, infringed in relation to Facebook users’ personal data.” While the Commission is still investigating if Facebook is in compliance with GDPR, especially with its processing of personal data and personal information protection, it can be concluded data privacy is indeed a cause for concern in this day and age.

Europe’s General Data Protection Regulation (EU GDPR)

Europe’s GDPR went into effect on 25 May 2018 with the main purpose to implement consistent data protection rules across Europe. This applies to all organisations that process personal data from EU individuals. Failure to comply with GDPR can result in significant fines, up to 4% of global annual revenue.

How can Alyne help your organisation with Data Privacy?

Across the globe, many individuals and businesses have been using Facebook as a way of communicating with the masses. As more businesses venture into the virtual marketplace, it is not uncommon for them to engage third parties such as Facebook to process sensitive data such as PII. As a result, this means businesses are often subjected to constant regulatory change and elevated consumer expectations with regards to data privacy and data protection.

Alyne’s Controls help businesses obtain a transparent view of the privacy health of these 3rd parties and ensure appropriate measurements are in place. At the same time, our Control Framework can help businesses measure the posture of their own privacy framework and reduce the risk of a data breach (like what happened to Facebook).

Alyne offers a streamlined approach that effectively reduces the logistics and administration involved in coordinating internal stakeholders. At Alyne, we offer an instant, real-time and transparent view of the privacy health of these third party vendors and ensure there are appropriate controls in place to process their PII.

Within Alyne, we have dedicated Controls mapped to standards, laws and regulations such as EU GDPR, UK Privacy Act and many more. These expertly curated Control Sets address topics such as Data Loss Prevention, Data Protection and Data Privacy.

Alyne’s highly scalable Assessment templates empower business leaders to assess their data privacy baseline at scale and analyse deviations in relation to the desired maturity. More importantly, Alyne’s Assessments provide you with a clearer summary of areas that require additional focus and investment to improve privacy and security measures.

Alyne’s Radar Diagram Reports provide a clear, intuitive visualisation of expected vs assessed maturity results that offer strategic actionable results such that your organisation reaches its desired level of security quickly.

Alyne’s solution guides your organisation to easily protect and enhance your data privacy and data protection capabilites while meeting the requirements of EU GDPR, UK DPA, USA CCPA guidelines.

Contact our team to learn more about Alyne’s capabilities.