The Facebook Privacy Issue And Compromises
$5 billion, that is a huge sum of money for anyone who reads this hackercombat.com article. An amount of money that is so huge, you can buy a dozen car every day for many decades to come, but will never break your bank if you are Facebook. Yes, $5 billion in fine is what Facebook has to pay the federal government as a penalty to its various privacy violations through its many years of operations. But unlike you and me, Facebook is a tech giant which has deeper pockets exceeding many of the member countries of the United Nations. In fact, Facebook with all its portfolio of businesses like WhatsApp, Instagram, and Messenger can afford it. $5 billion is just 9% of Facebook’s revenue for 2018.
New policies will govern how Facebook will treat the 3rd party developers of its platform. User data should not be accessed by people outside of Facebook’s chosen people that need to have accessibility as part of maintaining the infrastructure. Facebook has an extensive database of real-life faces of people that submit their pictures, and this database should not be abused by anyone, not even Facebook staff themselves. Facebook is also banned by the U.S. government to use mobile numbers as part of 2FA (Two-factor authentication) and also use the same for something else. The sign-in system for the social media site needs an overhaul, as Facebook is restricted from using email addresses from non-Facebook sites to be used as the login name for Facebook accounts.
Though we have not mentioned any disclaimers from Facebook that they don’t encrypt passwords, they have admitted previously that a certain number of their users had plain text passwords stored in the database. Such procedure breaks the long term understanding of security that requires passwords to be encrypted when stored in a database. To allow the company to fulfill all its commitments, Mark Zuckerberg and the rest of the board are planning to create a “data privacy” committee that will handle issues that rocks the company for the last 24-months.
Members of the committee on data privacy have powers beyond Zuckerberg, in fact, he cannot dismiss them at will. The CEO’s reputation is on the line and will be the primary defendant of a case against the company if the social media giant failed to comply with its privacy commitments. The Federal Trade Commission and its independent assessor partners will receive immediate notification from Facebook about its data privacy initiatives. FTC and the assessors will review Facebook’s policies, and the submission is compulsory, once every two years.
FTC will not treat Facebook with kid gloves, in fact, the commission compels the social media giant to immediately report any user information compromise of even just 500 users. The company also needs to inform the authorities within 30-days of the incident for proper documentation and assistance of the state. Once the incident has been reported, every 30-days, the law enforcement agencies, and FTC need to receive updates from Facebook. This continues until the data breach is finally resolved.
Julia Sowells946 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.