#DeleteFacebook Isn’t About Data Security

Reading Time: 3 minutes

In the wake of the Cambridge Analytica scandal, Facebook might actually be in trouble. The #DeleteFacebook hashtag is trending, and it’s seen some unlikely contributors, like Blink 182 singer Mark Hoppus, and Brian Acton, the co-founder of WhatsApp, which was itself sold to Facebook. Meanwhile, Facebook stock has dropped by 10% this week so far. The FTC has announced that it’s opening an investigation into Facebook’s business practices, to determine whether Facebook violated its user agreement, an infraction which would come with a hefty fine. Mark Zuckerberg hasn’t made a public statement about the matter yet, but he’s been summoned by the UK Parliament. The bad news keeps piling up.

The obvious question is whether Facebook will survive, after whatever punitive measures are dispensed. And, while it’s possible that it won’t, it’s difficult to imagine how its extinction would come about. Its users could always leave, but there’s very little individual incentive to do that, and, given that a third of the world uses Facebook, getting everybody to quit would represent a massive coordination problem. Therefore, unless Facebook is banned outright, or somehow sued into oblivion, it seems likely that it will persist, if in some sort of regulated or otherwise curtailed form.

The less obvious question is: why now? This is by no means the only data scandal that Facebook has been embroiled in. Any intelligent consumer of digital media knows very well that Facebook is harnessing their personal data, and that such data has been treated carelessly before, and used for somewhat nefarious ends. Probably the most striking example came in 2014, when PNAS published a study by researchers who quite literally played with the emotions of Facebook users to find experimental evidence of Internet-based emotional contagion. More recently, earlier in March, it was revealed that Facebook’s researchers had told advertisers that it had figured out how to identify whether its teenage users were feeling desperate or depressed—and that this could be worthwhile marketing data. Given all of this, it’s clear that data security isn’t the primary force driving #DeleteFacebook.

It’s much more plausible that what’s behind the media conflagration isn’t data security itself, but rather the involvement of Donald Trump. Some have claimed that Cambridge Analytica was responsible for Trump’s election, having provided his campaign with personal data about voters that (maybe) offered unprecedented psychologiccal leverage, revealing which precise people could be viably targeted by propaganda. If you’re anti-Trump, and you believe this, then your beloved social network has unwittingly engaged in a large-scale erosion of democracy, which is to say, a technologically-driven coup by a candidate you don’t like.

This may not even be the case, by the way. The person who’s most loudly proclaimed that Cambridge Analytica was responsible for the election’s outcome is the now-suspended CEO of Cambridge Analytica, Alexander Nix. Ted Cruz’s campaign hired Cambridge Analytica, obviously didn’t win the election, and, as David A. Graham of the Atlantic reports, “found that CA’s products didn’t work very well, and complained that it was paying for a service that the company hadn’t yet built.” Corroborating this view is Kenneth Vogel, a New York Times reporter from their Washington Bureau, who recently Tweeted that Cambridge Analytica “…was (&is) an overpriced service that delivered little value to the TRUMP campaign.” He went on to claim that campaigns only signed up to secure access to the Mercer family—a rich line of big-time Republican donors—being that they’re major CA investors.

To sum up: Cambridge Analytica is only one of many organizations which have used personal Facebook data in a sinister manner, and its use of that data might have actually been inconsequential. If this is the case, #DeleteFacebook offers a clear lesson to tech companies, which is that it’s not actually important whether your product or service unscrupulously surveils its users. It’s more important to ensure that your company doesn’t give its data to anybody particularly unpopular, especially if they end up getting elected. If you sell your data to relatively unproblematic clients, you’ll probably be okay.

Explainer: VPN Shutdown

Reading Time: 3 minutes
Dimitry B. Flickr manoeuvre (CC BY 2.0) – The view of Pudong, Shanghai

To call the Chinese government approach to the internet ‘hands-on’ might just be an understatement. The ‘Great Firewall of China’ is widely reckoned as one of the most wide-reaching examples of internet regulation, with control so great censors censors can now block messages server-side (a feature The Register reported had been used in the wake of Liu Xiaobo). Now, the state is turning its immense digital firepower on to virtual private networks (VPNs), the secure connections which offer users anonymity and obscure their IP address.

The country has long held that accessing banned sites (a mixture of major Western and domestic sites which are classed as ‘seditious’) even by VPN was a crime. The latest decision (set to kick in early next year) is to ban all personal VPNs. At the same time, it will limit corporate access to VPNs, giving state oversight of the connections. The government’s decision is a significant one, both for politics and business.

Amongst the suggestions for the timing and motivation behind the manoeuvre came from reporting on the earlier decision to ban encrypted messaging system WhatsApp – a desire for censors to impress Communist party elites ahead of a major reshuffle. Similar motivations might explain why the Chinese government put pressure on Apple to remove VPN apps from their store earlier in the month. On the other hand, this fits a broad pattern which the internet censors have taken to slowly tighten up restrictions. Whilst often more subtle (essentially denying users access in such a way that it is not clear what they are missing), the loophole which VPNs offer is clearly a significant one.

There are economic implications to the decision as well. VPNs, as a method of secure communications, are a fixture of corporate life. The Chinese government’s coming crackdown may not be targeted at businesses, but it remains unclear what status companies (both domestic and foreign) will have. It appears that the level of security and anonymity offered by the VPN will be essentially traded in for connections heavily policed by the state.

That being said, there is one apparent beneficiary of the artificially limits on accessing foreign websites: China’s own tech industry. Already, giants like Alibaba and JD.com have succeeded in carving out massive e-commerce industries (China providing the largest percentage of online sales this year, overtaking America). Whilst in the long – or even medium – run, we’re likely to see these turn out to be giants with feet of clay, heavier policing on VPNs at least secures their position in the Chinese market against potential outside competition.

That’s not to say that Facebook and other Western websites won’t continue trying to access the Chinese market, as the case of ‘Colorful Balloons’ shows. It’s a ‘stealth app’, essentially a clone of Facebook’s Moments app with the logo sanded off and accessible through WeChat, the primary Chinese messenger service. 

Colorful Balloons has not been a rousing success, as Quartz reported – probably both because the team behind it went out of their way to keep it nondescript, and also because Weibo, the primary Chinese social media site, is an entrenched alternative. Still, whether the coming VPN crackdown might encourage other Western tech companies to invest in stealth apps in order to keep a more legal foothold in China remains unclear.

China isn’t the only country to realise the advantages of banning of VPNs of late. Russia’s law against Virtual Private Networks and attempts to hide users’ identities, will come into effect in November. Whilst the Kremlin was quick to deny this would affect law-abiding citizens, the situation presents the same problems for foreign businesses and local residents alike. Whether other heavily policed states, such as Iran, close the loophole of VPNs, is conjecture for now – but it’s hard not to imagine that they are watching.