Last week, news broke that the shady British company Cambridge Analytica harvested 50 million people’s Facebook data and used it to create psychological profiles to target users with ads intended to influence their voting behavior. The scandal caused a huge outcry against the company, which was already under fire for its role in the 2016 election, and spurred many users to question their trust in the company.
On Wednesday, Facebook CEO Mark Zuckerberg issued an apology for the “breach of trust.” He proposed a few changes, including creating a tool that would sit at the top of your News Feed to show you the apps that have your data and how to revoke their access to it. It’s certainly a first step, but questions remain: Is this a problem that will ever be solved, when it’s become increasingly clear that users’ interests and Facebook’s interests are at odds. How could Facebook change its platform to give users more control of their data, and possibly rebuild trust among its user base of 2.13 billion people?
Co.Design posed that question to four experts this week. Their answers underline how Facebook could rebuild trust with more ethical design–but even that may not fix its most fundamental problem.
Create An Easy, One-Click Data Download
“Currently the way the Facebook platform is designed, it’s hard to even figure out where to go to access data. With one click, users should be able to download their data and delete their data. The ability to remove all traces of yourself and have access to what the company has on you should be built in a priori. That’s what many people are calling designing for trust.
“I think Facebook and companies like it should all move toward a place of GDPR compliance [a strict set of EU regulations that provide extensive data protections]. What that means is Facebook and many platforms like it were not built in their infancies from a place of data sovereignty and user access. We’re entering a new regime and paradigm where this is not only going to be required by law, but as we’re seeing, the public is demanding it.” –Regina Flores Mir, co-creator of the extension Data Selfie, which gives you an easy way to see what data Facebook has on you
While Facebook does have a way for you to download all your data, under the settings page, it is not easily accessible. Those who have downloaded their information have found that Facebook has extensive call logs, metadata about text messages, and a historical record of all phone contacts. You can manage these settings in the app’s settings, but there is no catch-all way to delete this data.
Provide Real Transparency About Who Has Your Data–And What They’ve Done With It
“One radical step in the right direction would be for Facebook to be completely transparent on a human level about its data collection and algorithmic content. They could allow users to audit every entity (advertisers, apps, etc.) that has ever had access to their data and provide a plainly worded explanation for why a certain ad or newsfeed item is being displayed.” –Charles Broskoski, cofounder of the social networking site Are.na
Design Reminders About Apps, And An Easy Way To Delete Them
“I think that Facebook could go a long way toward helping rebuild user trust if they were more proactive about telling users who’s accessing their data through the Facebook platform. Most people think about the privacy of their data in terms of what they share on their feed, and Facebook encourages this: ‘Privacy’ settings focus on posts, friends lists, and their visibility to ‘Friends’ or ‘Friends of friends.’ The API access information, which is at the center of the recent controversy, is hidden under ‘Apps’ settings. If you’re concerned about your privacy, chances are you aren’t going to go looking at the settings under ‘Apps’!
“Aside from reorganizing settings to put some information about the API under Privacy, Facebook could also put information in your feed. They already put some security and privacy notices in users’ streams, which is great. They could be more aggressive about surfacing API-usage information in a similar way. For example, if you’ve given three apps permission to see your data, maybe you’d get a reminder containing those three apps’ names once a quarter, with the option to remove access. Maybe if an app suddenly accessed a bunch of people’s information, or seems to be downloading lots of user data, maybe Facebook adds a post to your stream notifying you of this. If enough people flag it as a problem, that should trigger an investigation.
“In the past week I’ve heard of people checking their App settings and being surprised to find things that they authorized years ago are still active and able to harvest their information. A good first step for Facebook design would be to find ways to prevent people from ever getting in that situation by creating mechanisms for better user oversight.” –Sara Sinclair Brody, executive director of the nonprofit Simply Secure, which supports the development of privacy-first, ethical technology
Add Friction To The Process Of Giving Away Your Data
“I believe that Facebook needs to rethink how people make meaningful consent on the platform in a way that reinforces that it’s people–and not the platform–who own their own data. As the GDPR comes into effect in the EU, we’ve been talking a lot about privacy by design and designing with friction. For Facebook, that might mean changing the process people go through to give third-party apps permission to their data. When I’m installing a third-party app, I’d want to walk through each user permission one by one, and understand clearly how each piece of data will be used by the app. It would mean that there would be a lot more friction to installing third-party apps, but I believe that meaningful consent is absolutely critical to making the platform more transparent.” –Rebecca Ricks, a Ford-Mozilla Open Web fellow who works at Human Rights Watch and researches online privacy and internet freedom
. . . But Facebook Must Address The Real Problem
Ricks pointed out that while Facebook can and should make changes to its user interface, it has a far more fundamental problem: a business model that relies on capturing huge amounts of user data:
“In my opinion, the biggest issue that Facebook needs to address is its business model that relies on data surveillance,” Ricks says. “Facebook is one actor in a complex web of data brokers, digital services, political organizations, social platforms, and financial institutions that have profited off the mass exploitation of people’s data. Until that changes, I worry that Facebook may just be making cosmetic fixes to its platform.”
And for Broskoski, the company’s surveillance business model is the primary reason for its design–and why superficial fixes to the interface won’t necessarily change the dynamic between the company and its users:
“Facebook’s design is motivated by their business model, not their users’ needs,” he says. “It will be almost impossible for Facebook to design their way out of the current fiasco as long as their primary incentive is to sell people’s attention and information to advertisers. Facebook’s leadership would have to completely restructure the company in order to focus on users’ aspirations, interactions, and well-being.”