What #DeleteFacebook Teaches You about Staying Safe on Social Media
By Aditi Bhat
Christopher Wylie made an incredible revelation last week that shook the world of data science and social media. The revelation? Cambridge Analytica, a data analytics firm that worked for the election campaign of Donald Trump accessed data from millions of Facebook profiles in the US, resulting in one of the biggest data breaches ever revealed. Using the personal information of these Facebook users, they allegedly built a software program that influenced the elections.
As a big data analytics firm, Cambridge Analytica had some moral and ethical responsibilities to protect the data they harvested from the users. The breach negatively affected Facebook leading to the #DeleteFacebook Campaign. For a data scientist, the campaign can be looked as a learning curve and a lesson to define the ethical code of conduct.
Three things a data scientist can learn from the campaign
1. With great power comes great responsibility
Data is without a doubt the new world's power. Every organisation and industry has realised that the only way they can run their business effectively is through harnessing data and understanding specific patterns. The bigger the company, the larger and more complex the data they deal with. But with great data comes great responsibilities. If used correctly, this can revolutionize businesses. However, if misused, it would be a disaster for the business and for the trust between the company and its stakeholders.
Source: Keep Calm-o-Matic
Citing an example of the recent #DeleteFacebook controversy, Cambridge Analytica had some ethical and moral responsibility to protect the data obtained. It included not creating software to influence and predict choices during elections. As a big data scientist, the most important aspect of your big data training should be ethics training. You must be consciously aware of your duties towards your employer, regulators and users who both provide and use your data.
2. Set clear data mining boundaries
Data mining should be limited to collecting data, which is truly necessary for the organisation's growth. Irrelevant data only makes the data analysis process complicated and increases the risk of data breach. Having lots of data doesn't necessarily mean that you can process and synthesize all of it for the company's progress. If you can expertly create the model and give results by using only 100 data points, the data mining process should stop there.
Source: Towards Data Science
It is also vital that the data mined is aggregated to protect the private information and to encourage transparency within the organisation. The #DeleteFacebook campaign is the recent example of how a big company like Facebook, which collects the most private user information can be negatively affected by the incorrect use of data mining, even by third parties. Had the social media giant worked on the principle of minimal data collection, the data breach may have probably never taken place.
3. Always have a Plan B
Every time you open your phone with an active internet connection, you give away a little information about yourself, which is used by applications and the websites. Following the ethical code, every company always tries to protect user data, primarily so that sensitive information is not exposed. However, there is no saying what can happen in the future. Even Facebook wasn’t aware that Cambridge Analytica was using its data unethically. When the news broke out, Facebook lost around $42 billion in valuation in a single day.
As a data scientist tasked with user data, it is crucial that you have a Plan B in case of a data breach. Chart a data breach response plan to limit possible damage. Apart from having technical guidelines in place, you would need to involve operations, public relations and administration teams to help guide the company through the crisis. The plan must be run through simulations and made foolproof for every scenario.
Arm yourself with a clear vision and goal, educate yourself on your responsibilities and authority as a data analyst and execute the plan to ensure that you achieve zero tolerance for data leakage.