Security analysts express justifiable skepticism of Zuckerberg’s claim to suddenly care

Did you hear the one about the company that notoriously abused its customers’ private data for years, then suddenly started claiming that it’s all about privacy? It’s no joke, and far from a laughing matter for consumer privacy advocates.

Facebook CEO Mark Zuckerberg recently announced that his company would begin encrypting private messages on its soon-to-be-consolidated three messaging platforms: Messenger, Instagram, and WhatsApp. Zuckerberg went further, positioning the move as symbolic of Facebook’s new commitment to protecting user privacy.

If you’ve been following the news for the past year, you can be forgiven for rolling your eyes.

Surveillance is Facebook’s Business Model

For starters, the essence of Facebook’s business model is collecting your detailed personal information, then selling what it learns to its advertisers so they can more effectively target ads at you. In a nutshell, you are Facebook’s product, not its customer. Many consumers still have no idea that this is what they consented to when they clicked on Facebook’s EULA.

But the headlines over the past year paint an even bleaker picture of Facebook’s casual, profit-driven disregard for its users’ personal data. Consider:

  • Cambridge Analytica’s improper harvesting of the personal data of 50 million Facebooks users to target political ads
  • A bug that made public the private posts of 14 million users
  • A security breach that exposed the personal information of 15 million users
  • The revelation that Facebook collected text messages and phone call records through smartphone apps without user consent
  • Another revelation that Facebook continued to sell user data to third-party app developers long after its leadership claimed to have stopped
  • And just this week, news that without consent, Facebook was selling the mobile numbers of users who had subscribed to two-factor authentication, with no way to opt out of it.

In short, Facebook has abused the privacy rights of its users again and again, then made an ongoing, concerted effort to stonewall anyone inquiring into its missteps.

If reading Zuck’s statement that, “Never mind our history, we’re all about privacy now, honest!” made you spit out your coffee, you can be forgiven. Facebook has long prioritized its own profits above user privacy concerns and judging from its recent booming stock price and impressive financial results, that strategy is working.

Consolidating Assets

There are good reasons for Facebook to consolidate its messaging platforms that have nothing to do with privacy, like reducing its platform infrastructure and operating costs. The proposed message encryption may protect user conversations from prying third-parties like criminal hackers, but unless that encryption is actually implemented end-to-end, with users (not Facebook) controlling the encryption keys, Facebook may still be able to scan user messages for ad targeting data.

It also doesn’t appear that Facebook is changing its data collection and exploitation practices for its main Facebook service.

Too Good to be True?

Maybe Facebook has suddenly grown a conscience about user privacy. Or maybe it fears the fierce penalties of failing to comply with the European Union’s General Data Protection Regulation and other emerging privacy regulations.

But in light of Facebook’s basic business model, its penchant for fumbling user privacy repeatedly and then lying about it, and the lack of substantive details in this announcement, many security analysts can only react with cynicism – waiting for proof-points before buying into Facebook’s privacy makeover.

Facebook still has a long road to travel to undo mistrust it earned during the past year, especially with the attempts of its leadership to hide its sins.

Take Ownership of Your Privacy

In the meantime, here are some steps you can take to protect your data privacy in the face of social media giants whose profits depend on you not doing so:

  • Be careful what you post to Facebook, Twitter, and LinkedIn.  Beyond the eerily-knowing ads those platforms show you, online vultures glean personal details they can use to steal your identity or craft a trustworthy-looking email that will infect your computer with malware.
  • Until the tech security community has vetted Facebook’s promised end-to-end encryption, assume that it has access to any “private” messages you send over Facebook Messenger, Instagram, or WhatsApp. Assume that the same goes for Google Gmail and other G Suite apps.

Final Thought

The value of privacy has been a moving target in recent years, but with each new report of abuse, a growing number of social media users have concluded that the benefits of those platforms are no longer worth the costs to privacy.

If you’re having similar thoughts, consider using a cyber protection product like Acronis True Image to back up your social media content. That way if you decide to delete your Facebook account, your backup will allow you to keep the personal data, photos, videos, etc. that you have uploaded over the years.

You can also try a free 30-day trial of Acronis True Image to explore the other benefits, like end-to-end encryption of backups and our unique integrated anti-ransomware defense that’s powered by artificial intelligence.

 
Back