Tough questions Oireachtas should ask Facebook about use of citizens’ data

17 Apr 2018

Houses of the Oireachtas in Dublin. Image: EQRoy/Shutterstock

As Facebook executives go before the Irish Houses of the Oireachtas, what are the key questions that TDs and senators should really be asking?

Today (17 April), senior executives from Facebook in Ireland are expected to appear before an Oireachtas committee in the Irish Parliament to answer questions about the Cambridge Analytica affair.

The Facebook executive team will be led by its vice-president for global policy, Joel Kaplan, who is expected to tell TDs and senators how sorry the social network is for failing in protecting users’ data in the recent scandal that saw the privacy of 87m users worldwide potentially compromised.

Alongside Kaplan will be the company’s Irish country manager, Gareth Lambe, and its head of public policy, Niamh Sweeney.

It is also understood that Data Protection Commissioner Helen Dixon will attend the meeting.

Tough questions for Facebook

Kaplan is expected to outline to deputies and senators new transparency tools that verify where ads are coming from and who has paid for them.

Will they get a tough grilling or will it be a repeat of the pretty easy going over that Facebook CEO Mark Zuckerberg experienced over two days last week before the US Congress?

Facebook is a major employer in Dublin with more than 1,000 employees and it is understood to have ambitious expansion plans that could see it grow to 3,500 or more people in the city.

So, what are some of the questions they really should be asking?

How affected were Irish users by the Cambridge Analytica affair and how malleable are users to similar exploitation by other apps?

The heart of the matter is Facebook’s Open Graph platform that enabled third-party app creators to create apps that gathered users’ data. Just how in control is Facebook of this platform and what steps are being taken to limit or shut down such data-gathering practices?

To what extent can Facebook target individual users with advertising based on their data?

Another key question: just how anonymous is the information that Facebook uses and how much of this data does the social network share with advertising partners? It is one thing to tell people they have control over their information on a public basis, but how much information does Facebook collect about users without their knowledge?

What are the social network’s explicit policies around political advertising?

It will be interesting to see just how far politicians from different parties and persuasions are likely to probe on this point. With the referendum on the Eight Amendment just a few weeks away in Ireland, emotions are already running high as many Facebook users are flooding the news feed with messages on the topic as well as pointing out aggressive advertising tactics on street poles. Not only that but, depending on negotiations between the leading political parties in the coming months, Ireland could yet be plunged into a general election in the months or years ahead.

The heart of the Cambridge Analytica affair centred on how the eponymous political consultancy was allegedly able to use user data to drive advertising that would manipulate voter sentiment, apparently helping to tip outcomes such as the shock election of US president Donald Trump or the fateful ‘leave’ decision by voters that sparked Brexit in 2016.

Is it possible that agencies with similar intent hold data on Irish users that can be used in a similar fashion?

In the aftermath of the creation of Privacy Shield and as Max Schrems’ legal battle continues in Austria, what happens to European users’ data as it shuttles across the Atlantic?

It is true that Facebook has built a massive €200m data centre in Clonee, Co Meath, and that it has data centres all over the world, but the rub of the court battles led by Schrems is the legality of Facebook transferring European data to the US.

Deputies and senators should be asking just how and what data still goes to the US and why.

Just how prepared is Facebook for GDPR?

The Europe-wide General Data Protection Regulation (GDPR) becomes law on 25 May and brings with it stringent data protection policies and punishments, including hefty fines of up to €20m or 4pc of turnover, whichever is highest.

Some companies, such as Apple, have already made a virtue out of how prepared they are. Facebook is being urged to extend any GDPR practices it has on a global basis and not just within the EU, because a huge proportion of its 2.2bn active users live in countries that don’t exactly have benevolent regimes.

As a country that has always been on the frontline of UN peacekeeping as well as major humanitarian charity efforts, Irish legislators should grill Facebook on the protections it has for the data of vulnerable users who live outside the EU.

We are all global citizens.

Houses of the Oireachtas in Dublin. Image: EQRoy/Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com