In today's digital age, checking social media has become an integral part of our daily routine. We wake up, and the first thing we do in the morning is grab our phone. We scroll through Instagram, check Facebook, or post about our morning coffee. We've all been there. But, have you ever wondered what happens to that simple coffee picture once it hits the internet?
This pervasive social media usage raises critical questions about digital privacy and data security. Sharing has become a new form of exposure. We now face an unprecedented challenge: Our digital traces go well beyond what we consciously share.
The Dimensions of Data Collection
Social media platforms are drowning in a deluge of user data, collecting information at an unprecedented scale. With increasing data collection methods, privacy and protection concerns also rise. The data collection process is not restricted to data that users consciously share, it extends to passive data collection, behavioral tracking, and unknown complex algorithmic analysis.
Major technology giants are frequently scrutinized for their data collection and processing practices. The question isn't just about what data is being collected – it's about how this information is being used, stored, and protected.
According to Meta’s annual official reports, the company processes the user data of nearly 4 billion monthly active users across its platforms. Let me ask you: When was the last time you read a privacy policy before clicking "I Agree”?
Data Collection Methods and Associated Risks
Passive Data Collection
Social media platforms perform various data collection methods, without users' active awareness. The methods include:
Browser fingerprinting to track users across websites
Specific browser details, including installed plugins, screen resolution, time zone, language settings, and font availability are gathered during the process. Even if the cookies are disabled, companies can still track users easily.
2. Tracking User Location via IP addresses and GPS data
Social media apps actively collect location data by accessing IP addresses and using indirect location data. This indirect data can include Wi-fi access points and mobile network towers.
The Irish Data Protection Commission's investigation in 2022 revealed that Meta had been fined €390 million. This was due to allegedly unethically compelling users to accept personalized advertisements and unlawful use of location data.
3. Cross-site tracking through embedded "Like" and "Share" buttons
According to BuiltWith's technology trends report in 2023, Facebook can track user behavior to a deeper level. They do this by using Meta’s embedded 'Like' and 'Share' buttons which appear over millions of websites in the network.
Active Data Collection
With transparent permissions, users provide significant personal information through:
Profile information and updates.
Photos and videos often contain metadata.
Friend connections and social graphs.
Interaction data (likes, comments, shares).
Hidden Collection Methods
Many companies gather data using unethical and less transparent means including:
Shadow profiles for non-users through contact uploads
In a 2018 Congressional testimony, it was found that Meta maintains detailed data profiles even for individuals who have never used Facebook. Meta creates 'shadow profiles' of non-users by analyzing contact information uploaded through users' address books.
2. Purchase history tracking through partner websites
Meta tracks user purchases across millions of partner websites and retail platforms. It collects transaction data including purchased item amounts, category, and shipping details.
3. Voice data collection through mobile apps
The company’s mobile app can collect data anytime in a day even if the user is not aware. The data is collected using the device’s microphone anytime the company wishes to. According to a study in 2023, social media apps collect microphone data approximately 27 times per day on Android devices.
User Vulnerabilities
Identity fraud using collected personal data
Social engineering assaults utilizing behavioral data that has been gathered
Financial fraud using publicly available personal information
Location data makes abuse and stalking easier.
Meta's Privacy Makeover: Real Change or Damage Control?
In 2018, Meta faced significant legal and regulatory consequences following the Cambridge Analytica scandal, where the personal data of 87 million users was improperly shared for political advertising purposes. Meta was fined $5 billion by FTC further pressurizing it to make some serious changes regarding privacy concerns.
Here's what they've done:
Users can check and control the "Off-Facebook Activity" tool.
Implemented end-to-end encryption for Messenger
Created a 'Clear History' tool
X (Formerly Twitter) and Its Privacy Journey
X was charged with the FTC fine of $150 million for using phone numbers and email addresses for advertising.
Since then, they've made some privacy changes:
Added more two-factor authentication options
Improved privacy settings that are more transparent and descriptive
Implemented data encryption (better late than never!)
Regularly publish transparency reports
Conclusion
As social media is becoming a major part of our lives, users are increasingly becoming more aware towards their privacy and data protection issues. As a user, staying informed and vigilant for our digital footprints is the key towards our own protection and security. The more social media is expanding, the more we are connecting with each other and the more we have to be careful for our privacy. Using social media as a power without being a slave is in our own hands.
