Undoubtedly, the world today has become more connected than it was in the past. It is even popularly referred to as a ‘global village’ and the primary reason for this reference is because of the rapid flow of information. The most prominent cause has been the advancement in internet and bandwidth. However, the internet has led to the development of new applications, which are described as “Web 2” applications. Examples of Web 2 applications include: Facebook, Twitter, Google + and Linkedln. These applications are popularly referred to as networking or social media sites because they connect people together. Facebook, in the recent past, as well as currently faces a lot of security breaches. This essay investigates those security breaches and how the management communicates to Facebook users in regard to these security breaches.
Facebook Security Breach
To most people, cyber security concerns seem to be illusions and the most common perception has been that private information can only be stolen or tapped into by a physical presence. Physical presence in this regard refers to breaking into company facilities, or when people use portable devices with the intent of stealing confidential information. Although such methods present a significant amount of risk, there are even more severe threats that emanate from social media sites such as Facebook. Just recently, Facebook stated that a major security breach had occurred in which more than 50 million accounts of users had been accessed by unknown attackers (O’Brien & Anderson, 2018). According to Facebook, the attackers had stolen the digital keys, which the company uses to keep the users logged in. The attackers reportedly could do so by exploiting three distinct bugs in Facebook’s code. As a countermeasure, the company logged out the 50 million breached users as well as 40 million others who were at risk and fixed the bugs.
Delegate your assignment to our experts and they will do the rest.
The worrying aspect of the recent Facebook security breach is that Zuckerberg claims that they cannot establish who was behind the attacks or where they are based. Even more appalling is that Zuckerberg’s own Facebook account was compromised. Perhaps the question that emerges at this juncture is, to what extent should Facebook be trusted? And are people really secure on Facebook? Recently, news broke out that Cambridge Analytica, a firm which Donald Trump had hired for his campaign had gained improper access to personal data from millions of users profiles (O’Brien & Anderson, 2018). Again, a congressional investigation recently established that agents from Russia and other countries have been creating and posting fake political adverts on Facebook since 2016. But how exactly is Facebook security breach happening. To delve into this question and answer it satisfactorily, several aspects are listed and discussed below.
Privacy and Confidentiality
Facebook has allowed third party applications on its site, and it is emerging that information transmitted and exchanged between Facebook and third party applications may not be private (Leitch & Warren, 2009). These applications may be used to record information or conversations between users without their consent. On the same note, Facebook users may alter their privacy settings accidently and give a leeway to third parties. One problem with Facebook is that when users post information using the default settings, the information becomes available to everyone. Users, therefore, have to change the privacy settings to dictate who accesses their information. But many people do not know that they can adjust the settings. Nevertheless, even when one changes the privacy settings so that only friends can see what he or she posts, people can still access the information by searching his or her profile. These privacy settings seemingly work like illusions, where security is defined in an abstract sense but is not practical.
The lack of privacy and confidentiality in regard to what one posts on Facebook has had negative implications to some parties. For instance, university and college students create Facebook groups and pages to discuss about their institutions unaware that the university administration is monitoring them. In 2005, a second year student at Fisher College in Boston named Cameron Walker was expelled because of the Facebook group he had created (Jones & Soltren, 2015). The group had been created to agitate for the dismissal of a campus security officer who allegedly went beyond the limits of his line of duty. Walker’s dismissal also set a serious precedence for university administrations who would use content from Facebook as evidence during disciplinary sermons.
Seemingly, the issue is not just about who has access to people’s information but it is also about what content is allowed on Facebook. In the recent past, various governments in the world have realized the power of Facebook (Jones & Soltren, 2015). During the recent popular ‘Arab Spring’ Facebook was used as a tool of radicalizing and mobilizing, especially young people. Although the site may have been used to advocate for a positive cause, there is also a high probability that it may be used for the wrong purposes. Terrorists may be using Facebook to radicalize people around the world to spread their agenda. The advantage is that it has a huge coverage and is cheap to use. What terrorists need to do is to sit somewhere, get an internet connection and write or record themselves and post on Facebook.
Authentication and Identity Theft
Some third party applications that require logging in could be used to steal people’s private information. There are applications that need credit card information to register or to log in. Some of these applications may be a set up aimed at obtaining and using people’s information (Leitch & Warren, 2009). Identity theft is not a new thing in the United States, considering that there are foreigners who so urgently want US citizenship. Perhaps one of the most overlooked forms of identity theft on Facebook currently is where people create profiles with the names of prominent people. While it may be argued that people may share names, this form of identity theft is meant to extort unsuspecting users. People may create pages of certain corporates and claim to be recruiting prospective employees. The gullible users are told to pay registration fees only to realize later that they were conned. This form of identity theft may also be used to carry out a smear campaign against other people. Specifically, it is a form of defamation.
Vandalism, Harassment, and Stalking
Even with all the positive intentions of Facebook, people are being harassed, mainly through cyberbullying. Most ladies complain of being harassed sexually by stalkers (Jones & Soltren, 2015). Besides, there are those friends or even strangers who write negative comments or even obscene words on people’s posts. Seemingly, Facebook does not have the capacity to filter out content that causes displeasure to users. Facebook in the recent past began to ‘cover’ images that may cause discomfort to users but even so, people can easily ‘uncover’ them and view the content. Evidently, this is not a stringent measure to restrict unwanted content. Although some comments and posts on Facebook are harmful, there is also reportedly more harm from posts that depict people’s lifestyles. On most occasions, Facebook users portray themselves having the best lives even when in real sense they could not be having such lavish lifestyles. The consequence is that other users try to attain such lifestyles and when they cannot afford, they tend to suffer from depression and other psychological disorders. Facebook may be a successful company that is making a lot of revenue but may be contributing to psychological conditions, and consequently, poor mental health.
Spam and Cybersquatting
Facebook users sometimes receive unsolicited messages and emails that may contain viruses or malware. The spammers create links and post them on Facebook, where users are lured to click on them (Jabee & Alam, 2016). For example, a message may read as “Click on the following link and find out what the rest of your friends are enjoying”. When users click on such links, it becomes the beginning of allowing viruses and malware into their computers or mobile phones. Additionally, the tag option on Facebook allows malicious people to lure users to open bad content such as obscene content.
How Zuckerberg Communicates To Facebook Users
Most frequently, Zuckerberg posts on his page matters related to Facebook security breaches. For example, on 28 th September, 2018, Zuckerberg posted the following statement, “I want to update you on an important security issue we've identified. We patched the issue last night and are taking precautionary measures for those who might have been affected. We're still investigating, but I want to share what we've already found…” (Wagner, 2018). The weakness with this type of communications strategy is that Facebook users cannot see the communication unless they visit Zuckerberg’s Facebook page. In many instances when the Facebook team realizes security breaches, it logs out the accounts of the affected users and requires that they log in again. For most users, they never realize whether any security breach has occurred because they rarely get any communication from the Facebook team. Therefore, they log in again and continue interacting with the application.
When it was realized that Cambridge Analytica had accessed Facebook users’ private information, Mark Zuckerberg took a long time to respond to the claims. Wagner (2018), described it as a long silence. Eventually, Zuckerberg again used his Facebook page to talk about the Cambridge Analytica issue and to state the measures his team had put in place. The long silence could have a two-fold explanation. One, Zuckerberg and his team could have delved into deep deliberation about the problem to offer an amicable solution. On the other side, it can be argued that Zuckerberg, together with his team were not sure of what to do and they had to buy time and let the public anxiety. But the silence had some negative implications. A large section of the public felt that Facebook lacked the capacity and the technical skills to protect their private information from being accessed by unauthorized parties.
Evidently, Zuckerberg’s communication has largely been written. However, he has also on some occasions been compelled to communicate orally especially when probed by legal entities and government institutions. Zuckerberg has testified before the Congress regarding the issue of security breaches especially in the case of Russian interference with the 2016 US election using Facebook ( Sommerlad, 2018 ). During the meeting, Zuckerberg regretted that his team had failed to investigate and intercept early enough. However, most of the probe by Congress was done in a closed door meeting, raising questions about the nature of issues that compelled such a kind of probe (Fredericks, 2018). Since it was a weighty matter, most members of the public were interested. Reportedly, Zuckerberg declined to respond to some questions, arguing that some information was too confidential and that he had already discussed some issues with his lawyer and legal experts.
During the Congress probe, Zuckerberg was also questioned on his intention to charge users so that they could not receive adverts. One senator was concerned that Facebook had access to people’s private data and was now planning to charge them not to receive something they did not want ( Blake, 2018) . Zuckerberg responded by saying that for users to enjoy free Facebook, they had to charge for adverts and that could only happen through users receiving adverts form third parties. However, it emerged that Facebook did not specify what third parties could do with users’ private information. For example, one senator noted that Facebook and Cambridge Analytica’s agreement had been a commercial one, meaning that the firm could use people’s private information for any purposes. Zuckerberg also carried a pre-prepared communication and tried as much as possible to avoid direct questions.
From the aforementioned communication aspects, there are some inadequacies in Zuckerberg’s communication style. First, Zuckerberg and his team do not have a proper structure of communicating to Facebook users about important security concerns. Not many people have the time to regularly visit Zuckerberg’s Facebook page to see what he has written. Therefore, even if Zuckerberg provides measures for users to protect their private information, a majority of Facebook users rarely do so because they do not get them. Secondly, Zuckerberg takes a long time to respond to security breaches, an aspect that has exacerbated the fear that Facebook management lacks the means to protect them. Some of the communication does not also suggest that they have solved the problem conclusively. For instance, when it was realized that more than 50 million accounts of Facebook users were accessed by unknown attackers, the communication provided by the Facebook management team claimed they could not establish who the attackers were or where they were based. Such communication suggests that since Facebook cannot identify the attackers, it is likely that such an attack will take place again.
Recommendations
The Facebook management needs to develop a better strategy of communicating with users. In regard to the various security threats mentioned above, it is prudent for the management to remind users to protect their accounts from time to time. It implies that users should not be let to try to figure out how to protect their private information on their own. Rather, Facebook could also use pop-ups to address the various security breaches. Secondly, the Facebook support team needs to foster timely response by developing a support chat box. That also means that Facebook will be compelled to hire more employees to engage users. As a consequence, Facebook’s public relations aspect will improve since it is one most important thing that Facebook is struggling with. Thirdly, the Facebook management team as well as Mark Zuckerberg need to create public forums where they engage people and address some of their concerns. Such meetings will create the perception of transparency at Facebook. Lastly, Facebook needs to respond timely whenever issues of security breaches occur. Apart from using his Facebook page, Mark Zuckerberg also needs to post his communication to the press for a wide coverage. Such a response helps create the perception of efficiency at the company, and consequently build users’ confidence.
Conclusion
Facebook has faced and continues to face various security breaches on its platform. However, the method of communicating these breaches is wanting. As the communication structure currently is, it represents inadequacy and inefficiency. Facebook needs to urgently come up with a proper communication structure and method by offering timely responses and communication that instills confidence to the users.
References
Blake, S. (2018).Mark Zuckerberg’s biggest regret . NewsComAu . Retrieved 28 October 2018, from https://www.news.com.au/technology/online/social/facebooks-mark-zuckerberg-testifies-before-us-congress-on-cambridge-analytica-data-breach/news-story/812832e6620a01e6d76eb9a6b43b505e
Fredericks, B. (2018). Zuckerberg testifies before Congress on Facebook data breach. Nypost.com . Retrieved 27 October 2018, from https://nypost.com/2018/04/10/zuckerberg-testifies-before-congress-on-facebook-data-breach/
Jabee, R., & Alam, M. A. (2016). Issues and Challenges of Cyber Security for Social Networking Sites (Facebook). International Journal of Computer Applications , 144 (3).
Jones, H., & Soltren, J. H. (2015). Facebook: Threats to privacy. Project MAC: MIT Project on Mathematics and Computing , 1 , 1-76.
Leitch, S., & Warren, M. (2009). Security issues challenging Facebook. In Australian Information Security Management Conference (p. 16).
O’Brien, M., & Anderson, M. (2018). Facebook says 50M user accounts affected by security breach. TechXplore.
Sommerlad, J. (2018) . Why is Facebook's Mark Zuckerberg appearing before Congress? The Independent . Retrieved 27 October 2018, from https://www.independent.co.uk/life-style/gadgets-and-tech/news/mark-zuckerberg-congress-how-watch-hearing-facebook-data-breach-cambridge-analytica-a8289316.html
Wagner, K. (2018 ). Read Mark Zuckerberg’s full statement on Facebook’s privacy scandal . Recode . Retrieved 27 October 2018, from https://www.recode.net/2018/3/21/17147746/facebook-mark-zuckerberg-cambridge-analytica-data-breach-users-video-election
