Bedeviled by the uproar created by disclosure concerning its callous disregard for its user privacy, Facebook’s business practices continue to generate controversy.
The latest contentious privacy-related issue concerns Facebook employees’ ability to access users’ profiles without disclosure or obtaining the user’s permission.
This dual privacy standard is symptomatic of a dilemma for the company: How much to disclose to users the extent of the surveillance and data harvesting that occurs when customers use the system.
It poses problems for Facebook because its entire business model is predicated on obtaining and then selling its customers private data.
The privilege granted certain Facebook employees allows them to access information most Facebook users would consider private, such as photos and posts shared with a limited group of individuals such as family and friends.
The special treatment afforded Facebook employees has been available for years according to people familiar with the matter. Employees receive notification via email or a specific notice to their Facebook account.
What has alarmed many privacy advocates is that multiple Facebook employees have been terminated for improperly accessing users’ profiles over the years.
This raises a question that regulators will be certain to raise in the immediate future. Namely, what safeguards does the company have in place to prevent such infractions in the future?
Additionally, some may argue that if notification is afforded Facebook employees, why shouldn’t regular users be similarly notified?
There are no compelling reasons why Facebook shouldn’t offer this same service to its 2 billion customers.
Potential for abuse
In the absence of such protections, there is nothing to prevent Facebook employees to continue the practice of accessing personal information of users without their permission.
The potential for abuse is quite pronounced. What if a Facebook employee has a grudge against a particular user? At present, that employee could gain unfettered access to the customer’s account.
Indeed, three years age, Paavo Salami said that a Facebook engineer obtained his log-in credential without his authorization.
As Salami noted, “A Facebook engineer can then log in directly as me on Facebook seeing all my private content without asking me for the password. Just made me wonder how many of Facebook’s staff have this kind of ‘master’ access to anyone’s account?”
This problem is symptomatic of a large gap that currently exists between what private and personal data Facebook collects and what its users believe they collect.
Currently, disclosure is rather lax and indicative of the of a laissez-faire attitude concerning the business practices of social media companies that has allowed the tech giants to escape scrutiny for years.
For Facebook, the revelation that its employees can access private information will only inflame the public, and rightly so. More transparency is in order, or its customers might revolt.