Facebook, the behemoth of social networks, is no stranger to controversy with its history rife with privacy violations and data leaks. Indeed, earlier this year, Facebook was found to be paying people up to $20 a month in exchange for gaining comprehensive access into their phones. Facebook tried to make amends and reduce the damage done to its reputation for being trusted with user data by launching Study, an app meant to expound upon the various ways in which the firmcollects and utilizes users' data, a few months back. The social network also recently updated its face-recognition settings to give users more control over it.
Building on these steps, today, Facebook made public a white paper that is meant to chart a way forward on data portability and privacy. In it, Facebook outlined five essential questions that the organization believes are pertinent in building privacy-protective data portability:
Details on each raised point are noted as follows:
- What is data portability? Even though “data portability” is already written into laws in some places, the concept still means different things to different people. We try to set out a taxonomy for distinguishing between different types of data transfers with the aim of identifying what is — and isn’t — “data portability.”
- Which data should be portable? We discuss different takes on what it means for a person to port the data they have “provided” to a service and what factors stakeholders should consider in defining the scope of portable data.
- Whose data should be portable? Data is often associated with more than one person in digital services, like photos, videos and contact lists. Should transferring companies limit data portability in those cases? How can providers ensure that each individual’s rights are accounted for?
- How should we protect privacy while enabling portability? What responsibilities, if any, should transferring companies have with respect to people requesting or receiving data transfers and people whose interests may be implicated by a transfer?
- After people’s data is transferred, who is responsible if the data is misused or improperly protected? Should transferring or recipient companies be accountable? Should users themselves be responsible for issues that affect their (or their friends’) data?
Facebook believes that by releasing this paper, not only will it substantiate the already existing regulations like GDPR and CCPA governing data portability, but it will also help solve the issues related to the same. The Vice President and Chief Privacy Officer of Policy at Facebook, Erin Egan, wrote in the blog post:
Data portability has the potential to benefit everyone, from users to startups to established companies. We hope this paper will be the start of a series of conversations with privacy experts, policymakers, regulators and other companies around the globe about how data portability should be implemented to maximize the benefits while mitigating the risks.