¿ìè¶ÌÊÓÆµ

Your social media data is out there, just waiting to be leaked

So much social media data has been siphoned off and stored in the name of research that questions over its security were only a matter of time, says Paul Marks
Close-up of someone using social media on their smartphone
How well protected is the data you share?
Nina Berman/NOOR/eyevine

It was bad enough that 80 million Facebook users allegedly had their data harvested by a company building a platform to try to sway the US election – but now broader concerns are emerging over the privacy and security of such information.

¿ìè¶ÌÊÓÆµ revealed this week that information on millions of Facebook users, gathered by researchers in the UK, was left exposed online. Days before, The New York Times reported that Swedish and Polish researchers had amassed data on 368 million Facebook users. The researchers in that case, says the newspaper, were worried about how easy it had been to collect the data – and say they had to fend off corporate approaches to buy it.

There have been straws in the wind for over a decade. In 2006, ¿ìè¶ÌÊÓÆµ warned readers about the risks of putting details on what were then the popular social media sites, Myspace and Friendster.

At the time many factors were conspiring to make this an issue, including the desire of national security agencies to tap this data to uncover networks of terror suspects and profile them. At the same time, new standards ostensibly meant to make the web run more smoothly were also making such analyses easier.

Since then, the sucking up of social media data has been commonplace. So when news broke that consultancy firm Cambridge Analytica had allegedly profiled potential swing voters using Facebook data for the 2016 US presidential election, it was no huge surprise. But it raised the question: what about the masses of other social media data that have been hoovered up?

Taking care of data

Over the past decade, universities and companies have been drawing on social networking posts for research. Instead of physically mustering volunteers to quiz on various topics, social networks make it easy to filter posts by subject. And firms can more easily assess business sentiment this way, too.

As a result, the number of research papers based on scooping up Facebook, Snapchat and Instagram posts, say, or the vast stream of tweets known as the , is astonishing.

It is clear that it is not only what researchers do with our social media data that matters: it is also how they look after it. Even if a study that had mined social media posts had passed ethical review, where are the harvested data sets now? How good is data protection in the academic realm?

If harvested data has not been transmitted, stored and archived in encrypted form, yet more problems are likely to ensue. From 25 May, however, Europe’s incoming GDPR data protection legislation can impose €20 million fines for data breaches. Perhaps this, at least, will focus minds.

Read more: Huge new Facebook data leak exposed intimate details of 3m users

Topics: Computer crime / Privacy / security / Social media