Reflecting on the shear egregiousness of Facebook’s latest security breach, from demanding users hand over their email passwords to silently harvesting their contact lists without their permission to declining to offer a specific date by which it might delete that “unintentionally” collected data, it is worth stepping back to ask whether if this story had been about any other company, would it still be in business?
As Facebook has weathered a never-ending deluge of privacy and security-related scandals over the past year, the only constant has been the lack of consequences for the company.
To date it has suffered no massive fines, no major troublesome new legislation and most importantly, no mass defections of its users or advertisers.
In fact, the company actually set new profit and growth records amidst all the scandals.
Would a smaller company have faced greater ramifications for such egregious violations of the safety, security and privacy of its users?
Perhaps the most existential question raised by Facebook’s lack of consequences over the past year is whether it has escaped harm because it is simply so big and intrinsic to modern life that we cannot live without it or whether we as a society have become so numb to privacy violations that we simply no longer care about our digital safety, security or privacy?
Facebook has become such a critical part of modern life that it is almost impossible to imagine a world without it.
Our governments communicate policy proposals and new laws via its pages and use it to listen to their constituents. Elections are increasingly allegedly decided by which candidate has the better social media strategy to leverage its communicative power.
Media outlets rely on Facebook to drive traffic to their sites, while businesses increasingly use it to communicate, turning their once-dynamic websites into static shrines.
Could it be that Facebook is now so powerful that we don’t dare leave?
Like the company we love to hate but cannot live without, Facebook’s abusive relationship with its two billion users grows worse by the day because the company increasingly realizes that its users simply have no choice but to accept whatever harm it wishes to bestow upon them.
Alternatively, could it be that we are simply so numb to privacy and security violations today that we simply no longer care?
What would happen if a small startup of a few hundred thousand users turned out to be demanding users’ email passwords and mass harvesting and sharing their personal data?
Would that startup survive the ensuing scandal or would its users defect in droves to its competitors?
The depressing answer is that in 2019, it is entirely conceivable to picture a startup weathering such a scandal without losing any of its customers.
In fact, the “network effect” means that once a site reaches a certain number of users, it is hard to move on, especially as sites move to address the limitations that allowed predecessors like MySpace to collapse.
Even the discretion-first social network Ashley Madison appears to have fully recovered from its infamous 2015 breach, touting impressive growth in the years since. In fact, the company notes that all of the media coverage of its breach was actually a huge boon to growing its business.
Putting this together, Facebook’s lack of consequences for its breaches leaves us with only two uncomfortable possibilities: either the company has become simply too big to regulate or else the public simply no longer cares about its online security or privacy.
All evidence points to the latter.
In the end, the fact that other social networks that have experienced breaches have also managed to grow considerably in the aftermath points to the same sad conclusion: we really don’t care about our online safety, security or privacy anymore.
