Cyber Security

Facebook wants to ‘normalize’ security concerns in light of ‘data scraping’

Earlier this month, reports unveiled a breach at Facebook impacted more than 500 mn users around the world. Around 6 mn Indian users were also affected. In a display of genius, Facebook has devised a communication strategy to dismiss the data breach as a “sectoral problem”. The long term goal seems to be ‘normalizing’ security concerns as an industrial hazard.

Data News reported that an internal email was circulated on April 8 suggesting the same. It was sent by a communication manager, addressed to the company’s EMEA public relations team (Europe, Middle East and Africa). The email, sent several days after the data breach was made public, summarizes the incident’s press coverage.

Facebook often employs a public relations strategy of either not reacting or responding slowly to minimize press coverage. For example, it won’t make additional statements because the company expects the media’s focus on the issue to gradually diminish.

What is ‘Scraping’? 

Scraping is an automated method of collecting data from the internet. The scraping tool is programmed to retrieve detailed information from specific websites. It may, for example, gather contact information for small business owners from LinkedIn, Facebook, or yellow pages. After extracting the data, the scraper parses it and saves it in a readable spreadsheet or database.

The email also contains a “long-term plan” demonstrating Facebook’s desire to make scraping an industry problem. A problem that has nothing to do with Facebook, in particular. It also specifically states that this will not be the last incident.

“In the long term, we expect more scraping incidents and it’s important to frame this as a sector problem and normalise it to happen regularly. To do this, the team proposes a follow-up post in the coming weeks that talks more broadly about our anti-scraping work and provides more transparency around the work we do here. This can reflect a large part of the scraping activities, we hope this will help normalise the fact that this is ongoing and avoid the criticism that we are not transparent about specific incidents.”

ZDNet reported Facebook had earlier confirmed that the information leaked was ‘old and scraped in 2019. A functionality issue in the platform’s contact platform, now fixed, allowed the automatic data pillaging to take place.

However, readers must note, although the vulnerability might be patched, the user data is going to remain largely the same. The personal nature of data, available online, will inadvertently allow cyber criminals to misuse the data and scam people. Further, because the data set also contains email addresses, hacking attempts could also be made. Given the volume of personal data leaked, it becomes imperative that Facebook does more than just patching the vulnerability.

Having said that, here’s how you can avoid falling for a scam if a hacker comes after you!

A portion of the email is attached below.

Source: Data News

Do subscribe to our Telegram channel for more resources and discussions on technology law and news. To receive weekly updates, and a massive monthly roundup, don’t forget to subscribe to our Newsletter.

You can also follow us on InstagramFacebookLinkedIn, and Twitter for frequent updates and news flashes about #technologylaw.

Rajat Chawda

Rajat is a student at the Institute of Law, Nirma University. Since a young age, he was fascinated by the technological advancements and his fascination with gadgets has helped him develop a keen interest in TMT Laws in his journey as a law student. He is associated with Mylawrd to further engage himself and learn in this area.

Share your thoughts!

This site uses Akismet to reduce spam. Learn how your comment data is processed.