The report had some hard words for Facebook and CEO Mark Zuckerberg.
The results of an 18-month investigation into Facebook are out and they’re not pretty.
The UK Parliament’s Digital, Culture, Media and Sport Committee (DCMS) published a lengthy report filled with harsh words for the social media giant, which is accused of intentionally violating privacy laws.
In a statement, Facebook’s UK public policy manager, Karim Palant, said the company supports “effective privacy legislation that holds companies to high standards in their use of data and transparency for users,” and has already made “substantial changes” to its political advertising policies.
Here’s a look at the most brutal takedowns of Mark Zuckerberg and Facebook in the report.
1. Facebook acting like “digital gangsters”
The report says that documents it obtained raise questions about whether the company has engaged in anti-competitive behavior. The documents, which stem from a California court case between Facebook and developer Six4Three, include private emails from top Facebook officials, including Mark Zuckerberg.
The documents also detail discussions among Facebook execs on data sharing policies, as well as Facebook’s use of VPN app Onavo to keep tabs on WhatsApp and Snapchat.
From the report:
Given the contents of the Six4Three documents that we have published, it should also investigate whether Facebook specifically has been involved in any anti-competitive practices and conduct a review of Facebook’s business practices towards other developers, to decide whether Facebook is unfairly using its dominant market position in social media to decide which businesses should succeed or fail. Companies like Facebook should not be allowed to behave like ‘digital gangsters’ in the online world, considering themselves to be ahead of and beyond the law.
2. Zuckerberg’s “contempt”
Parliament had some particularly scathing words for Zuckerberg, who showed “contempt” for its investigation:
Facebook seems willing neither to be regulated nor scrutinised. It is considered common practice for foreign nationals to give evidence before committees… By choosing not to appear before the Committee and by choosing not to respond personally to any of our invitations, Mark Zuckerberg has shown contempt towards both the UK Parliament and the ‘International Grand Committee’, involving members from nine legislatures from around the world.
Additionally, UK officials took issue with the executives Facebook did send to answer questions: CTO Mike Schroepfer and vice president of public policy for Asia-Pacific, Simon Milner. Both men were ill-prepared, according to the report:
“We are left in no doubt that this strategy was deliberate.”
Facebook used the strategy of sending witnesses who they said were the most appropriate representatives, yet had not been properly briefed on crucial issues, and could not or chose not to answer many of our questions. They then promised to follow up with letters, which—unsurprisingly—failed to address all of our questions. We are left in no doubt that this strategy was deliberate.
We are left with the impression that either Simon Milner and Mike Schroepfer deliberately misled the Committee or they were deliberately not briefed by senior executives at Facebook about the extent of Russian interference in foreign elections.
3. Cambridge Analytica happened because of Facebook’s own policies
The report discusses the Cambridge Analytica scandal at length, noting that the whole debacle could have been avoided if Facebook had “fully complied” with its own settlement with the U.S. Federal Trade Commission in 2011.
Incidentally, Facebook could be facing a record-setting, multibillion-dollar fine from the FTC, which opened an investigation into the social network following the initial Cambridge Analytica reporting:
The Cambridge Analytica scandal was faciliated [sic] by Facebook’s policies. If it had fully complied with the FTC settlement, it would not have happened. The US Federal Trade Commission (FTC) Complaint of 2011 ruled against Facebook—for not protecting users’ data and for letting app developers gain as much access to user data as they liked, without restraint—and stated that Facebook built their company in a way that made data abuses easy. When asked about Facebook’s failure to act on the FTC’s complaint, Elizabeth Denham, the Information Commissioner, told us: “I am very disappointed that Facebook, being such an innovative company, could not have put more focus, attention and resources into protecting people’s data”. We are equally disappointed.
4. “Facebook continues to choose profit over data security”
Again referring to the Six4Three documents, the report says Facebook has prioritized its own profits over everything else, including its users’ data:
Facebook has continually hidden behind obfuscation. The sealed documents contained internal emails, revealing the fact that Facebook’s profit comes before anything else. When they are exposed, Facebook “is always sorry, they are always on a journey”, as Charlie Angus, MP (Vice-Chair of the Canadian Standing Committee on Access to Information, Privacy and Ethics, and member of the ‘International Grand Committee’) described them. Facebook continues to choose profit over data security, taking risks in order to prioritise their aim of making money from user data.
5. Questioning Facebook’s business model
The merits of Facebook’s ad-driven business model is a point that has also come up with lawmakers in the U.S, though Facebook has repeatedly defended it. In the report, UK officials said Facebook may not be able to keep its users’ trust unless it makes some serious changes:
The Information Commissioner told the Committee that Facebook needs to significantly change its business model and its practices to maintain trust. From the documents we received from Six4Three, it is evident that Facebook intentionally and knowingly violated both data privacy and anti-competition laws. The ICO should carry out a detailed investigation into the practices of the Facebook Platform, its use of users’ and users’ friends’ data, and the use of ‘reciprocity’ of the sharing of data.