National Association of Counties
I recently had the opportunity to watch The Great Hack, a Netflix documentary that came out in late July that is about the Cambridge Analytica scandal involving citizen data and elections. If you haven’t watched it, I highly encourage you to do so. In the absence of time, let me break it down for you! The documentary focuses on how accessible our individual human data is and just how much of it is on the internet. Even if you have deleted your Facebook account, much of your data is still out there. The documentary focuses on how Cambridge Analytica gathered and cultivated massive amounts of citizen data from all across the globe and then supposedly used it in marketing campaigns to persuade certain citizens (dubbed the “persuadables”) in voting decisions worldwide; including Brexit (the UK’s withdrawal from the European Union) and the U.S. 2016 presidential election. This article is not going to focus on how Cambridge Analytica used U.S. citizen data, but rather on how they were able to access it without one’s approval.
The background of the documentary is that Cambridge Analytica had collected between 4,000-5,000 data points on every U.S. voting citizen. Every citizen. One may ask, how can this be? Well, does Facebook or Instagram sound familiar? Data from more than 87 million Facebook member profiles was obtained by Cambridge Analytica, who then used that data to assist the Leave campaign in the Brexit vote and the Trump 2016 presidential campaign. Regardless of the presidential outcomes, the fact that they acquired and used that much data on human beings is incredible and even scary.
While that’s just one way citizen data is accessible, according to a May 2019 article from PEW Research, 69 percent of the United States is on Facebook; that’s a pretty significant exposure. The importance of these numbers becomes even more meaningful, when you consider that data and the data giants Alphabet (Google’s parent company), Amazon, Apple, Facebook and Microsoft are now considered more valuable than oil. (May 2017,The Economist).
Yet the bigger story is that our personal data is out there and being used in ways we don’t understand. One may ask, was it really that much important data? We will never really know for sure, but at the time of these campaigns, the data collected from the third-party app that gave anyone access to Facebook included information like interests, likes, location, political affiliation, relationships, photos and more.
So why is this important? In this day and age, our personal assets go beyond just finances; data rights are human rights. Personal data is extremely valuable. Think about how quickly relevant advertisements pop up on your Facebook page or even your cell phone through a text or an app after you have conducted an online search. To bring it to the workplace, think about how much searching we do on the internet for new county equipment, software applications or even job postings for finding qualified staff. And then all of sudden, this particular product or service that you were searching about shows up on your Facebook feed, even though you weren’t on your computer (but rather using only your cell phone). When we search through Google, Bing or another search engine, that information is more than likely being sold to advertisers, consultants and other entities that have paid the big search engines to have your information. Supposedly with permissions, of course. But do you really read those terms and conditions that pop up on your screen when you are diligently looking for that new book, clothing, food item or office equipment? Since we are in a world of instant gratification, I would venture to say “no.”
So, what can citizens and ultimately county government do to protect the data rights of individuals? Europe has taken one approach by implementing The General Data Protection Regulation or GDPR. One may ask: “What is GDPR?” GDPR is a massive data protection or privacy law emanating from the EU that applies to most organizations, regardless of where they are located. While that undertaking was in process long before the Cambridge Analytica shenanigans became public, it was only official in May of 2018, right after the scandal went public. Any organization that offers its products or services to an EU resident or is established in the EU or is engaged in widespread website behavioral monitoring must comply with GDPR. This means even organizations based in the United States may be subject to GDPR. The most obvious result of GDPR is those new footers or pop-ups on websites that are supposed to inform you about what data is being collected when you use their site and have cookies enabled. What I have found is that many are just clicking on the “cookies” message and breezing by what the terms and conditions say.
How this affects local government in the United States is debatable and ranges from there is no need to legally comply with GDPR to “Yes, we know that we have many foreign citizens visiting our website and therefore we must comply in some fashion.” What is more common is that states are beginning to enact their own data privacy laws. Take California for example. The California Consumer Privacy Act of 2018 mirrors the EU law in many ways. Data accuracy and notification to those subscribing on how their data is being used is required, as is the honoring of a citizen request to see what data the organization is collecting or holds on them. Other features include posting a privacy policy on their website that states:
According to legislative tracking website Quorum, more than 200 pieces of legislation on privacy have been debated in state legislatures so far in 2019.
On a personal level, folks like you and I should be more attentive to what data we make available online. As I like to say often, the devil is in the details. Listed below are some questions to ask yourself and to share with your county departments and your citizens:
The good news is that terms and conditions on most sites are much more transparent these days.
Consider the Facebook terms:
While, the Section 2 reference is quite extensive and not reprinted here, it covers what Facebook does with your data.
While one may or may not be comfortable with these additional details, it is important that you are aware.
You can find out more at https://www.facebook.com/about/privacy/update.
If nothing else after reading this article, I would highly encourage you to consider the questions above and to look at what those major sites (like Facebook) do with your data and to whom they share your personal information.
Awareness is critical in balancing privacy with convenience.
Remember data rights equal human rights!
Hero 1
<p>In today's rapidly evolving digital landscape, counties are presented with opportunities to enhance the quality of life for their residents through innovative technologies.
<p><strong>October 17th, 2023 | 1 PM Eastern </strong><br />
<br />
<p><strong>October 18th, 2023 | 1 PM Eastern </strong></p>
<p><strong>October 23rd, 2023 | 1 PM Eastern </strong></p>
<p><strong>October 25th, 2023 | 1 PM Eastern Time</strong><br />
<br />
<table border="1" cellpadding="1" cellspacing="1" style="width:100%" summary="call-out transparent">
<tbody>
<tr>
<table border="1" cellpadding="1" cellspacing="1" style="width:100%" summary="call-out">
<tbody>
<tr>
<td>
<p>All matters pertaining to telecommunications and technology policy, including, but not limited to, the county role as a telecommunications regulator, service provider, and consumer, cable services technology and implementation, info
<table border="1" cellpadding="1" cellspacing="1" style="width:100%" summary="call-out transparent jump">
<tbody>
<tr>
<td>
Connect your residents to affordable high-speed internet
Through the FCC's Affordable Connectivity Program, counties have a central role in providing all residents with an equal chance to connect to high-speed internet in their homes.
Learn More
