Anyone paying attention to the news recently has probably heard about the Facebook data breach and seen Mark Zuckerberg’s Senate hearings. While many know that many Facebook users’ data was collected, the exact details of what happened go far beyond this. The scandal began at the beginning of March, when it was revealed that Facebook had shared information of over 50 million users with a data analytics company named Cambridge Analytica, whose prominent clients included President Donald Trump’s election campaign. The actual process of the data collection was done through an application that would send data to the company when Facebook users accessed the app. This behavior by apps is routine on Facebook, and in fact, while using Facebook, you consent to applications collecting your data. However, Facebook prohibits said collected data from being distributed, which is exactly what Cambridge Analytica did. After the allegations came to light, Facebook immediately banned Cambridge and any related companies from using their platform. Nevertheless, this data breach raises the concern of how well Facebook protects from companies like Cambridge who wish to misuse user data.

While these allegations have been surprising to some, what may be more surprising is exactly how many websites and services use data like this. Windows 10, for example, is notorious for being a privacy nightmare. By default, your computer can send your keystrokes, web history when you browse on Microsoft Edge, and samples of your voice when you use the microphone to Microsoft. While these options can all be disabled within settings, there are many more details about your computer usage which are sent to Microsoft no matter what. These include data such as gyroscope readings, which tell Microsoft the orientation of your device, which apps you use, media consumed on your device, and performance data. Microsoft has created a downloadable app (shown on the left) which allows the user to see what data is being sent to Microsoft. Upon opening the app, seeing the sheer amount of data is overwhelming. What may be more surprising is that nearly every large tech company uses data in this way. By signing into a Google account, or even using Google Chrome, you are allowing Google access to your entire browsing history, any forms you enter, and in some cases, keystrokes. All of this data can and has been sold to advertisers who use it to create the targeted advertising users often see, and while the data is safe when secured in Google or Microsoft databases, if it were to be distributed to another source, like what happened in the Facebook scandal, much of your personal data could be at stake.

As a user of applications which collect your data, you cannot control what companies collect and what they do with your data. However, by reading the EULA agreements you can see what the company is entitled to do with your data, and be cautious. Sophomore Andrew Zhang,  is an example of someone who is aware of data collection and takes measures to ensure his own privacy and safety. Andrew said of data collection, “I think the way they collect data is unethical. No explicit user consent is needed to collect and sell your data […] The biggest concern, I think, isn’t really that big companies have your data, but the potential for a data leak.” When asked what measures he takes to ensure his privacy, Andrew said, “I personally use umatrix and ublock origin as web extensions and modified windows settings for privacy; but for maximum protection, you’d want to look into an open source OS also.” Given the volume of data collection, it is important that people are aware of what is being collected and know of ways to increase privacy on the internet.