Facebook and Equifax couldn’t be further apart in the services they offer, but both inflicted intolerable harm on their customers and country. Both are secretive and have resisted any outside inquiry or oversight, but both are now being brought before Congress in sweeping investigations of their wrongdoings.
Equifax and Facebook each have failed at what they profess to be experts at. Equifax had one job to do: protect all of the personal data they hold for most of the county’s adult population.
It’s really not that hard, but because of employee incompetence, hiring a chief security officer with no training, and poor leadership, they failed to keep their computer software up to date, allowing criminals to steal personal data of 143 million Americans, and potentially steal their identity and damage their credit for decades to come.
Facebook is becoming one of the most highly used advertising and news platform. While we think of them as a social website where we can communicate with our friends, their true mission is to keep us engaged by whatever means possible, to learn all of our likes and dislikes, then to feed us stories and ads that will cause us to stay longer.
As a result, it’s become a platform where many get their news and where advertisers are able to target their ads to those most likely to be receptive.
But they failed to adequately vet the news sources, the content, and the ads that automatically appeared on the site. They failed to distinguish between real news and news that was made up to incite and exploit. And they acted as an amplifier to help people spread it to friends.
Their advertising algorithms allowed others to create advertising campaigns to target people with specific characteristics, whether they were benign or evil.
Both Equifax and Facebook inflicted damage that will last for years. And both failures were the result of arrogant management that is still in denial.
Facebook believed that software algorithms could do a better job than people in creating the ads and supplying the news that we saw. By using algorithms, or formulas that automatically make decisions about what to do, they eliminated human judgment and allowed users to be exploited by criminals and extremists.
Now both companies are being called before Congress in an effort to better understand what happened. They want to learn why Equifax failed to prevent this huge breach and will consider what new laws might be necessary. They want to know why some executives sold their stock between the time the breach was discovered and it was made public. Why a music major with no training was in charge, and why it took so long to disclose.
From Facebook, Congress wants to know just who they sold ads to, from what countries, and how deep this issue goes. And how they vetted news sources. And why it’s possible for buyers of ads to target them to those who are anti-Semitic, Nazis, or anti-black. And Facebook just handed over Russia-linked ads to special prosecutor Robert Mueller under a search warrant
We can be skeptical about whether Congress will do anything. Before the breach was announced, Equifax was lobbying to reduce their liability in the case of a data breach by forcing arbitration.
We can hope that each of these events will be wake-up calls that will prevent their reoccurrence. But based on past behavior, it’ll require new laws and regulations for both companies to change their behavior.
Now you know why these companies are more alike than different: Equifax exposed the personal data of 143 million Americans to Russian cybercriminals, and Facebook exposed American civilians to Russian intelligence.