On 28th October 2021, Mark Zuckerberg announced that Facebook Inc. will now be known as Meta. Putting aside some twinges about the overtones about taking over the world (it has quickly been called the ‘Facebook metaverse’), what concerns me is whether the new name means a change in approach for Facebook, or whether the Facebook metaverse will be business as usual, particularly when it comes to data privacy? Notoriously, Facebook has demonstrated a history of lack of consideration for the privacy of their users’ data for many years, most notably the Cambridge Analytica scandal which saw 87 million users’ personal details breached and now there are many, including myself that are questioning the continued faith into this company.
Facebook Inc.’s spotty data privacy past
Followers of Facebook’s data privacy history may be forgiven for thinking that they have prioritised profit over user rights. Their various crimes against user data privacy have been well documented, and you don’t really need to have a good memory to remember some of the more audacious data privacy infractions carried out by Facebook Inc. But just in case you can’t remember, or you’ve blocked them out, here’s a quick recap of some of the more newsworthy data breaches from Facebook:
March 2018: Cambridge Analytica. A Facebook whistleblower revealed that Cambridge Analytica had harvested 50 million Facebook profiles to support the presidency campaigns for Ted Cruz and Donald Trump. The fallout from this event is still ongoing.
March 2019: Security researcher Brian Krebs revealed that approximately 600 million Facebook and Instagram user passwords were saved in a non-encrypted (plain text) file which was easily accessible to over 2000 Facebook employees. Furthermore, the passwords included in this ran back several years to 2012!
December 2019: Yet another unprotected database was breached, and the details of nearly 300 million Facebook users’ names, phone number and online IDs were passed around various hacker forums..
These are just three examples of a long list of data privacy breaches originating from Facebook. A more complete list can be found here.
What’s in a name? Why rebrand?
Companies often rebrand as a way of signaling a change of approach and vision in order to inspire customers to get behind and believe in a new idea. Other reasons for a change of brand include showing a change in provision of products or services, or an attempt to escape from bad press.
A successful example of this would be Altria Group Inc., formerly known as Phillip Morris Companies Inc. who decided to rebrand to Altria to improve their public image by dissociating away from the tobacco industry directly, even including the slogan “Moving Beyond Smoking” on their website. This rebrand was coupled with an increase in corporate social responsibility which helped their bad press problem.
However Facebook don’t seem to be following this path. This rebrand feels less like a move away from their history, rather a move towards their future, without a real change in direction. Meta feels like… more, as in there’s now a Facebook metaverse.
With this being said, is the Facebook metaverse a shift in brand?
Some commentators have suggested that this rebrand is designed to further separate the futuristic work Zuckerberg is focused on from the intense scrutiny Facebook is currently under. While this feels like a plausible reason, there isn’t any telling that the Facebook metaverse’s ethics will be any different to old-school Facebook’s ethics.
By moving to a wide open name such as ‘Meta’, Facebook are making everyone aware of their size and reach. For many of us that bears ominous tones for a company who have already shown that they do what they want without fear of consequences. Recent evidence has certainly shown that they don’t fear the Ireland Data Protection Commission who are responsible for charging them against GDPR violations.
Also it is worth noting that changing name of something as large as Facebook to Meta might not even signal a change in direction. It is important to be sceptical about this due to what is at stake, being our personal data online.
Furthermore, Zuckerberg has also announced that the Facebook metaverse will incorporate WhatsApp and Instagram. Their efforts to date in incorporating these applications have been controversial and unpopular from a data privacy perspective, but it appears that Meta are still determined to do it. That certainly isn’t a change in direction.
My main concern with the Facebook metaverse is that this feels like more of the same old Facebook, only bigger. What we want to know is will this lead to even larger data privacy infractions amongst its ever-growing userbase? We hope not.
Sonny Sehgal is the CEO of Transputec, an IT Services Company based in London. Sonny’s area of expertise is in cyber and information security, and he is always interested in new developments, both good and bad, across the data privacy space.