A recently leaked internal memo from Facebook revealed that the company has no idea where its user data are going or what it is doing with them. This revelation could complicate the company's future as a growing number of countries attempt to regulate and protect user privacy and digital ad sales.
Facebook's privacy engineers, in a 2021 memo according to Motherboard, wrote:
"We do not have an adequate level of control and explainability over how our systems use data, and thus we can't confidently make controlled policy changes or external commitments such as 'we will not use X data for Y purpose'. And yet, this is exactly what regulators expect us to do."The memo addressed the growing pressure from the European Union and India over the company's use of private data in advertising and claims that past policy attempts were "insufficient."
The reason for problems is what the engineers call "data lineage." Regulators have attempted to control what data are gathered and how they are used. For example, the EU's General Data Protection Regulation requires that any collected personal data be "collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes." This means that any data a company collects for a specific purpose, such as identity authentication, must only be used for that purpose and not for anything else.
Comment: Do you know where your data is? Neither does Facebook! Original Document (PDF)