For the past month you have been hearing all about how social networking is stealing your data, ruining your life and manipulating your information for distribution on the shady dark web. If you haven’t heard all about this, you’re probably only just figuring out the internet. Welcome, enjoy your stay and don’t worry too much about what I just said. Mistakes were made but I’m sure you’ll be just fine.

To begin with we should be asking just how big this data breach was. Its important to realise that this was not just Facebook. The entire business model of Facebook wasn’t just to provide us a social network where we can see random photos of our high school exes, play Farmville or read in horror as your quiet auntie posted more and more frighteningly racist rants straight out of Nuremberg. In order to monetize their business, Facebook algorithms collected your personal information so that they could place targeted advertising on your page. It became one of the most effective advertising mechanisms of all time. Mark Zuckerberg didn’t become a billionaire by being altruistic. Let’s face it, nobody ever does.

You might want to find out exactly what data Facebook holds. It may give you peace of mind, or send you in to a fit of paranoia, but the process is quite simple, and I actually did it myself.

To download a copy of your Facebook data:

1. Click ∇ at the top right of any Facebook page and select Settings.
2. Click Download a copy of your Facebook data below your General Account Settings.
3. Click Start My Archive.

 You’ll receive an email to the address linked to your account notifying you that your archive has begun and then another when it is ready for you to download.

As I went through my data, there were a lot of things that I had no idea Facebook had collected about me. The first thing I checked was the security settings which gave me 6 years of various IP addresses where I had logged in to Facebook and what I had done while logged in. I was also provided with a 12-month list of every article I had clicked on, which was linked to an ad. Plus a long list of companies and services that had been provided with my information, and demographic data, collected by Facebook.

It really was quite the creepy walk down memory lane. Every photo I had ever posted, every video or photo ever sent to me (even via private message) or that I was tagged in, and the phone number of every single person on my friends list.

If like me, you use an Android phone, prepare for another level of surprise. There was a feature (no longer available) where if you “opted-in”, data was collected from every phone call you made, how long those calls lasted and who was in your address book. Now it does seem simple enough why they would want to do this. For months, I would see links to invite people to Facebook if I had a different number for someone who may have been already on. It wasn’t sophisticated enough to discriminate so you may have even received notifications to send a Facebook sign up invitation to a store that you called or restaurant where you booked a table.

In essence, Facebook has created the world’s most sophisticated advertising platform. It doesn’t limit itself to what you have done on Facebook, but as the Android example above shows, as well as the IP log in history, it’s a timeline of what you have done outside of Facebook even if only remotely related. Ever thought “Hey this quiz will tell me which Game of Thrones house I belong to”, or “I wonder what I would look like as a movie star” and the like? Well if you have ever logged in, you always have to give your consent to allow the application access to your Facebook page. These apps never needed to access your timeline as every result was a selection from a randomly generated pre-determined result. The only reason to do this was to provide the illusion that there was some algorithm analysing your personal information to give you an “accurate” result, when the reality is you were giving permission for them to gather your data.

Beyond just those apps or games that you gave permission to, Facebook also tracks all sites or pages that you visit if you haven’t logged out of Facebook first.  Ever wonder why you seem to see adverts for concert venues after visiting a band’s page or buying tickets online and that a lot of your friends seem to like the page for that venue?  But it makes life so easy when you just want to like or share that super intelligent article that you just read on a Mensa site….OK skimmed and didn’t fully comprehend, but your Facebook friends don’t need to know that.

With quizzes, likes and shares, external companies have quite inexpensively created a way to access aspects of your Facebook profile data and disseminate their messages to your friends, and friends of friends.  Facebook also collates and sells this data on to interested advertisers. It may not have stopped at just your shopping habits either. This data could allow advertisers to target you with adverts or links to political organisations, lobbyists, and allow Facebook to send targeted “news” or announcements to your feed as a sponsored link. If you are one of those people who has always thought those quizzes were vacuous and got sick of the results of your friends clogging your timeline, congratulations your cynicism has just paid off.

Of course, the true genius of Zuckerberg is that not all data would have been shared with third-party companies.  The more data companies wanted to access, the more it would cost them.  This is why some would just ask for your contact details and friend lists, so they could target your entire friends list with how awesome “Farmville” is and how much fun you were having playing.  The deep-dive “big data” is a prize beyond gold, and Zuckerberg and his minions would have charged as much.

Now that we now have a picture for how deep the rabbit hole goes, there is the question you are no doubt asking which is, what can I do about it?

In Australia, thankfully only a small number of people were affected. By small, this number is sitting at around 300,000 users. But keep in mind that in the Cambridge Analytica breach alone, there were 87 million accounts affected.

Under our own Privacy Act, political organisations are exempt from the rules and we have no right to sue companies for data breaches. There are rules that say any organisation collecting data has to comply with proper notification about the collection and the data must be stored securely. Facebook has already responded to this and defended their methods so expect little else to come from this. Given these events, outrage is all we can really muster at this point. Having said that, our own Office of the Information Commissioner is conferring with other international agencies given the global scope of this. In the US, the Federal Trade Commission has launched a probe as well as the Attorneys General of various states. I would also imagine that Mark Zuckerberg and Sheryl Sandberg will be facing congressional and/or senate hearings in order to answer for these data breaches.

But let’s be honest – nobody really cared about strict privacy on social media for the last ten years that we have been living with it. We were caught up in the ease and convenience of staying in contact with everyone we knew, seemingly for free. Many of us have only woken up with the Cambridge Analytica breach. We have had a collective indignance unleashed that was pent up for the last decade. This is something we never thought we would have to worry about. We loved that we could have the ability to contact people for free and without the time required by email or a phone call.

What really needs to happen from this point on is that we have been given a choice. To borrow a Matrix analogy, it really is a red pill or blue pill scenario. You take the red pill and continue in your happy blissful ignorance. Nothing changes, and you continue to use social media in the way you always have, and you place your trust in the system. You believe that Facebook will make the changes they have promised (only after being caught) and life goes on. On the other hand, you can take the blue pill.

I’m not for a moment suggesting a hyper vigilant stance to avoid a war with the machines or that we all delete our Facebook accounts tomorrow. Even though the irony is somewhat poetic that people are using Facebook in order to decry it by pushing a “Delete Facebook” movement.

I’m not even suggesting that we use assumed names to communicate with each other. It’s technically against Facebook’s terms of service to use a nom de plume but I was sent a message the other week by someone using the Facebook profile name and photos of Ernesto ‘Che’ Guevara. So maybe Facebook still has some ways to go about what exactly violates their terms.

Be wary of what you post and check your privacy settings so that if you choose to keep posting bikini photos of yourself, only your friends can see them and not every random on the web. Be more selective in what you say instead of using social media as your agony aunt or to “humble brag” about how wonderful your life is (just to scare you a little more, how many of you knew your Instagram bikini pics also belong to Facebook, just as they own Instagram). It may be a wake-up call to stop playing Facebook games and doing inane quizzes about who would play you in a movie about your life. Maybe take a step outside and enjoy a non social media oriented day. Wait….do you see that big orange ball of fire in the sky outside? Okay, that’s enough for me. Back to my panic room I go.