SILICON VALLEY — An attempt by a United Kingdom-based insurance company called Admiral to collect user data through an application designed to provide customer insurance rates has been shut down by Facebook, the platform used to run the app.
Many have criticized the company's use of data, particularly the type of data. Some of the gathered data reportedly included examining the length of sentences in posts and other seemingly arbitrary data. How they used this data to make policy determinations is not clear, however.
Facebook has been the center of criticism in the past regarding privacy issues. John Verdi is the vice president of policy at the Future Privacy Forum and said there are nuances for Facebook and other companies when acting on these policy breaches.
"Facebook has also in the past done a number of things that are pro-privacy," Verdi told the Northern California Record. "Facebook has provided end-to-end encryption for some of its messaging services, for example. They have pushed back against governments and companies using data to make determinations about an employee's status or in a prospective employee's assessment process. This is not a black and white issue over whether Facebook is bad or good. All companies have a nuanced relationship with privacy issues. In this instance, they are consistent with best practices with companies engaging with these types of issues."
There don't seem to be many, if any, similar examples of companies using social media or user data to create prices for consumers, he indicated.
"This is the first I have heard of a company trying to make a pricing decision based on social media data, but there are examples of companies using data to set prices," Verdi said. "Airlines are a traditional example. They offer different prices for consumers depending on frequent flyer miles, services used to book, time of booking, etc. There have been discussions about online retailers setting different prices based on geographic location. Devices plugged into a car is an example of insurance companies using data to set prices but not in the way that Admiral was engaging using this app. I'm not aware of other companies using social media data to set insurance rates."
One of the reasons could be that companies in the United States would be held to laws involving fair credit reporting and other practices that are strictly regulated.
"This insurance company was intending to use this service in the U.K., so I'm not familiar with the specifics of British insurance law," Verdi said. "In the U.S., it would be subject to the fair crediting reporting agency regulations, which requires using accurate data. In the U.S., it would raise a lot of questions about accuracy and access to that data. Facebook's platform terms specifically call out these eligibility determination use and they are particular protective over this sort of use of data."
The company's defense was that users could opt in or out of the app that collects the data via Facebook. However, reports suggest the way the data was analyzed assumed various things about users who used exclamation marks or made certain length sentences in posts and so forth.
"Facebook provides a number of terms," Verdi said. "Facebook specifically said it was so potentially risky, they prohibit third parties from using data in this way at all. It's Facebook's platform and they made a decision that it was inappropriate."
Verdi said platforms like Facebook can be powerful and influential in terms of privacy standards.
"I think this is overall a good example of how powerful platforms can be to put in place meaningful privacy safeguards that address the most serious risks to their users," Verdi said.