John Naughton in today’s Observer has an interesting article on the proposed new EU data protection directive and the way in which Facebook is getting “its retaliation in first”. The proposed “right to be forgotten” is likely to conflict with Facebook’s newish “timeline” facility. And the retaliation? This is how John Naughton puts it:
“The day before the commission made its announcement, Facebook’s chief operating officer, Sheryl Sandberg, gave a speech to a technology conference in Munich. Her menacing subtext was neatly summarised by the New York Times thus: “Concerned about privacy? Maybe you should be concerned about the economy instead.” Translation: mess with us, Eurotrash, and we’ll screw you.
Sandberg’s speech was revealing because it exposes the line of argument that Google, Facebook, et al will use to undermine public authorities that seek to control their freedom to exploit their users’ identities and abuse their privacy. The argument is that internet companies create lots of jobs and are good for the economy and European governments shouldn’t stand in their way.”
Apparently, to back this argument Facebook referred to a report that they had commissioned from Deloitte which concluded that Facebook had indirectly helped create 232,000 jobs in Europe in 2011 and enabled more than $32bn in revenues.
John Naughton is sceptical pointing out that Facebook itself only has about 3,000 employees world-wide and he continues:
“Inspection of the “report” confirms one’s suspicion that you couldn’t make this stuff up. Or, rather, only an international consulting firm could make it up. Interestingly, Deloitte itself appears to be ambivalent about it. “The information contained in the report”, it cautions, “has been obtained from Facebook Inc and third party sources that are clearly referenced in the appropriate sections of the report. Deloitte has neither sought to corroborate this information nor to review its overall reasonableness. Further, any results from the analysis contained in the report are reliant on the information available at the time of writing the report and should not be relied upon in subsequent periods.” (Emphasis added.)
Accordingly, continues Deloitte, “no representation or warranty, express or implied, is given and no responsibility or liability is or will be accepted by or on behalf of Deloitte or by any of its partners, employees or agents or any other person as to the accuracy, completeness or correctness of the information contained in this document or any oral information made available and any such liability is expressly disclaimed”.”
Although Deloitte is normally regarded as a respectable organisation, these caveats plus the rather tendentious conclusions should raise alarm bells.
Or as John Naughton puts it:
“The sole purpose of “reports” such as this is to impress or intimidate politicians and regulators, many of whom still seem unaware of the extent to which international consulting firms are used by corporations to lend an aura of empirical respectability to hogwash.”
Yet reports like this with sensational conclusions seem a particular feature of commentary on the internet.
And especially so in respect of information security, last year the UK Government published figures saying UK cyber crime was costing £27 billion per year and not to be out-done Symantec suggested that the global figure was $388 billion. The reality is that all these figures are unverifiable – and whilst I am quite clear that cyber-crime is a very serious problem for the world economy these estimates are, to use John Naughton’s word, “hogwash”.
Spurious precision – whether it is Symantec’s $388 billion or Facebook’s 232,000 jobs in Europe – should always be treated with caution.