As the saying goes, “Success has a thousand fathers, but Failure is an orphan.” If anyone thought that the firestorm raised by Facebook and its Project Libra would die down, think again. There seems to be a second wave to this tsunami, as next level down technical politicos join the fray. Mark Zuckerberg, the distant “father of the child”, may have been considering an orphanage, perhaps, but such is the challenging task of trying to create a global phenomenon, one that ignores national boundaries in the delivery of its cross-border payment services.
Now it seems that the UK Information Commissioner, Elizabeth Denham, is joining a subsequent wave of regulatory officials that are questioning the security underpinnings of the proposed Libra Coin and its accompanying settlement platform. She and her office published a joint statement that included data privacy commissioners from Australia, Albania, Burkina Faso, Canada, the EU, and the U.S.
The statement shared concerns of the group that, “While Facebook and its crypto-wallet-focused entity Calibra have made broad public statements about privacy, they have failed to specifically address the information handling practices that will be in place to secure and protect personal information.”
The group also included an extensive list of questions that demonstrated a need to get deep in the detail. Such is the case after the privacy transgressions of the past. Trust must be earned. Questions spoke to disclosures to customers, the right of a customer to terminate an account, and how the system would ensure that default settings did not nudge people to hand over personal information to third parties. The need for such detail, according to the statement, was to “ensure the lawfulness of the processing.”
During several very public grillings, David Marcus, the Libra project lead, had responded to such questions by citing the elaborate corporate structures that have been put in place to create information “firewalls”, so to speak. The concerns are about the use of third parties, which Marcus claims will develop wallet services. The scandal that has hounded Facebook for over a year involved the use of data by Cambridge Analytica, a third-party contractor. While Facebook and Calibra may be separate corporate entities, payment flows may take advantage of WhatsApp, an application owned by Facebook.
Denham’s personal concern is the potential for privacy violations:
There is the potential to combine Facebook’s vast reserves of personal information with financial information and cryptocurrency, amplifying privacy concerns about the network’s design and data sharing arrangements. Facebook’s handling of people’s information has not met the expectations of regulators, or their own users.
Denham concluded in the release of the joint privacy statement:
I hope this statement will prompt an open and constructive conversation to ensure that data protection is a key part of the design process and that data protection regulators are a key consultative group as the Libra proposals develop.