In the last week, Facebook disclosed a campaign by foreign interests – likely from Russia -- to disrupt the 2018 midterm elections and announced dramatic spending increases on improvements to data privacy and security.

Scott Shackelford, associate professor of business law and ethics in the Indiana University Kelley School of Business, chair of the Cybersecurity Program and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance at IU Bloomington, said the company has begun taking proactive steps to strengthen its systems against hacking and misuse, but could do more.

“Aside from taking down pages sponsored by foreign adversaries, Mark Zuckerberg has promised the company will apply the protections of the European Union’s General Data Protection Regulation to all users around the world. It will also require political advertisers to provide additional transparency, as a new weapon in the reported ‘arms race’ Facebook finds itself in with Russian propagandists. And the company is partnering with researchers to better understand its role in elections.

“Zuckerberg himself has already embraced the idea that internet access is a human right. And his company is planning to 'connect the next 5 billion people' who have yet to go online. That will, of course, also create plenty more Facebook users just as the company’s growth plateaus in the West. But that’s not enough. Its market power alone could make it a major advocate for privacy and cybersecurity around the world.

“The company could, for example, back efforts to modernize international privacy law. Facebook could also require its vendors and partners to provide world-class cybersecurity protections for users and their information. It could, in short, lead a global race to the top and in the process promote cyber peace. In coordination with other tech firms like Twitter, as seen recently with the Cybersecurity Tech Accord, those efforts would only be more likely to succeed.”

Shackelford can be reached at 812-369-1612 (m), 812-856-6728 (o), [email protected] and [email protected].