Whether through investigative reports by esteemed publications such as The New York Times or video compilations of Mark Zuckerberg, Facebook’s CEO, drinking water at his Congressional testimony, internet privacy has recently come to the front of issues in our increasingly digital age.

On March 17, 2018, The New York Times and The Guardian published a report that Cambridge Analytica, a political consulting company, had amassed information from over 50 million Facebook accounts; this number was later corrected to 87 million. To maintain the essential human right to privacy, social media platforms, users, and legislators need to take measures to better protect users’ data.

Facebook, founded in 2005 by Mark Zuckerberg, is the most popular social media platform in the world. In 2007, Zuckerberg launched Facebook Platform, which gives developers the ability to construct applications entirely integrated with the social media platform. Consequently, users can connect to more services through Facebook, and developers receive access to a wide audience and user data from their applications, which they can use for research purposes or to improve their products.

Aleksander Kogan, a professor at the University of Cambridge in England, was one of the developers who used Facebook Platform. His application, This Is Your Digital Life, prompted its approximately 270 thousand users with several personality quizzes. However, rather than using the data that he collected on users and their friends—privacy settings permitting—for research purposes, as Facebook believed he would, Kogan sold it to Cambridge Analytica.

Cambridge Analytica is a United Kingdom-based political consulting group which, according to its website, “uses data to change audience behavior.” This company has allegedly impacted the outcomes of two hundred elections around the world, including in European countries, Kenya, Nigeria, Mexico, Brazil, India, and Malaysia. The firm is currently under investigation for allegedly influencing the 2016 American presidential election and the UK’s Brexit referendum.

Kogan could collect data on users under Facebook Platform’s terms of use; however, distributing or vending data harvested by third-party applications went against Facebook’s policy. In 2015, Facebook discovered what had occurred, took the application off their platform, and ordered Kogan and other recipients of the data to erase it. Nevertheless, on March 17, 2018, The New York Times and The Guardian published that “interviews with a half-dozen former employees and contractors, and a review of the firm’s emails and documents, have revealed that Cambridge not only relied on the private Facebook data but still possesses most or all of the trove.”

Privacy has been considered a human right for centuries, and policies have always been implemented to enforce it. However, as the world has become increasingly integrated with the internet, the lines have blurred. Although invasions of privacy exist online, they are treated with less gravity than their offline counterparts. Accounts on networks like Facebook are snapshots of humans’ lives, so taking data from someone’s account without their permission is akin to going to their house and looking in their window, or following them around. Just as the latter would be wrong, parties like Cambridge Analytica having access to our data without our consent is inappropriate. Since the March 17th reports surfaced, all parties involved have tried to extricate themselves from blame. Nonetheless, everyone involved should take a share of culpability. The truth is that in order to ensure that we maintain our right to privacy, companies, consumers, and legislators all need to do their parts.

If we trust companies with our data, they need to protect it. The situation with Facebook could have easily been avoided had the company implemented more precautions. Releasing data to app developers can help them improve their products and perform research that we can all benefit from. However, the data that is used should belong only to consenting users, and it should be impossible for this information to stray past its bounds.

In 2015, Facebook eliminated outside developers’ ability to access data on consenting users’ friends. While the feature should not have existed in the first place, this is an example of how the company is continuously working to remedy the flaws in its system. This action must continue, as there are several other measures that Facebook should take.

The corporation needs to encrypt the data that developers can access so that Facebook can “lock” it and prevent the spread of information, like what occurred with Cambridge Analytica. If the data were encrypted this way, the company would not have had to rely on Cambridge’s word, and they could have ensured the deletion. Furthermore, thorough background checks should be conducted on Facebook Platform developers, and applications should be screened before publication to prevent situations like this; while Kogan may have passed a background check, he has announced that his app’s terms of use detailed “commercial use” of user data, which a screening policy could catch. Moreover, privacy settings should be organized in a way that allows users to easily monitor who can access their data. Facebook is currently working to address this particular issue, but this corporation and others need to improve their data protection in all of these areas.

While technological companies receive the most blame for any scandals that occur on their services, they are not the only ones who need to act responsibly regarding data. Users, too, need to take ownership and do their own part to protect their privacy. We need to read through the privacy policy—regardless of how lengthy or boring it may seem—before we sign up to download any application, create any account, or install any software. If companies breach their privacy policy or use our data in ways they should not, it’s on them, but not knowing what we’re signing up for is on us. Legislators must also do their part to protect users and their data by implementing privacy protection laws, investigating instances of abuse as Congress just did, and prosecuting parties like Cambridge Analytica and Kogan who break these rules. We elect lawmakers to help make our societies better places; they need to do their jobs. If these three groups act accordingly, all of us will reap the benefits of our fundamental right; however, if we don’t, we will surrender all of them. As Eric Schmidt, former Executive Chairman of Google, said, “You have to fight for your privacy or you lose it.”