Happy birthday to me! According to Facebook, I joined the social networking site ten years ago today. It’s a rather nice coincidence when writing an in-depth article about the way that Facebook has slowly but surely gained access to every intimate detail of our lives.

In my Faceversary video (their term, not mine), I was presented with images from birthdays, my honeymoon, and some of my closest friends. In previous celebration videos, I’ve been informed how many times someone has ‘liked’ my posts. It knows my birth date, my maiden name, and my phone number. It reads my messages to my husband. It lists my favourite music, films, and restaurants. It knows about that surprise party that I never got around to planning (huzzah for secret events!).

In short, Facebook could easily impersonate me – and quite accurately too – with the amount of data that it has on me. And I’m not alone, and that is exactly what the Cambridge Analytica scandal has highlighted for millions around the world.

What on earth is going on?

Let’s be honest: no one really knows what’s going on at Facebook right now, even Facebook. There has been so much chatter, confusion, rumour, and scandal that the world waited with bated breath to hear what Mark Zuckerberg was going to say to Congress this afternoon.

It all boils down to this: a data collecting and analysis company called Cambridge Analytica (not technically a part of the University of Cambridge, but we’ll come to that) was filmed earlier this year boasting that they could swing elections, change public mood, and place politicians in seats of power.

Not something that you want to get caught on camera saying, particularly when your tool is data collected from a game app published through Facebook.

The blame game started early, and now a second company involved in the Brexit vote called Aggregate IQ has been banned from Facebook along with Cambridge Analytica itself. Poor old Mark Zuckerberg – which is how I like to see him, rather than a mastermind slowly bringing the world under his control – has now faced Congress in the States to answer for his company’s actions.

So what do we know?

Knowledge is power, and according to a recent study, thousands of companies could have your personal data. That means so much more than just your name, address, and date of birth. Your voting decisions (assumed or real), your sexual preference, your gender identity, your school grades, when you last received a speeding ticket – all of this data could be stored by someone that does not have your best interests at heart.

As we have all discovered with the internet, once it’s out there, it’s almost impossible to completely take down. One journalist, Frederike Kaltheuner, has started contacting each of the 600 apps that she has downloaded over the last year, attempting to discover what data they store about her – but she has estimated that it could take over a year to complete.

What does that mean for Facebook?

As the world of virtual lives, social media, and big data has crept up on us, international law has not kept up. It is almost certain that data laws nationally and internationally will need to respond to this feeling of violation that many of its citizens feel – after all, 87 million people had their data taken by Cambridge Analytica alone. That’s over 1% of the world’s population.

That company and their associated app could just be the tip of the iceberg. How many other apps or companies were using this mistreatment of data to gain access to our thoughts, our opinions, our beliefs?

Transparency is going to be key in the future: transparency over data sharing, data storage, and data usage. Everyone is going to want to know exactly where their data is and why, and I would not be surprised if an international law is proposed much like the current Google ‘right to forget’.

What does this mean for Mark?

Poor Mark. If you watched him testify to Congress, you probably saw the nerves in his eyes as he was questioned about what hotel he stayed in the night before (it was relevant, I promise), or the sadness in his eyes when he took personal blame for the problem.

Or am I just seeing that in him? Am I expecting him to feel sorry, and projecting that through my computer screen? It’s almost impossible to tell really, but the stock market was certainly impressed: Facebook shares rose by 5% during his time at Congress, adding to Mark Zuckerberg’s personal wealth by $3bn.

Ultimately though, Mark will have to justify his existence as the supreme head of Facebook if scandals like this keep coming. He simply will not be able to substantiate why he, and not someone experienced at data security, should not be taking the helm.

How will my company be affected?

As new laws come into play (which I am sure they will), you will need to explore how you collect data through all apps. There are already transparency rules for paid online ads, sponsorship, and working with influencers. Now is the perfect time to examine the law to ensure that you are currently compliant, or you’ll end up leaving yourself a huge hill to climb.

Similarly to GDPR, new restrictions could come in place about the way you take, organise, and use data from clients or potential clients – or even your staff. What do you do with the CVs of failed applicants? How secure is the data of your employees, from sick leave to children’s names? Who else has access to the CCTV cameras in your car park?

It’s only when you start to expand your definition of what data is that you start to realise the problem. Data is everywhere, everything. It never stops being generated, and we’re handing it out to everyone we meet.

Does this mean no sharing selfies?

Nope – you’re free to share whatever you want as an individual. Just be aware that you never quite know who is going to access that data, and it’s turning out to be a lot more difficult to remove content from the internet than we ever thought…