New verification features may add to social media platforms' woes

Earlier this month, Facebook parent Meta Platforms rolled out account verification with government ID proofs for content creators in India. Similarly, the largest professional network LinkedIn launched ID verification for Indian members. Though these announcements did not make big headlines, they have grabbed the attention of advocacy groups and data privacy experts.

Under the new Meta Verified service, the company accepts any photo ID issued by the government, as well as IDs from non-government organisations, official certificates or licences. As per Facebook’s help centre page, the copy of the ID document will be encrypted and stored securely. In special cases, the document may remain stored with Meta for up to one year.

LinkedIn has allowed users to get a verified profile with a DigiLocker copy of a valid government-issued Aadhaar ID. The verification is free and available to all users above 18 years. In India, the ID will be verified by AI-based identity verification firm HyperVerge with a selfie check to match the face of the user with that of the photo ID.

Salman Waris, the managing partner at technology law firm TechLegis Advocates & Solicitors says, “Sharing of any personally identifiable data with a social media platform creates an additional risk. Internationally there have been cases of data breaches from social media websites in the past. The new verification features do create a whole set of responsibilities on social media websites.”

He added that “If there is a breach, whether it is discoverable or not, and when it is discovered what action the government is going to take, and what would be the quantum of damages these are all very debatable questions. As of now, we do not have a separate data protection law. So the risk elements are high.”

However, platforms have ruled out the possibility of a threat to users’ personal data.

“We have launched Meta Verified with a very high identity standard, to ensure our processes can effectively detect and act on harmful behaviour including impersonation attempts. We use your ID to confirm your identity before we approve you for a Meta Verified subscription and your ID is not visible on your profile, to friends, or to other people on Facebook. We will securely store your ID for 30 days for processing, and then will delete it,” a Meta spokesperson told Business Standard. 

On the other hand, LinkedIn says the data provided in the government ID will not be accessed by it.

“LinkedIn does not have access to any sensitive data from your Aadhaar. LinkedIn only receives name, city (state and country), and year of birth, which is not visible to others but may be used for security purposes. LinkedIn will also not have access to the documents in your Digilocker account,” said Ashutosh Gupta, India Country Manager at LinkedIn.

According to sources, the government is likely to propose provisions to make social media platforms liable for content posted by non-verified user accounts, as part of the upcoming Digital India Bill. The responsibility for content generated by verified accounts may remain with the user.

Analysts link the new trend of social media companies encouraging account verification with their attempts to create new revenue streams. Adarsh Sharma, Managing Director at management consultancy firm Primus Partners says the authenticity of data available on the platform will be a game changer, as platforms turn towards newer integrated services.

“With marketing spending getting trimmed since the time of the Covid-19 pandemic, there was a greater emphasis on conversion or return on investments. If you are looking at greater responsiveness from the databases that will only happen when you are 100 per cent sure that the database is authentic enough,” Sharma said.

Meta Verified is priced at Rs 599 per month for web-based subscribers and Rs 699 for Android and iOS users. Along with a verified badge, users will get increased visibility and reach more protection from impersonation, and access to help from Meta’s representative for common account issues.       

Amol Kulkarni, director (of research) at public policy research organisation CUTS International, said, “Users will need to share government-issued ID and pay monetarily, in addition to providing their data. Avoiding online scamsters from impersonation and better grievance redress from platforms, are things that should be available uniformly to all users.” 

Kulkarni adds that the verification features are not foolproof, and can be misused by suspicious entities to create false impressions of trust and fuel echo chambers on the platforms.

“The process of authentication and storage of id documents for a significant period exacerbate privacy risks, and concerns around data sharing with third parties, particularly in the absence of stringent data protection law,” Kulkarni added.