Chris Hughes, a co-founder of Facebook, recently noted the public scrutiny of Facebook is “very much overdue”, declaring “it’s shocking to me they didn’t have to answer more of these questions earlier on”.

Facebook chief executive officer Mark Zuckerberg’s testimony before the US Senate did little to shore up public confidence in a company that traffics in its users’ personal data.

The most telling moment of testimony came when Illinois Senator Richard Durbin asked whether Zuckerberg (pictured) would be comfortable sharing the name of his hotel and the people he had messaged that week, exactly the kind of data tracked and used by Facebook.

Zuckerberg replied he would not be comfortable. “I think that may be what this is all about,” Durbin said. “Your right to privacy.”

Critics of Facebook have been making this point for years.

Stefano Quintarelli, one of Europe’s top IT experts and a leading advocate for online privacy, has been a persistent and prophetic critic of Facebook’s abuse of its market position and misuse of online personal data.

He has long championed a powerful idea: That each of us should retain control of our online profile, which should be readily transferable across portals.

If we decide we don’t like Facebook, we should be able to shift to a competitor without losing the links to contacts who remain on Facebook.

For Quintarelli, Cambridge Analytica’s abuse of data acquired from Facebook was an inevitable consequence of Facebook’s irresponsible business model.

Facebook has now acknowledged Cambridge Analytica is not alone in having exploited personal profiles acquired from Facebook.

In personal communications with me, Quintarelli says the European Union’s General Data Protection Regulation (GDPR), which takes effect on May 25, following six years of preparation and debate, “can serve as guidance in some aspects”.

Under the regulation, he notes, “non-compliant organisations can face heavy fines, up to four per cent of their revenues.

“Had the GDPR already been in place, Facebook, in order to avoid such fines, would have had to notify the authorities of the data leak as soon as the company became aware of it, well in advance of the last US election.”

Quintarelli emphasises: “Effective competition is a powerful tool to increase and defend biodiversity in the digital space.”

And here, the GDPR should help, because it “introduces the concept of profile portability, whereby a user can move her profile from one service provider to another, like we do when porting our telephone profile — the mobile phone number — from one operator to another”.

But “this form of ownership of one’s own profile data”, Quintarelli continues, “is certainly not enough”.

Just as important is “interconnection: The operator to which we port our profile should be interconnected to the source operator so that we don’t lose contact with our online friends. This is possible today.”

Sarah Spiekermann, a professor at the Vienna University, is another pioneer of online privacy who has long warned about the type of abuses seen with Facebook.

Spiekermann, a global authority on the trafficking of our online identities for purposes of targeted advertising, political propaganda, public and private surveillance, or other nefarious purposes, emphasises the need to crackdown on “personal data markets. Ever since the World Economic Forum started to discuss personal data as a new asset class in 2011,” she told me, “personal data markets have thrived on the idea that personal data might be the ‘new oil’ of the digital economy as well as — so it seems — of politics”.

Facebook’s immense lobbying power has so far mostly fended off the practical ideas of Quintarelli, Spiekermann, and their fellow campaigners.

The recent scandal however has opened the public’s eyes to the threat that inaction poses to democracy itself. The EU has taken the lead in responding, thanks to its new privacy standards and proposed greater taxation of Facebook and other peddlers of online personal data.

Yet more is needed and feasible.

Quintarelli, Spiekermann, and their fellow champions of online ethics offer us a practical path to an Internet that is transparent, fair, democratic, and respectful of personal rights.