It is a complex, multi-faceted, layered, tangled web of a story.
But if the revelations of recent days about Facebook, Cambridge Analytica and its connections to the Trump 2016 campaign tell us anything, it is this: it is well past time that we reassessed our relationships with social media.
There are multiple shocking aspects to the story, as laid out by the Guardian, The New York Times and Channel 4 News in recent days.
First, there was the placement in 2014 of the seemingly innocuous "thisisyourdigitallife" app on Facebook by Cambridge University professor Dr Aleksandr Kogan, which purported to be a "personality test" for a research project, but was actually being used to harvest huge amounts of data about users.
There’s the fact that not only was that app capable of probing the lives of the 270,000 people who signed into it, but it was also able to reach deeper and scrape information about their friends too, something that astonishingly was considered okay by Facebook at the time.
Then there was the apparent passing of the data relating to that collective 50 million people to Cambridge Analytica, a political consultancy in London, in clear violation of Facebook’s terms and conditions.
And there’s the allegation, denied by Cambridge Analytica, that it used that treasure trove to understand individual US voters preferences better, so that they could then be micro-targeted with very specific hard-hitting ads and messages that favoured Donald Trump.
In essence, the claim is that Facebook users’ data was used against them to influence and manipulate their voting behaviour, in what if proven to be effective would amount to an extraordinary undermining of the democratic process.
There’s also the shocking reality that none of this was stopped by the authorities or by Facebook.
The Office of the Data Protection Commissioner (ODPC) here, which is responsible for regulating Facebook’s international headquarters in Dublin, learnt from Austrian privacy campaigner Max Schrems in 2011 about the loophole that allowed Facebook users’ friends’ data to be harvested by developers.
But despite the ODPC recommending it be closed in 2011 and 2012, Facebook sat on its hands until 2014, closing the loophole just after Dr Kogan had extracted the data he needed for his "research" that same year.
Why though did the ODPC not do more to ensure it be dealt with sooner? And where was the UK’s Information Commissioner during all this?
EXCLUSIVE: Cambridge Analytica bosses say they "ran all the digital campaign" for Donald Trump - including potentially illegal activities. pic.twitter.com/kS0n88n5ud— Channel 4 News (@Channel4News) March 20, 2018
Facebook discovered that the data had been transferred to Cambridge Analytica in 2015.
But while it did seek and received written undertakings that it be destroyed, it didn’t tell regulators and it didn’t tell the users.
That’s because Facebook claims that although its users had been misled by Dr Kogan, there hadn’t been a data breach in the traditional sense, as there had been no unauthorised access, nor had passwords or other sensitive information been compromised.
Many experts though would beg to differ on that interpretation, which is now being probed by the UK’s Information Commissioner and the Federal Trade Commission in the US.
Finally, there’s the shocking revelations unearthed by the excellent undercover reporting by Channel 4 News, about the wider alleged practices of Cambridge Analytica.
Secret filming recorded senior executives, including now suspended CEO Alexander Nix, talking about how they could entrap politicians in compromising situation to discredit them, how they ran parts of Donald Trump’s campaign and discussing coordination between that campaign and outside groups – an activity that is potentially illegal.
Cambridge Analytica’s board says Mr Nix’s comments do not reflect the values or the operations of the firm.
In the wake of the avalanche of disturbing claims, there has been the usual predictable wave of shock and anger from public representatives, regulators and tech companies.
Facebook says it is outraged. Politicians from Dublin to London to Brussels to Washington are calling for accountability and launching inquiries. Annoyed social media users have threatened to delete their accounts.
What, if anything, will actually happen is unclear.
But what is quite clear is this. Internet and social media firms have been let away with light-touch or in some cases no regulation for far too long.
The tech industry is driven by many of the brightest minds on the planet and moves at lightning speed.
It has been, therefore, next to impossible for ill-equipped regulators and public representatives, who in most cases haven’t the first idea of what is involved, to keep up and to come up with the legislation, policy and enforcement tools to keep check.
There’s also the added problem, particularly in this country, that so much of our economy is grounded in digital services.
That has given tech companies significant clout when it comes to formulation of policy that may damage their operations.
It’s time, therefore, for the political and regulatory establishment to get tough.
Where regulations are deficient, like for example around the area of micro-targeting of political ads, legislators here need to plug the gaps.
The beefing up of resources at the Office of the Data Protection Commissioner needs to continue and that body needs to flex its muscles around the countless large and influential tech firms here to show them who is boss.
And finally, we need to play our part.
Long gone are the days when "I didn’t know" or "I didn’t understand" are legitimate excuses when it comes to data protection.
We may not have the time or the knowledge to understand the reams of terms and conditions we must agree to when we sign up to use internet services.
But often common sense is a far more potent tool than being able to interpret jargon and legalese.
Don’t share, don’t like, don’t download, don’t post unless you understand and are prepared to live with the consequences of your actions.
Inform yourself about privacy settings and if you dislike the options or the results, then simply stop using an app, or better still, delete it.
The old hackneyed phrase, if you are not paying for an internet product, then you are the product, has a strong element of truth to it.
As a result, if you want to help influence behaviour in the internet industry the only effective way you can do so is by withdrawing your trust and your data, which are the lifeblood of the tech industry.
And whatever happens, don’t take it for granted that tech companies, regulators or politicians have your back.
Because if the last few days have proven anything, it is that they clearly don’t.
Comments welcome via Twitter to @willgoodbody