
Facebook deceived users about the way it used phone numbers, FTC to allege - jmsflknr
https://www.washingtonpost.com/technology/2019/07/23/facebook-deceived-users-about-way-it-used-phone-numbers-facial-recognition-ftc-allege-complaint/
======
mintplant
Facebook started sending me newsfeed notifications to the number I'd
registered for 2FA, around a year after I'd done so, without any opt-in on my
part.

After the first few, I passive-aggressively texted "go away" back to the robot
buzzing my phone. Within the hour, I started receiving concerned messages from
friends asking whether I was alright... Turns out Facebook posts anything you
text it straight to your profile, and the out-of-context "go away" read like
cry for help.

~~~
WrtCdEvrydy
So you're telling me for the low low cost of porting someone's 2FA cell phone,
I could use it to post to their page and they wouldn't know about it? No need
to reset password, just use the phone number straight to account.

~~~
RL_Quine
SMS source addresses are spoofable, so you probably don't even need to do
that.

------
3xblah
To put this in plain English, could we say Facebook asked for phone numbers in
the name of "security" but there was no restriction on how Facebook could use
those phone numbers. Usage was not restricted to the purpose for which
Facebook collected the numbers. Facebook could use them for reasons other than
"security".

~~~
plasma
I remember Facebook asking for my mobile number for 2FA purposes, with an
explicit note that would be the only purpose.

I didn't trust them then; so didn't hand it over; but is this where they then
re-used the mobile number anyway?

~~~
icebraining
Seems so: "the FTC will allege Facebook misled users about its handling of
their phone numbers and its use of two-factor authentication"

[https://www.reuters.com/article/us-facebook-ftc/facebook-
to-...](https://www.reuters.com/article/us-facebook-ftc/facebook-to-settle-
ftc-privacy-allegations-adopt-new-policies-sources-idUSKCN1UI2GC)

------
taurath
Linkedin (Microsoft by ownership now) should be ready to pay out their own
massive fine, if we're going after dark and deceiving patterns.

~~~
karl_schlagenfu
I created an Outlook email address a month ago and Microsoft blocked it until
I entered my mobile number. Sneaky bastards.

~~~
blackoil
Google does the same, you need to provide mobile to signup, at-least in India.
It is difficult to get a truly private email account.

~~~
karl_schlagenfu
With Microsoft I was able to use my email for 2 weeks before they blocked it,
they don't require the mobile number on sign up. It was a legitimate email,
not spamming etc. so it was pretty bad of them.

LinkedIn is even worse, every week they ask me to add a profile photo even
after I decline, and I pay for LinkedIn premium. Really scummy tactics.

~~~
thaumasiotes
I tried to create a hotmail account a couple of days ago; while they don't
require the mobile number on signup, they do require it before you're allowed
to send any email.

------
_Microft
Facebook showed me my own mobile phone number prefilled into a textfield when
logging into their mobile website and asked if they should add it to my
account.

I never gave it to them and never ever had installed any of their apps. I can
only suspect that they got it by farming my friends contact lists on their
phones.

------
chewz
I had never activated 2FA on Facebook for exactly that reason. And later I had
removed my Facebook account - that was 7 years ago.

Why would anyone had any relation to Facebook - them being such an unethical
company?

~~~
tdy721
I did give it to them specifically for 2FA, and that's the reason I'm kinda
pissed. It's still weird for me sometimes. I feel like logging in with my
phone number didn't work for a long time. Mostly because I feel I'm not 100%
sure it works right now.

Anyways, that came with the promise they would only use it for 2FA. What
happens when they see it in contact lists then? I'm 100% sure they hoover up
the goodies. Ask forgiveness not permission?

I signed up for FB 14 years ago last Sunday. Putting the dorm building and
room number where I lived was a _requirement_ of the signup process. I openly
lived my dorm life on this site. The feds were not on it. Cops? I don't think
so. My mother was _never_ supposed to show up for the party.

On the other hand, seeing Grandma there was dope.

Mark Effing Zuckerburg xD, and he _still runs the place!_

------
Thorrez
>The misuse of the phone numbers was first identified in media reports and by
academics this year.

Wasn't it in 2018?

[https://gizmodo.com/facebook-is-giving-advertisers-access-
to...](https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-
shadow-co-1828476051)

------
hkai
It's ironic that Americans are trying hard to bring down Facebook while
flocking to services like TikTok and games released by Tencent, who use your
data in numerous evil ways and are not planning to tell you any of that.

~~~
webninja
I’m not sure what data TikTok has exactly. What else beyond an email address,
a username, and a user-supplied password?

~~~
cardigan
Faces... Videos of all kinds of people and places.. Friend networks (via who
you follow).. What videos you like showing what you think.. They have a lot of
data

------
lota-putty
Giving up your personal "mobile" phone number to online services which feed on
your brain-chemicals to make profit is like agreeing to place one foot in the
bear-trap.

People's behaviour as a collective is business, a predictability leading to
profit.

For instance, a friend of mine help develop an app which track each product-
placing in super-markets, Store-Planning for profit.

Same reason, most super-malls don't let customers have a time-sense inside the
mall.

------
tzakrajs
Reminds me of the time Facebook reactivated my account and posted on my behalf
when I replied, "No" to their SMS asking me to come back.

Ahh yes, here it was:
[https://news.ycombinator.com/item?id=16244522](https://news.ycombinator.com/item?id=16244522)

~~~
Buge
Reminds me of the time my aunt got an SMS saying reply 1 to post happy
birthday to my dad's wall, she replied 1 and it posted 1 to his wall.

[https://www.reddit.com/r/facebook/comments/2qbg9j/reply_1_to...](https://www.reddit.com/r/facebook/comments/2qbg9j/reply_1_to_post_happy_birthday_text_doesnt_work/)

------
vxNsr
It would be hilarious if the settlement forced facebook to spin whatsapp out.
19bil for nothing

