
Zuckerberg Expresses Frustration Over Surveillance - dmazin
https://www.facebook.com/zuck/posts/10101301165605491
======
AndrewKemendo
_I 've called President Obama to express my frustration over the damage the
government is creating for all of our future._

This is why I am leaving government.

I am about the same age as Zuck and have been working in government at many
levels for about 12 years now and I work with people who have been working
policy for over 40 years. The president couldn't care less what most of us
think think...but because Zuck has shitloads of money and manages this massive
platform his voice apparently matters when it comes to national policy over
people who do it on a daily basis. Don't misread this as a hit on Zuckerberg,
it's not at all, it's just illuminating who the government listens to. Nothing
new of course, but it does hit home over and over.

~~~
zachrose
It's not just because Zuckerburg has personal wealth. It's also because
Facebook directly employs thousands of people, pays corporate taxes, enables
new markets that rely on Facebook, and sells advertising to all those other
corporations. His age has nothing to do with it.

~~~
rayiner
"It's also because [] directly employs thousands of people, pays corporate
taxes, enables new markets that rely on []..."

Insert {Halliburton, Exxon, AT&T, Comcast, BP, etc} into those brackets and
you'll get a much better idea of the nature of political influence and
lobbying in the U.S.

This is why I think all the bluster around Citizens United and the influence
of money in politics is overblown. Because at the end of the day, a post-card
listing the number of employees Exxon has in a Congressman's district is just
as effective as a check.

~~~
samstave
Unless i am beng obtuse; i think youre missing the point:

Its not that any of these large companies should not have some influence; the
problem is that having shit-tons of money is the seemingly only requisite to
have ANY influence in government currently.

The term "oligarchy" has real and important meaning.

~~~
rayiner
You are missing the point, because the grandparent post didn't mention money,
he mentioned jobs and tax revenue. That's the real leverage big companies have
over Washington, not the campaign donations which is what everyone harps
about.

Take, for example, the last debate between Obama and Romney, where they took
turns trying to show who was more pro-coal. You think it was because of
campaign donations? Or all the coal mining/fracking jobs in key states like
Pennsylvania?

~~~
samstave
> __ _You think it was because of campaign donations? Or all the coal mining
> /fracking jobs in key states like Pennsylvania?_ __

But that is called pandering. Do I think that they were concerned with any of
the coal jobs? No, I think they were concerned with public perception at the
time they were visible to said public.

Politicians have Schrodinger-Syndrome: They only ___appear_ __to be working
/accountable when you're staring at them through the lens of a national
camera. All other times, they are fervently working on interests which are not
yours.

------
byoogle
> That’s why at Facebook we spend a lot of our energy making our services and
> the whole internet safer and more secure. We encrypt communications, we use
> secure protocols for traffic, we encourage people to use multiple factors
> for authentication and we go out of our way to help fix issues we find in
> other people’s services.

I have to call “bs” here. It took Facebook nine years – nine years!
(2004–2013) – to turn HTTPS on by default
([http://nakedsecurity.sophos.com/2012/11/19/facebook-
https-t-...](http://nakedsecurity.sophos.com/2012/11/19/facebook-https-t-
shirt/)). Beforehand, anybody on your network could trivially hijack your
Facebook session to gain access to your account (I made a video two years ago
about how easy this attack was [and is] if you don’t know what I mean:
[http://youtu.be/g5mFbgxMHqQ?t=1m33s](http://youtu.be/g5mFbgxMHqQ?t=1m33s)).

~~~
panarky
Pot, kettle, black[0]

From Facebook's current privacy policy[1]:

    
    
      We allow anyone with your contact information to find you through the
      Facebook search bar at the top of most pages, as well as other tools
      we provide, such as contact importers - even if you have not shared
      your contact information with them on Facebook
    

Random news items from last few years[2]

Facebook Removes Crucial Privacy Setting for Users’ Names

Facebook is improperly altering its privacy policy without proper user consent

Using names, images, and content of Facebook users for advertising without
consent

Senator Al Franken has called on Facebook to reconsider expansion of its
facial recognition activity

Facebook’s Beacon program disclosed personal information without user consent

Instagram announced several changes to the terms of service that will allow
the company to use pictures in advertisements without notifying or
compensating users

Instagram proposed that the parents of minors implicitly consent to the use of
their childrens' images for advertising purposes

Facebook removed a privacy control that allowed users to hide themselves from
strangers through Facebook’s search function

88% of Facebook Users Oppose Changes to Privacy Policy and Voting Rights

Facebook has proposed changes to its policies that would (1) end user voting,
(2) remove spam blocking, and (3) share FB user data with affiliates without
user consent

Consumer Groups Ask FTC to Investigate Facebook-Datalogix Data-Matching
Arrangement

Facebook is under a 20 year consent decree from the FTC that requires express
consent from users before disclosing personal information

[0]
[http://www.urbandictionary.com/define.php?term=Pot%20Calling...](http://www.urbandictionary.com/define.php?term=Pot%20Calling%20the%20Kettle%20Black&defid=5909637)

[1] [https://www.facebook.com/about/privacy/your-info-on-
fb](https://www.facebook.com/about/privacy/your-info-on-fb)

[2] [http://epic.org/privacy/facebook/](http://epic.org/privacy/facebook/)

~~~
zaqokm
> Pot, kettle, black[0]

While I am not trying to be an apologist for Facebook, I would like to point
out that the majority of issues with Facebook are because people are members.
It is easy to opt out of Facebook.

I would like to see you opt out of NSA monitoring. A lot of the actions which
the NSA took and take are not made public, you data is collected from means
which could be described as subterfuge, if not bordering on illegal.

The NSA isn't upset with Snowden for exposing their tactics, their upset
because they got exposed altogether. They will continue to go down the path of
monitoring citizens, and collecting data with or without your permission.

And you will never see them [NSA] offer a Terms and Conditions policy or a
Privacy Policy.

------
aaron-lebo
I'm sorry, coming from Zuck, this statement means very little to me.

I guess I'm old school, but Zuck has shown disdain for the privacy of users in
the past, FB actively tracks the movement of users across the net (likely
without many realizing), and I'm under the impression that this culture that
emphasizes sharing every fucking thing is more dangerous to people than the US
government trying to get at data that they probably already have.

Don't get me wrong, I don't like that the US government is doing this, but I
don't trust FB at all.

Nothing to see here folks. Just the old tug of war between governments and
corporations for power, while the actual citizens get trampled.

~~~
nostromo
I'm more afraid of government than private industry.

Facebook will never have a Gitmo. It'll never send someone to a torture camp
in Egypt. It'll never invade a country. It'll never confiscate property. It'll
never put someone on the no-fly list. It'll never harass you at the border.

Yes, we should be openly critical of powerful corporations. But the downsides
of misguided governance are much worse than even the most powerful
corporations can muster.

So, I don't believe it's fair to compare what Facebook does to warrantless
government spying. And I'm glad Zuck is publicly taking on this issue.

~~~
cottonseed
It will never lobby for laws that impose severe penalties for non-violent
crimes. It will never sue and bankrupt individuals and small businesses to
grow, protect and solidify its market position. It will lobby for laws that
literally steal trillions of dollars of value from the public domain. It won't
influence international policy. It won't fight against legal reform in a
country that rivals the most horrific, repressive regimes for incarceration.

If the government is misguided, it's because powerful corporations are leading
it by the nose.

God, I sound paranoid conspiracy theorist.

~~~
lukifer
Conspiracy #0: Associate the very notion of conspiracy with insanity.

"Two men of the same trade seldom meet but for the purpose of deceiving the
public." \- Adam Smith

(Maybe we should start calling them "collusion theories".)

~~~
cottonseed
Hadn't heard that quote before. From
[https://en.wikiquote.org/wiki/Adam_Smith](https://en.wikiquote.org/wiki/Adam_Smith):

"People of the same trade seldom meet together, even for merriment and
diversion, but the conversation ends in a conspiracy against the public, or in
some contrivance to raise prices. It is impossible indeed to prevent such
meetings, by any law which either could be executed, or would be consistent
with liberty or justice. But though the law cannot hinder people of the same
trade from sometimes assembling together, it ought to do nothing to facilitate
such assemblies; much less to render them necessary."

------
adityab

      When our engineers work tirelessly to improve security, we imagine we're protecting you against criminals, not our own government.
    

_Why?_

Any company that cares about 'security' and controls such a massive amount of
personal data would know that governments do not always behave
morally/legally.

This excuse should not work; we the public should expect better.

Yahoo did not use https. Facebook scans your IMs and tracks your website
visits for ads. When do we reach the point when plausible ignorance of
governmental overreach and the need to 'monetize' are _no longer considered
valid excuses_ for compaines to be lax with the data they hold about you?

As an aside: as far as I can tell these are just crododile tears - if
Zuckerberg truly cared, Facebook would back off from generating ad revenue off
IM and would enable OTR.

------
tibbon
Is it just me, or does this seem to be a sideways admittance/accusation that
the US Government has been essentially 'attacking' Facebook attempting to
extract data outside the normal channels of requests from law enforcement?

Either way, this needs to change. We're not on a slippery slope of losing
privacy- we're going downhill like an avalanche.

~~~
rst
It's already pretty much known, from the Snowden papers, that the government
is doing man-in-the-middle attacks against internet services including
Facebook. Here's a story from today's news which discusses one such mode of
attack, and names Facebook specifically:
[http://www.wired.com/opinion/2014/03/quantum/](http://www.wired.com/opinion/2014/03/quantum/)

(Come to think of it, since this is today's news, it's possible that Zuck is
responding to it...)

------
piggyback
Zuck: Yeah so if you ever need info about anyone at Harvard

Zuck: Just ask

Zuck: I have over 4,000 emails, pictures, addresses, SNS

[Redacted Friend's Name]: What? How'd you manage that one?

Zuck: People just submitted it.

Zuck: I don't know why.

Zuck: They "trust me"

Zuck: Dumb fucks

~~~
sehr
I'm not saying he deserves the benefit of the doubt, but if we were all judged
by our actions at age 19 everyone's credibility would be hurt.

~~~
glitchdout
Which is why NSA's surveillance and storage of our communications is
problematic. Some 19 year old kid _today_ may be president in the future.
Should he have something stupid he said today hanging over his head when he's
president?

~~~
sehr
I'm not really arguing against that point

~~~
glitchdout
I'm not arguing either. Just adding to your point.

------
Zigurd
Facebook was listed as one of the companies participating in PRISM, with a
specific start date.

None of the denials or other announcements made by any of the companies the
NSA seemed pretty sure were collaborating addressed why they appeared on that
list. Until there is a good explanation for why the NSA thinks they were
collaborating, denials ring pretty hollow.

~~~
julespitt
It's not clear from the slides that the companies were "participating" at all.
Further Snowden leaks showed that the NSA was cracking large internet
companies' internal systems communications. PRISM doesn't necessarily need
their cooperation at all.

~~~
Zigurd
Then why list specific companies and dates?

Either the companies on the PRISM list are willingly collaborating, or NSA
bribed one or more employees, or NSA attacked their infrastructure.

If it wasn't willing cooperation, then the PRISM companies have a security
breach to solve. None of them have said whether they have such a breach or
not.

~~~
julespitt
Right, I was just pointing out the possibility of your latter two options.
There was also the possibility that PRISM was just a database of formal,
court-ordered information.

I wish we had even more technical details.

~~~
Zigurd
That's no excuse. Someone in senior management has been bribed? You have a
serious security breach unreported, undiagnosed? That's a whopping shareholder
lawsuit coming at you if you don't hunt it down and terminate it.

------
rayiner
Tech companies are in a very awkward situation with regards to surveillance.
It's hard to argue that individuals have an "expectation of privacy" in their
Facebook content, when their thousand closest friends at Facebook are mining
that information to sell them advertising. Indeed, you have the opposite of an
expectation of privacy: you expect that your information will not be
private.[1]

The business model built on harvesting user data to sell advertising is just
fundamentally at odds with the scope of the 4th amendment's protection of
privacy.

[1] You may expect that the government won't look at it, but that's not what
"private" means for the purposes of the 4th amendment. It doesn't just mean
anything you don't want the government to see. To analogize, your house is
private: you may invite selected guests in, but not your thousand closest
friends at Facebook.

~~~
SilasX
This is what I like to call the "slut" defense. "Ah, come on, don't give me
that line, you were showing your stuff all around, flaunting it, putting it
out there, and now you're claiming you didn't want me to use it? lol"

~~~
rayiner
Your analogy involves an escalation, using someone's showing off as an excuse
to violate their bodily integrity. That would be like if the government
asserted you had no privacy interest in the contents of your hard drive, just
because you posted some pictures of facebook. But what we're talking about is
data collection where the government doesn't have anything you didn't already
share with your thousand closest friends at Google. It's more like
distributing a picture of yourself smoking weed among your school, then
getting mad when your parents got a hold of a copy.

~~~
SilasX
>But what we're talking about is data collection where the government doesn't
have anything you didn't already share with your thousand closest friends at
Google

Yeah, exactly: "Honey, we aren't looking at anything you haven't already shown
your last thousand boyfriends".

~~~
rayiner
You're mixing together two different hypotheticals.

In your first one, you have someone provacatively dressed. In this
hypothetical, the government isn't a rapist escalating their level of access,
but someone on the street who can see the same thing everyone else does. I.e.
the government isn't using your Facebook posts as justification for hacking
into your computer. If it has access to something, so do hundreds of people at
ATT, Google, or FB. There's no escalation beyond what you're broadcasting into
the world.

In your second one, you have a serial monogomist. But showing anything special
to a boyfriend or girlfriend is a 1:1 interaction, even if you do it thousands
of times. But the government isn't claiming access to your emails on the
theory you regularly email hundreds of people. Web mail or a Facebook post
isn't 1:1, but rather something in which you invite hundreds of unknown people
into any single interaction.

You can't mix and match bits of each analogy to avoid the distinctions that
keep each one from fitting the situation you're trying to compare it to.

~~~
SilasX
> Web mail or a Facebook post isn't 1:1, but rather something in which you
> invite hundreds of unknown people into any single interaction.

This is false. In both cases I sent it to _known_ , specific, authorized
people. You're employing exactly the same "slut!" logic I criticized before:
"well, you were okay with all those people seeing it, I guess you don't mind
everyone seeing it, if you didn't want the rest of us to have a taste you
shouldn't have been so promiscuous".

Hold on. No matter how many people I privately shared it with, and no matter
how liberal you think my standards are, I still shared it in private. The
typical person does not expect that the general public can read what they're
posting to their friends or email recipients.

And before you say, "but some designated employees get to look at it sometimes
for debugging" \-- again, same logic. "Come on, you live in an apartment, you
_know_ maintenance comes in now and then, I guess anyone can come and take a
look around. Gee, if you're so liberal that you leave your stuff right were
the handyman can see, what, what's the problem? What, you expect that just
because your contract says that entrance is limited to designated people and
situations that the whole world can't take a peak into your bedroom?"

I get that you're not convinced; that you think, "hey, those people send their
data to anyone, it seems, so what's the problem?" And you don't seem to be
bothered by how close the argument is to "she was a slut anyway"; I just hope
that you'll at least recognize there's a good source of well-tested rhetoric
you can draw from, albeit from unsavory characters.

~~~
rayiner
Your landlord doesn't rifle through your apartment to see what kind of laundry
detergent you buy so that he can sell that info to advertisers. There are also
very well defined limits on how your landlord can access your apartment, and
you have a property interest as a renter. Read Facebook's TOS and tell me
there are any such limits to what Facebook can do with your data, and explain
to me how you have a property interest in the data Facebook collects about
you.

In a struggle to make your analogy work, you're posing s hypothetical online
service very different than the ones that exist. If Facebook and Google didn't
mine your data and provided strong contractual protections limiting the
situations in which their engineers could access it, like landlords do, then
you'd have a much stronger argument that these things are protected by the 4th
amendment.

------
higherpurpose
Enough with these PR stunts, Mark. Put your money where your mouth is. Put
your _company_ where your mouth is. Add end to end encryption for your users
chats, and encrypt everything as much as possible, to the highest security
standards, and end-to-end wherever possible (like for FB chat and Whatsapp,
where you could use the TextSecure ratchet).

Until then, all of your "calls for privacy" are not worth the digital paper
they are being written on.

------
louiscipher
I don't think I've read anything about FB lobbying for stricter PII laws.
Until that happens, I'll write up this little "rant" as a lip service and
nothing more.

------
37prime
It is somehow ironic for Mark Zuckerberg to be frustraed over Government
Surveilance.

------
nathanvanfleet
It's a little bit weird how a few years ago all those powerful tech company
heads were meeting with the President. Then finally it came out that they all
had made deals directly with the NSA and colluded to give them access to
user's data. And now all of these companies seem to be working very hard to
reverse all of it. It's a good thing that they are, and they seem to be
genuinely doing it. But it's still seems a bit odd. Zuckerberg talks about the
government needing to be more transparent, but FB and the like haven't
explained the details of the previous deal they made with the government. I
imagine because they are still somehow gagged. I wonder how many drafts of
this message went through FB lawyers.

~~~
arebop
[citation needed] about those deals between Facebook and NSA.

~~~
Zigurd
[http://en.wikipedia.org/wiki/PRISM_(surveillance_program)](http://en.wikipedia.org/wiki/PRISM_\(surveillance_program\))

~~~
arebop
The slides (as usual for slides) are pretty ambiguous, but
[http://en.wikipedia.org/wiki/PRISM_(surveillance_program)#In...](http://en.wikipedia.org/wiki/PRISM_\(surveillance_program\)#Initial_public_statements)
says that the companies and Facebook in particular deny cooperation with
PRISM, and the only quote from media sources that sounds skeptical about that
is from WaPo wonkblog
[[http://www.washingtonpost.com/blogs/wonkblog/wp/2013/06/12/h...](http://www.washingtonpost.com/blogs/wonkblog/wp/2013/06/12/heres-
everything-we-know-about-prism-to-date/)] which says that one of the slides
talks about combining data provided by companies (with warrants, NSLs, and
other legal orders) with data collected by adversarial means.

So, no, that link does not support the claim that Facebook cooperated with
PRISM.

~~~
Zigurd
_" which says that one of the slides talks about combining data provided by
companies (with warrants, NSLs, and other legal orders) with data collected by
adversarial means"_

Cool story. If it was true, surely one of the nine companies listed on the
PRISM slides would have adopted it as an explanation for why they are listed.

~~~
arebop
There are five quotes explaining it that way right in the wikipedia article.
The only company quoted that doesn't admit to complying with court orders is
Dropbox; they flatly deny involvement in anything such as PRISM.

I'm not saying there is proof of lack of wrongdoing, but it would be great if
people would stop claiming without evidence that these companies made deals
with NSA. Evidence-based decision making is better than paranoia.

------
noja
We'll judge you by your actions, Mr Zuckerberg.

------
dictum
The cynical nitpicker in me would like to express frustration over Facebook
tracking both people who use it and people who don't when they visit websites
that have Facebook widgets.

------
zachrose
> When our engineers work tirelessly to improve security, we imagine we're
> protecting you against criminals, not our own government.

Does it really matter who they're protecting us from?

~~~
MadManE
More to the point, what's the difference between the government and criminals?

~~~
smm2000
Criminals could not put you in jail for not giving them direct access to your
servers.

~~~
MadManE
So the only functional difference is that the government is worse than
criminals?

------
gremlinsinc
To those naysaying Mark for selling out our privacy--sure he does that, for
profit--but I'd rather a company sell my shopping and searching habits to
another company than the government take something I say on Facebook out of
context and put me on the no-fly list, or worse an enemy combatant---the more
power the NSA has the further towards Nazi Germany and Gespacho / Secret
police territory we go...so good for you mark--you could do a LOT more to
ensure our privacy, and maybe you will -- hopefully this isn't just
'posturing' but as he's a 30 something techy geek who probably hangs out on
hackernews as much as the rest of us, he may actually be sincere about it.

------
droopybuns
No call to action. No clear guidance on what exactly the bad things are.
Typical facebook post.

</joke>

I wish Zuckerberg would have taken on Schneier's meme: Make bulk mass
surveilance prohibitively expensive.

Everyone can understand what's involved in making that happen.

~~~
jvagner
Check our defense budgets. They don't go down. The NSA has massive data farms
that are not constrained by budgets. That's not exactly the problem.

The more outlandish the plots on Scandal and House of Cards, and the funnier
Jon Stewart gets to be, the more and more awful the truth revealed in the real
news seems to be. We get the truth we're willing to accept... what else will
come?

~~~
droopybuns
I so totally agree. But what's the alternative? We all quit?

Since Schneier's crypto reputation is not in question, I think it's reasonable
to believe that there is a possible statelmate end state.

If everyone goes all in on certificate transparency, HSTS, and Cert Pinning,
engineers can at least make life miserable on the Surveliance Industrial
complex for a little while.

------
__mp
As if Facebook was better with collecting data. This reminds me of the new
Facebook Android app which I have refused to install so far:
[http://i.imgur.com/tDX8yrB.png](http://i.imgur.com/tDX8yrB.png)

------
cottonseed
> The internet works because most people and companies [spend a lot of our
> energy making our services and the whole internet safer and more secure.]

By any metric of privacy, security or safety, I don't see how anyone could
claim the internet works.

Also, no amount of encryption or 2-factor authentication could turn Facebook
into a part of the internet "I want to build." Which is why I deleted my
Facebook account and got off (nearly all) Google services. I vote with my
feet, and what I spend my time building.

------
subb
I... don't understand.

I'm not a facebook user, so, is it possible to use Facebook completely
privately? Without anybody else than your friend seeing your information, not
even third parties?

~~~
slig
No, it's not possible. At least, your name, profile picture and cover picture
will be shown to everybody.

It was possible to hide yourself from the search, but that doesn't work
anymore.

You can hide your friend list as well, but there're some tricks that one can
use to find out who are your friends.

------
rjd
Well now he knows what its like when Facebook does the same thing.

------
richardc12345
I cannot help but think Facebook, Google and such companies business model of
monetizing logs of people's usage of the internet is used by governments to
legitimise their spying.

The argument would be, if it is okay for big business to record all activity
and data mine it for profit then it is okay for governments to record all
activity and data mine it to help govern the people.

------
lyime
Does this mean that Facebook messages/inbox is encrypted?

~~~
final_approach
Hardly. It most probably means Zuckerberg is kind of concerned of the growing
pressure to the point where speaking up is smarter than obeying.

------
aSp1de
[https://www.youtube.com/watch?v=WbOwdjSodeU](https://www.youtube.com/watch?v=WbOwdjSodeU)

------
puppetmaster3
He supports Feinstein AFAIK. So..

