
Facebook Is Using You - charlie_joslin
http://www.nytimes.com/2012/02/05/opinion/sunday/facebook-is-using-you.html?_r=1&hp
======
meterplech
I think this is a terrible headline that masks an interesting philosophical
debate. Especially at this community, we feel we intuitively understand that
we get the convenience and social value from Facebook for $0, and we pay in
our personal data they use to serve up advertisements. That to me is hardly
newsworthy and a relatively uninteresting piece.

But- there is an interesting question in what is an appropriate use of our
personal data w.r.t credit ratings, financial decisions, etc... Just like
there are anti-discrimination laws that prevent mortgage servicers from
altering policies based on race, perhaps there should be other walls to keep
separate how our data can be used financially.

This is a question the NY Times should've posed instead of this clearly
linkbaity uninteresting headline.

~~~
jenius
This was also my immediate reaction, agreed. I wrote an article a while ago
that talks about a similar thing, but concludes more along those lines -
facebook offers us the service for free, and as far as we know they do not
sell our personal data. Until they do, we don't need to worry.

<http://carrotblog.com/facebook-is-watching-you/>

~~~
swang
Psst. We know they sell our personal data. Start worrying!

[http://www.forbes.com/sites/kashmirhill/2011/11/29/facebooks...](http://www.forbes.com/sites/kashmirhill/2011/11/29/facebooks-
mark-zuckerberg-weve-made-a-bunch-of-mistakes/)

HN Thread: <http://news.ycombinator.com/item?id=3292225>

"Facebook promised users that it would not share their personal information
with advertisers. It did."

I wonder why so few news sites picked up on this.

------
spodek
This is what Freedombox is for (also Diaspora). Freedombox is one of the few
projects I make time to contribute to. I'm surprised it isn't one of the more
popular projects among this community.

Anyway, here are some links and background if you aren't familiar with it.
From <http://freedomboxfoundation.org> and
<http://freedomboxfoundation.org/learn>

What is FreedomBox?

    
    
        Email and telecommunications that protects privacy and resists eavesdropping
    
        A publishing platform that resists oppression and censorship.
    
        An organizing tool for democratic activists in hostile regimes.
    
        An emergency communication network in times of crisis.
    
    

If you live near New York City, there will be a hack-fest February 18, 19, 20
(more information in first link above). I hope to see you there.

~~~
pacala
I follow a few high profile tech news source, but I never heard of Freedombox.

One major worry I have about decentralized systems is crackers. It's hard
enough to secure centralized systems using proprietary code behind firewalls
managed by an army of experts. How can a decentralized system possibly avoid
becoming a 0day distributed botnet?

~~~
thomaslangston
> It's hard enough to secure centralized systems using proprietary code behind
> firewalls managed by an army of experts. How can a decentralized system
> possibly avoid becoming a 0day distributed botnet?

I do not understand your concern.

Centralized systems are easier to crack, not harder. Proprietary code may or
may not be easier to crack, but I'd lean towards easier. Distributed systems
do not require you to not have firewalls. Distributed systems do not require
you to not have experts managing them. Nodes of a distributed system do not
have to obey the commands of other nodes or have a central control mechanism.

How would a decentralized system ever become a 0day botnet?

~~~
pacala
The point of Freedombox is that everyone has his data in his own home. If
average Joe wants to share this data with his friends, average Joe is going to
run a server in his home. If the server code has a 0day exploit, average Joe
server easily becomes a node in a botnet.

How do you address the problem of managing a fleet of 800 Million servers
running in 800 Million homes? Who are the experts that manage this problem and
who finances their work? Why would average Joe trust them with his data? What
is the technical device through which they have admin access to 800 Million
servers in 800 Million homes?

~~~
thomaslangston
That may be the setup of that project, but it isn't the status of every
decentralized system. A decentralized system could as easily be funded by
individual users buying hosted space with professional admins.

I don't see the 0day exploit window of one additional application running on
local users' boxes to be much cause for alarm. Somehow we muddled through
decades of Windows boxes with everyone joining the Borg.

------
blauwbilgorgel
I don't see that many merits in the views expressed in this article.

You are using Facebook, and Facebook is using you and your data.

"Using you" has a negative connotation, like a bad relationship. So what does
Facebook do to "use you"? It shows tailored advertisements. By that standard,
nearly every commercial entity on the web is "using you".

The article continues with non-Facebook-specific privacy issues, mostly
focussing on law enforcement being able to access your data. If you got a
problem with that you should take it up with your representation, not with
those that simply comply with the law.

The problems with data aggregation are correctly identified, but not specific
nor directly related to Facebook.

If an employer won't give you a job, because she found a drunk picture of you
on your public profile, I really see only two people at fault: You yourself,
and your employer (and maybe your local laws that allow for this to happen).

I think it is weak to point the finger at Facebook, when all they seem to do
is facilitate you and others to give them data voluntarily.

~~~
jscottmiller
Your example of the profile picture misses the larger issue - this data is not
perfect and people have natural biases in their judgement. Does the situation
change if the employer based her discrimination claim on stated relationship
status or sexual orientation (illegally, yes)? What if that status is based
not on overt information, but on your friends and relationship status?

This kind of discrimination is difficult to prove. If I'm hiring and have a
large enough labor pool (say, retail in an area with high unemployment), I can
apply this to each resume that comes in, never responding to those who didn't
pass the test.

Anyway, using Facebook as the lead and straw man is flamebaid but, hey, it
reached the top of HN.

~~~
true_religion
In the US, I don't think its illegal at the federal level to discriminate on
sexual orientation. Some states though have laws granting protection.

------
estevez
I think the article's main point succeeds on the merits: while we have a
variety of statutory and regulatory mechanisms in place to make sure that
things like credit reports are compiled in a fair manner we have no such
mechanisms for the likes of LexisNexis, ChoicePoint, Facebook, Google, etc.,
etc.

I don't think its unreasonable to want some assurances that my creepy neighbor
can't purchase my web history or FB data. Less facetiously, at the very least,
I should be informed when an adverse decision has been based upon this
information and should have a chance to review it periodically.

------
true_religion
Somehow I feel this article hasn't gone through an editor.

Here are a few examples:

> In Europe, laws give people the right to know what data companies have about
> them, but that is not the case in the United States.

This sentence primes the audience for a discussion of the laws, but that
anticipation is never fulfilled. The article jumps to a new topic immediately.

> Ads that pop up on your screen might seem useful, or at worst, a nuisance.
> But they are much more than that. The bits and bytes about your life can
> easily be used against you. Whether you can obtain a job, credit or
> insurance can be based on your digital doppelgänger — and you may never know
> why you’ve been turned down.

Yes advertising uses the same 'bits and bytes' about your life to determine
targeted ads, but you can't co-mingle the idea of advertising and the drastic
case of being turned down on insurance because of a Facebook posting you made.

The premise of the article is that Facebook uses you, in that they use your
personal data. It's true, but they use your data for _advertisement_ and not
for the other more troubling purposes the article talks about.

The author appears to want to set up a slippery slope argument by saying that
simply because a market exists for personal data beyond advertising, then
Facebook will either (a) sell their corpus to those companies that already
provide the service or (b) start providing those services themselves.

It's possible, but there's no evidence suggesting that it is occurring already
or is likely to occur in the future---businesses don't enter new industries
merely because they can; there's always a cost to diversifying and for
Facebook the cost of selling user-data to let employers make hiring decisions
is the loss of their dominance in social networking. Once its known that the
information you give you Facebook can be used for more than advertising,
people likely will stop giving that information. Facebook can make a one-time
sale, but loses on the chance to continue reaping ad-profits.

Why would they kill their cash-cow and core business just for dubious short-
term gain?

------
zecho
First, the headline doesn't represent the content very well. It should be
Others May Use Data They Glean About You From Facebook.

Secondly, I guess there's a fine line between "stereotyping" and statistics,
isn't there?

Thirdly, the author looks at some of the worst offenses of this type of mining
and seems to extrapolate it as the norm. FUD mongering.

~~~
Drbble
Statistics teaches us that there is not a fine line at any boundary; there is
wide fuzzy gradient.

------
fidotron
This is somewhat disingenuous given that the entire commercial media industry
does this, it's just that they aren't quite so efficient.

If you've not ever worked in the media it's easy to underestimate the lengths
they go to to work out who is consuming what and how to better channel ads at
the lucrative targets, or how astonishingly detailed their information
actually is. Your cable provider is probably far more evil than you imagine.

~~~
greenyoda
Not to mention that the NY Times (the publisher of this article) probably
collects a lot of information about their on-line readers. They know what
articles you've read, what ads you've clicked on, what comments you've left on
their site, where you live (based on your IP address and/or your billing
address), approximately what your income is (based on your ZIP code), and that
you found this article through Hacker News. And if you're a paid subscriber,
they know your real name.

------
mwsherman
The article is a litany of citationless speculation. The things the writer
mentions _could_ happen. But then, many things fit that description.

More to the point, companies that draw the wrong conclusions from data they
have – changing credit limits without merit, targeting ads wrongly – will not
be helping themselves.

And it goes without saying, for me anyway, that putting information online
means putting it online. I don’t assume that Facebook’s interests are mine.

To me, the definition of “my data” is not claiming ownership of bits on FB’s
servers. It means that if it’s on the Internet, it’s because I put it there,
caveat emptor.

------
duckfruit
Financial institutions are using all available data to improve estimations of
creditworthiness. The Horror!

I don't support the implicit assumption that it is better to err on the side
of leniency when it comes to credit provision. Inadequate information was as
responsible as lack of oversight for causing the financial crisis. Racial
discrimination is also a flawed analogy -- that was a case of using traits
that had no bearing on credit risk to calculate a deliberately false
appraisal, whereas using data on online activity is far more akin to the
practice of requiring bank statements.

Granted, mistakes could very likely be made, but so far the author presents no
evidence that using such information is any worse than other means of
estimating credit.

------
dataminer
Its a very good article although the title should include Google, American
Express and NebuAd. I am aware of Facebook, Google and Cerdit card companies
using personal data to perform business functions. However I am quite alarmed
by the incident mentioned in the article where six ISPs sold personal data. I
have never heard about it before, and am wondering how common is this
practice.

------
ajays
Question: why isn't my data's copyright owned by me? I should have the same
rights over my data (my searches, my browsing history, relationships, etc.) as
an artist has over his creations. And they (companies that use this
information or trade in it) should have to pay me to use it.

~~~
joering1
they do just not in a monetary form, but by letting you use their services for
free. it cost more to run, for example Facebook site, than $1.

~~~
jersni
that's true. but then again, how much would their service be worth without the
user's generated content?

~~~
joesb
How much would their service be worth to you without other user's generated
content? If it's more important to you to see other people's content than you
putting out your content, then you should be the one paying them to access
other's content.

------
tedsuo
The use of our data for purposes beyond advertizing is definitely a rapidly
brewing storm. I already get emails from pretty looking web services offering
sometimes dubious claims of magical insight, if only I send them a list of
emails I want checked out. I expect the reach of those claims will only
continue to broaden.

At the heart of the problem is that the sharing of data is assymetric, which
will prevent market forces from weeding out services that don't put a premium
on ensuring their data is even accurate, let alone whether their conclusions
are sound. In other words, I have no idea who is sharing what about me, or how
it is actually affecting the decisions being made around me. Employers, banks,
etc, don't do a post game wrap up where they show you the data mining services
they use, and what they say about you (relevant aside: when I get these data
mining pitches emailed to me, where did they get my email, and why do they
think I may be interested in these services? I have no way of knowing). I may
be able to curate my facebook data, but I can't curate an augean stable of
ever changing services that I don't even use, or know exist.

------
quietness
Seeing how a lot of people on Facebook use fake names, I don't how the
information Facebook provides for potential data buyers can be deemed as
trustworthy enough to be used to lower credit ratings, or as basis for hiring.
Granted, if a person has a history of bad-mouthing previous employers (which
is the person's responsibility in the first place), it can be used against the
person. But that can happen if an employer connects with the potential
employee and checks the ever-helpful Timeline, without Facebook having to sell
the data.

------
Eleopteryx
I thought this was old news? Really old news.

~~~
estevez
To us, perhaps, but not to the average NYT reader.

------
dreamdu5t
I find it perverted that people are angry about Facebook but illegal
warrantless mass surveillance of every citizen in the US doesn't generate a
comparable outcry.

Facebook does nothing to violate your privacy. The FBI intentionally spying on
you without your consent or knowledge IS a violation of privacy.

------
feralchimp
I hope the NY Times considers "Facebook sells access to you" and "data mining
can have unfair consequences when exploited by unaccountable credit rating
agencies" to be facts that are not new, but are worth repeating again and
again.

------
rationalbeats
Well the credit card example is not new. I remember reading, in the NYTimes,
about several people who had their credit limits reduced significantly after
the 2008 crash, and the reasoning they were told was the type of places they
used their credit cards, and usually it had to do with certain bars in certain
neighborhoods where many others who used those establishments defaulted on
their credit card bills. I believe the other method employed by these banks
were to increase the minimum payment substantially as well.

This article does not really reveal anything that has not been already well
documented, and most likely on the NYTImes.

------
ddw
There have been a lot of stories like this one and they usually show up on HN.
This one is particularly good at drawing out the consequences.

But as these stories become more commonplace and the general public becomes
informed of the true Facebook, I'm wondering if there will actually be people
that care.

I can see as the kids that grew up on Google and Facebook become older that
the idea of "privacy" becomes more obsolete and that they inherently trust the
algorithms because they have always worked for them in the past.

I'm not saying that I agree with this and that I hope this is how it turns
out, But maybe The Zuck is right after all.

------
jfmercer
In an information economy, a data mine has the same value that an oil, iron,
or coal mine has in an industrial economy. The great data aggregators--
Facebook, Google, Twitter, et al.--will be the robber barons of the
information economy because they own-and therefore control access to-the data
mines.

------
edderly
The simplest opt-in/out I think would be satisfactory would be to limit the
amount of data they can associate with me to an arbitrary time period (six
months sounds about right).

I think there has to be a price to pay from the data aggregator side if they
want information associated with my 'real' identity.

~~~
dreamdu5t
Facebook is opt-in/opt-out. You don't have to create an account and start
adding a bunch of personal information to it.

If you're actually concerned about people destroying your data after six
months, why are you giving it to people lacking such an agreement?

~~~
edderly
Yes at a simple level you're right, but you could use the same argument about
lots of things, for example I could opt-out of using the Internet but that
should not give ISPs carte blanche with my personal data.

As to your question, I use FB fairly cautiously and I'd also rather not
exclude myself from a social forum which friends prefer to use.

What I'm suggesting is a simple compromise, rather than give social networks
an unlimited license to my data I'm happy to give them a more limited one.

------
polynomial
Reading the Times' headline I can't help thinking of the grammatical
difference between 'use' and 'utilize', which turns on what the intended
purpose of the object is.

Which of course raises the question, what is the _intended purpose_ of a
facebook user…?

------
rythie
I wonder if Facebook would ever consider charging people to only to get rid of
the ads.

~~~
Drbble
That's more complicated than just using Adblock and is bad PR in the message
it sends. If you mean charging to not "use" your data at all, that is an ill-
formed concept, given the nature of the business as a sharing service. No
friend recs? No featured suggestions? What about using data you give to a
friend that they choose to give to facebook -- that there is all your data

~~~
Jach
Some sites (like deviantArt) do successfully upsell to premium accounts, where
one of the many features is no more ads. (And they actually advertise "no more
ads!" to encourage upsells, though they advertise other features too.) Only a
tiny portion of internet users have heard of adblock let alone use it, sadly
(or perhaps not sadly if you think ad-driven companies like Google have made a
lasting positive effect on the world), and even if they've heard of it forking
over a credit card number may be conceptually easier than installing an addon
or calling their "computer whiz nephew" to come over and do it.

Anyway, one way Facebook could do this is by upselling to an account where you
have access to a database table or key-value file (or mixed) showing you all
the data they have about you (not necessarily use). They could further upsell
you on using your data for a particular function or not using your data for a
particular function, showing you the documentation to the various functions in
question. e.g. an option called "Send to credit agencies" (which you can pay
$5 to turn off) when expanded highlights the particular data or sections of
the data it sends to which agencies. Indeed, there may even be code it can
take the docs from:

    
    
        /**
         * Sends user's Account Data (username, full name, address if provided, etc.) and a credit score estimate determined by @See otherfunc to EquiFax.
        */
        function send2equifax($account_data) { }
    

Or, you know, something simpler like how oAuth permissions are granted. But
considering the likely target market for significant data restriction upsells,
customers are probably pretty technical and can handle the specifics.

------
zachinglis
Wait… Facebook is a… business?!

Seriously though. Facebook is a for profit company. I don't really think thats
wrong or even ambiguous?

------
Craiggybear
It IS using you and if you aren't smart enough to figure that out then you're
living in a bubble universe.

FB is an awful, monstrous growth on society. I'm sorry if this sounds like an
over-reaction, but its pure, undiluted evil. Its reach is just way far too
pervasive and the tracking on non-members is just plain illegal as far as I'm
concerned. Unfortunately, people seem to have come to believe that society
couldn't exist without it.

I'm (vainly probably) hoping that the flotation will, ultimately, be its
downfall. Even existing toothless Regulation might scupper its share value
enough to make it an obvious bubble investment -- and people might wake the
fuck up and start to remember the real value of money, people and _privacy_
again.

~~~
Karunamon
>FB is an awful, monstrous growth on society.

I can think of many things I'd apply that label to (Such as DHS, the
republican party, ACTA), but applying that to a service that people
_voluntarily sign up and use_ is a bit absurd, don't you think?

This just in: Advertising companies track people. Film at 11.

It's possible to completely avoid facebook and their tracking with the most
minimal of effort. I wonder when we're going to stop seeing these breathless
"zOMG EVIL!!1" rants against commonly used services and stop diluting the
meaning of the word "evil".

Showing you advertisements is not "evil". Using cookies is not "evil".

~~~
Craiggybear
No, its not. Its what they are doing with your responses to those things that
are potentially or actually evil. The fact it requires _any_ response on my
part, minimal or not, is absurd and unacceptable.

Don't you get that?

I find this kind of response unfathomable.

~~~
Karunamon
>The fact it requires any response on my part, minimal or not, is absurd and
unacceptable.

Cookies and ad-based tracking have been around for years. I find
characterizing that behavior as "evil" is patently absurd.

So no, I don't "get" that. I don't see what you're so up in arms about.

------
zotz
"They trust me. Dumb fucks." -MZ

