Hacker News new | past | comments | ask | show | jobs | submit login
Facebook is terrifying (medium.com)
468 points by jitbit on Feb 4, 2017 | hide | past | web | favorite | 281 comments

I deleted my Facebook account in 2010 after appearing in the Times regarding technology addiction. It was my most time consuming social media application at the time. For the article, they had me install an application tracker to see how much time I spent in focus on a particular app. I was alarmed at how often I checked Facebook chat.

Today, after much investigation, I've come to a hypothesis that technology's purpose is to gently erode the concept of "self" as it grows in power and scope. We drive this growth, but at the same time more than a few of us worry about how the growth is affecting our "right" or "natural state" of privacy to be who we want to be without blame or for someone speaking (in aggregate) to what our actions may hold in the future. It seems obvious privacy is a good thing, because as long as privacy exists someone can't take your information and do things in private with it as they see fit. The more tech they have, the more they can do with your data and the more they can "invade" your privacy.

Facebook's accumulation of information is concerning, not so much from the standpoint of the addiction that causes us to contribute to the quantity of data, but from the standpoint of collective thinking that arises from it.

I don't want to be part of a collection or be told to think with the collection. I want to be me and think about things that are important to myself. I want to do that without anyone else telling me how to think about it or speaking for what I know at a later date without knowing me.

I've come to a hypothesis that technology's purpose is to gently erode the concept of "self"

Exactly, although it's being done in a roundabout and non-obvious way. There are millions of tech folks, all (in my mind) honestly trying to create technology to empower folks to do things they've never done before.

But the beauty of tech is generalization, creating cookie-cutter choices. Everything we do, and in ever way we interact with tech, it's more and more leading us down pre-canned behavioral pathways. Even when completely unintended, the place where tech is taking us unless we drastically change our ways is something like the commodification of the species. It's a freaking horror show.

The Borg are going to go from sci-fi super villains to an accurate description of our great-grandkids in just a generation. Amazing.

Will the last human please go outside and do something unique?

Very well said. One would think of the information age as a way to start better communicating which should break down barriers. But it seems we can just more easily flock to the people who think like we do. So we have more strongly cemented factions. I find myself getting mildly angry at friends who post things I disagree with. If we were seated together having a beer and he said the same thing we'd keep talking for an hour and I would have no negative feelings. I find if I try to engage online it just goes nowhere. I avoid posting anything other than the most banal things because I don't want to be judged/attacked. I just don't have the time or energy to go in depth to defend my positions. And at this point I could care less if anyone knows what I feel.

It's because of the publicity of the discourse. Normal one-on-one discussions can lead somewhere, because you're not constantly afraid of losing face. When you utter opinions publically, you're sortof forced to stand by them, regardless of their merit. That's why televised political "debate" never ends up changing the opinion of any of the debating parties. They're trying to convince an audience instead of the other party. I think it's a big part of why politicians are so unpopular today.

We've built this new world where we are accustomed to leaving tiny traces of our minds in nooks and crannies, where they are waiting to be scraped up and analyzed. As those traces get larger and those nooks and crannies get unearthed, the default level of privacy will shrink. One day it might be that privacy itself becomes an antiquated concept.

I deleted my Facebook in high school in 2010 also, out of paranoia of this exact future. The problem is that if someone sums over the comments I make on other media, they could deduce my identity anyways. In the big picture Facebook, Reddit, Twitter, HackerNews, etc. are all in the same boat. I imagine there exists software which sums over many common sources (FB, TW, HN, IG, YT, RD, etc.) to find correlations in prose structure, post time patterns, topic similarity, sentiment similarity, etc. to identify people, or at least reduce the search space. The NSA would likely use such software, if it existed.

Based on what I've seen you should assume most nation states have this ability. Take the NSA's back door into Cisco routers as an example. The NSA made use of this exploit for years before it was exposed. In all likelihood they are still making use of it as there are likely unpatched routers still in the wild.

Now sidestep to phones. Nation states can tap into your calls and to your location through the GPS info tied to your phone. So if you want your calls to be anonymous you pay cash for a burner and only turn it on and use it in large crowds. Ok, that seems ok, but burner phones are specifically targeted since they are more likely to be associated with behavior a government would want to track. So now what happens is as soon as the burner comes on you are triangulated, phones near you are identified and these are used to start to pinpoint who you are. Social media of everyone near the burner can be mined. Over time if you continue to use the same burner the higher likelihood of being identified.

To slightly bastardize the term "burner", people might think they don't have any burners, but everyone's got burners. I started to notice that one of my professors, around every ~25 sentences, he would capitalize the first two letters of the sentence. I mean it's a dead giveaway, because most people do this a lot less frequently.

But these figurative "burners" are everywhere. Little, tiny, seemingly untraceable ticks, invisible to the naked eye. Computers are telescopes in the bit world, eyes on us at all times. People don't seem very concerned. You can't just pour water and sand over your digital footprints to erase them... I would not be surprised if FB held on to my data 7 years after I deleted my account.

'burner' in the parent comment refers to a disposable pre-paid phone without contract.

You're describing a kind of 'tell' I think. Still an interesting point you make.

He was talking about burners being used to be seemingly undetectable, which got me thinking about people with nearly imperceptible tells, and how both of these "nearly invisible" things are seen by big brother. You are right though... it's a very questionable segue.

I recently accidentally re-activated my old FB account from high school (deactivated 2010). It's all still there. It's more like "unpublishing" your account than really "deactivating" it.

Where are you from? Not sure if that's just in Europe but there's an option[1] to permanently delete everything from fb, though I'm sure it wasn't available a few years ago. Now it is though and I'm guessing fb is obligated to provide this b/c of some european law.

[1] Sorry for the google ref link but I have fb hosts blocked and couldn't find an easy way to just copy the actual link: https://www.google.gr/url?sa=t&rct=j&q=&esrc=s&source=web&cd...

United States. I need to look again but I don't think there's the option to permanently delete. Just some kind of generic notice like "your data will eventually be permanently deleted"... eventually, like the heat death of the universe.

The settings menu on Facebook only has a "Deactivate your account" option, which is the one that leaves all your data there.

The link to permanently delete is only found inside help articles.

Thanks, I will look into that.

>I've come to a hypothesis that technology's purpose is to gently erode the concept of "self"

Centralized corporate-style internet services may achieve that, but many other kind of technologies strive for and achieve the exact contrary. I'm thinking of all the free (as in freedom) social networks that allow people to express their true self, to say what they can't say in their outside social life.

Two aspects necessary for these types of communities to exist I think I've identified are: 1. having a persistent identity that isn't linked to your real life one, and 2. having minimal moderation (either hierarchical or caused by mob mentality). Basically the opposite of Facebook.

Your true self can't be expressed unless you have a separate online identity?

Are you okay with the whole world, every person you meet on the street, your boss, your parents, your ex, the guy who serves you coffee, that thug you bumped into in the subway, the guys who work at your company's competitors, the guys who live in that country at war with yours, knowing every detail of your personality and your life?

Or do you maybe think putting up your information on that open and permanent graveyard that is the web could put you at risk, someday?

If not, then I envy you, but you're not the norm, nor can you guarantee that your environment always be this supportive. What's guaranteed though, is that the databases will still be there.

Much like life before the internet, I don't see why you're required to share all that info in the first place. It's up to you to decide what others see, even when you don't have a secret online alter ego.

Well, the comment I was responding to is about technology eroding the "self". We agree that sharing and expressing one's ideas make them stronger, allow them to blossom and mature, yes? Maybe you have this crazy idea that's too out of the Overton Window to discuss IRL and attach to your public image right now, but there are other people thinking about it somewhere, and if these people manage to find each other online and discuss it they'll be able to reflect about that idea rationally, without fear of judgment and repercussion.

That's how novel artistic and political movements are born, from people not being afraid to share "offensive" ideas. "Secret online alter egos" allow you to discuss ideas that you couldn't have considered otherwise, and because we humans tend to restrict our thoughts to our field of possibilities, these alternate identities will actually make you have more of these creative ideas.

Of course you can keep all that to yourself and either continue living the life that society has prepared for you, or try alone to change it, but that's pretty limiting.

Up to you? Heh, good one.

No, it's up to the person who likes give up as much information as possible that you hang around. "Hey, I ate lunch with ikeyany today", now held in Facebook and Instagram forever. "Tagged: ikeyany" in the wedding photos of your friend.

Even if you're a digital hermit, you'll still be found and categorized, since everyone else seems to love giving up all their personal information.

Nice post, thank you.

I closed my account yesterday for these reasons and also because, I can honestly say, it's just a boring distraction and waste of my time.

You know you have an account anyway, right? FB makes and manages profiles of people who don't have accounts, even of people who have never had accounts. They use this for their ad network, among other things.

LinkedIn does this as well. I don't know about others.

Thats why it's super important to only allow javascript and cookies from domains you have explicitly trusted. This will aid in preventing all the plugins (ie "like this post on fb") from tracking you when your browsing the web. You can do this will a good suite of browser addons; noscript, ghostery, ublock, disconnect.

Or you can go the full ban hammer route and add all of facebook's known domains to your hosts file[0].

[0] - https://github.com/jmdugan/blocklists/tree/master/corporatio...

How does that even work? Where does FB (or LinkedIn) get the information from that they can determine who you are even if you've never signed up for an account?

It's called shadow profiling[0].

Even if you haven't signed up for a facebook account but someone you know has an account, they by proxy, you have an account. Merely existing as a contact in their address book is enough to create a shadow profile with facebook. Their deep-learning algos can collate such data from all your friends and serve you correspondingly appropriate ads.

In fact, I just thought of an experiment that you could try sometime.

1. Buy a new cellphone number and store a small number of contacts (say, about 5) in your phonebook. Make sure all 5 of them have functional & active FB accounts.

2. Install the FB app on the phone and grant it access to your phonebook.

3. Open the app, create a new user and check out the list of suggested friends.

I think you'll be surprised.

[0] http://www.dailydot.com/news/facebook-shadow-profiles-privac...

They definitely use your contact lists. I have done multiple experiments with this. I first noticed about a year ago, people popping on my FB's "People you may know..." list, and sure enough, the _only_ way they could link them to me was through my iPhone contacts. People like a guy who once fixed my roof, whose number I still had from years ago.

As the original commenter said, LinkedIn seems to be even worse with this, creating those spooky empty default accounts for your grandmother or your child's best friend's dad.

I think there will be a backlash against all this - surely it is a case of diminishing returns for the social media corps, combined with an ever-growing sense of _unnecessary_ intrusion by their users?

People with facebook-apps on their phones essentially allows Facebook to get their full contact list. If person A, B and C all have the number of a person D who is not on facebook, it's enough to create a shadow profile. On the basis of A, B and C, their social statuses, their level of education, country, etc., it's possible to make pretty accurate guesses to determine the person D.

If person D some day decides to install, say, WhatsApp (or even if he had it before Facebook acquired it), it also has his text messages, and photos shared through said app. It can all be linked to that shadow profile with that phone number. If D at some point typed his email-address into WhatsApp, or signed up at some site that shares data with Facebook, it's also easily linked to that shadow profile.

They could buy it from credit agencies

Is there any evidence to back this up?

Anecdotally, it's happened to my father and brother. There are bot-made accounts on Facebook with their biographical information and pictures, taken from Wikipedia. Apparently it's standard practice for "notable" persons who don't create their own pages.

Facebook implies it pretty heavily here:


Not that I can quote but I have friends at LinkedIn, Facebook (and Yahoo who does it too) who specifically work on this feature. I would be shocked if Doubleclick (google) et al weren't doing the same thing.

It's more that the social network platforms themselves are naturally atomizing forces of capitalism itself. And you might wonder how this applies to the elimination of self? Simply put, in capitalism all things need to be a commodity to be traded/sold for a price. Be it physical goods like food and houses or non-physical goods like music or personal data. Ultimately, to ensure you're good at consuming these goods, capitalism will invariably find means to erode the sense of self which is driven more by social needs (family, friends, church, etc) to place you squarely into a new set of identities precisely crafted for consumption (Trekkie, Star Wars fan, Clinton/Trump voter). These identities are meant to feel like you chose them but in practice we're all indoctrinated to these identities to some capacity. It's all part of the larger push to ensure you're alone, afraid, and always ready to do whatever is asked of you so long as you can have your trinkets. Because if some people find out it's all a scam then the whole system falls apart when enough of them refuse to consume. If there's anything the last few years has illustrated is that there is a subculture in the current generation that isn't buying what the capitalists are selling. So they're grasping desperately for more ways to pull on heartstrings or to further alienate us from each other and seek goods/commodities to find comfort in. This I think will fail very quickly once the facts sink in for those not clued in right now. When you can't pay anymore or that the goods bought bring no more comfort then the crisis will set in. Identity or self, as you mentioned, will be the center of that crisis. What comes of it, I can't be sure. But I fear a regression from technology would prove a disaster. We're cyborgs, we're meant to use technology to enhance ourselves but not for the sake of enhancement itself.

Could you cite some books explaining that train of thoughts ? It's interesting to me.

I think other than reading Marx's Capital there's not much on the subject. I suspect there's some sociologists who've covered this. But most of my comment is purely personal observation based on a loosely Marxist POV (I'm not a Marxist personally, but I've taken the idea of commodification as something that can be applied to just about anything which has some economic value).

> I was alarmed at how often I checked Facebook chat.

A bit unrelated to your broader point, but I recently dropped my phone and shattered the camera lens, and have been astonished at how much less I'm using social media. It's even more surprising because I don't actually post that much and don't take a ton of photos relative to others.

Its not just faces .. me and a friend had a little jam session recently and posted a picture of our cool little setup, consisting of a few pocket-sized machines (synthesizers and controllers) on our table in front of us. Just an innocent little picture of our jam setup.

Within seconds of posting this picture of the machines, my friend was getting targeted ads from the manufacturers of those devices - within seconds!

This was a watershed moment for us. We won't be posting much to Facebook in the future .. far too scary for us!

I had a similar moment (and ironically I'm a musician too).

I went to a bar, where a band was playing on stage... After a while I realized I know the drummer. I played with him before, in another band, years ago. We had a beer, chatted a bit and went home.

Now, we hadn't posted any pictures, nor statuses, we have no mutual friends on facebook, no connection at all... Heck, Facebook DIDN'T EVEN EXIST when I last saw him.

The second I got home the app suggested him as a friend

Gosh this was scary.

(OP here)

Not to say this is definitely what happened, but he could have looked you up on FB which might tip off the suggestions algorithm.

That's a whole other can of worms, of course.

Occam's razor, I agree. I've heard several times these kind of stories.

Facebook suggests a lot of people to me. Overwhelmingly they're people I don't recognize. Are you sure this isn't just confirmation bias making it seem like they're more successful than they really are? I'm not saying Facebook doesn't do some creepy things, but even at worst this is innocuous enough, and this has enough other really innocuous explanations that this would barely make me think twice.

80% of those people are the next-door neighbor of someone I was in marching band with 30 years ago.

I used to play a phone game and utilized mock locations for area specific content. Later, Facebook would suggest friends from the specific location I had spoofed, despite having never once set foot there or having ever known anyone from the area.

Myself and someone I just met were suggested as friends to each other after we met. Neither looked up the other. Neither created any contacts in our phone. Only possibility is our FB app knew we were both in the same place at the same time for a few hours.

now that is creepy

I stopped using Facebook completely when it suggested that I friend a Work Associate that I have only dealt with once via email. The creepiest part of it was that I have never told Facebook where I work at all.

All the other people that it suggests that I friend where I have no idea who they are, I wonder where the association came from...

I also had this recently too. I got given a friend suggestion of someone I haven't seen in twenty years. We have no shared FB friends, nor location, nor schooling / college education.

I have her email address in my contacts which has been shared with WhatsApp.

Curiously, there should be no way to directly link my FB account with WhatsApp. I haven't shared my mobile number with FB, and I haven't shared my FB account email address with WhatsApp. Somehow they have tied the two together.

I've never installed any other FB app on my phone, and my FB account is only a month old.

I found that particularly chilling. The friend suggestion doesn't have my email address nor mobile number, and we live in different countries. I'd love to figure out how they did it. I even use a pseudonym on FB.

That's simple - whenever any of your personal or business contacts grants access to their contact list to some app, "everyone in the world" obtains a mapping between your mobile phone number (that they had), your full name and nicknames (that they entered manually) and likely your other identities as well (e.g. emails, various IM providers, etc) that they linked to you in their contact list.

It's the same with facial recognition - to avoid it, it's not enough to never post your pictures, you'd also need to ensure that noone who knows you would ever tag you in some picture they have.

Another musician here: One day I got ads for Waves Plugins. I still haven't figured out how they have learnt about me being into producing. My FB friends are (afaik) non-musicians from school days and I don't open FB in my regular browser. Furthermore, I block almost anything µblock has to offer in my normal browser. Maybe they derived something from my e-mail address. Pretty scary stuff!

I don't think it's impossible for them to see your financial (Credit Card?) records and use that too? Advertising companies are after all, advertising companies... They get anything they can, even the old way of finding things out. I used to buy cigars online, to this day I still get mail from websites / companies I never bought cigars from.

Two potential causes:

1. Location matching - both your apps detected you in the same place for an extended period of time. Maybe you guys had mutual friends in the music community?

2. Microphone[0]. They have since refuted that claim[1], but I've had way too many coincidences and I'm choosing to keep my tin-foil hat on... :/

[0] www.geek.com/apps/facebook-app-now-listens-and-records-audio-when-you-post-updates-from-your-phone-1595873/


Isnt this just location based matching?

But I didn't touch my phone that night... I'm not sure what happened exactly, the fact is - it made me super uncomfortable.

It looks like Facebook asks for Location: Always on iOS. (I've got mine set to Never.) I wonder if they feed this back to the servers.

I presume you didn't post anything about the "event" to facebook (I've seen "Person is going to attend Blah" posts before) or "check in".

I had once looked up someone I knew from college on Facebook, and their name appeared immediately, weeks later I realized they were trying to find me before I was trying to find them! The other person probably looked you up, and other factors pushed Facebook to suggest them.

If they looked you up that could be part of the why and how. Facebook knew where you both were, and the fact they looked you up initiated this. Totally creepy either way.

The most hilarious part of this is that he's already a customer! They don't need to target him!

Advertising is such a racket.

I imagine the conversation going on the lines of:

Facebook: In the week we exposed the user to the add, the user posted a picture of your product. We made that sell for you!

Advertiser: Say no more, take my money!

Facebook: (smiles smugly)

I seriously doubt there's that much detail. It would be dumb for FB to tell customers that something like this is a primary targeting criteria. That's the racket, that FB (probably) doesn't say, and if any customer is asking I can't think that FB would tell them, since it just results in wasting the customer's money.

It's like a conversation I saw last week, that video ads pay out to the provider/site even if the user only sees one second of it before pressing pause or the back-button.

Well the fact that he is a customer already does make it more likely that he will also be a future customer. He already likes XYZ distortion pedals, so lets remind how good XYZ chorus pedals are..

For the sake of discussion, why is that scary rather than kind of nice? Unless you take the AdBlock route, aren't well targeted ads better than irrelevant ones?

It's scary because the system learned something about you automatically from an innocuous photo and told others about it, all without a human in the loop. Ads are pretty harmless, but you can imagine what might happen in a surveillance system or if a more malicious actor was behind the system.

Ok, so I'd like some way to get the benefits but protect from the harm. I don't want to throw out the convenience if that's possible.

Its scary because its intrusive. I didn't post the picture so that I would get better ads - rather, to inform my friends that we were having a jam session. But now, we're all going to be bombarded with ads for instruments we don't need to buy (because we already have them).

The most uncomfortable angle is just how quickly Facebook tuned into what we were doing and then changed its ad-delivery algorithm to match. I have one friend who had his picture taken in front of a headshop - he now gets regular ads for bongs and smoke accessories, even though he's not a user. So, that's also quite discomfiting ..

> I didn't post the picture so that ...

This assumes that your and Facebook's intent and interests are aligned. Clearly they are not. Why you posted your picture onto someone else's database is relevant primarily to you, and perhaps also to some subset of your friends.

You're not obligated to turn that process into a money-making proposition.

As Eben Moglen warned us a long time ago [1] the arrangement between you and Facebook (et al) is neither complex nor confusing:

You get some PHP doodads and you get spying for free all the time.

[1] https://www.google.com.au/search?q=eben+moglen+doodads+and+s...

I understand the responses to this, but my take is we're so far past the Rubicon we might as well be in the Atlantic.

For example, I have a friend who has never been on any social media. If he wanted to opt out of the surveillance apparatus, he still would have to address: collection of phone metadata, browsing history, traffic cams, other CCTV, financial paper trail, probably more I'm missing.

I wrote an essay in 2003, saying that all of this was 100% inevitable. No matter how many people thought it was creepy, didn't want it, raised privacy concerns, it was imminent all the same. Digital sense organs would continue to multiply all over the planet, and the digital nervous system would become ever more sophisticated and scary-smart all the time.

I argued that the one thing we had some limited hope of shaping was cultural attitudes and public policy towards this information and how it is applied.

Is there a link to your essay? I would be interested to read it.

My best guess is it's on a zip drive, in a box, in a storage unit. The idea that the future would feature drastically reduced privacy was taken as a given. The thesis was basically that humans tend to be both judgmental and hypocritical, so in a world of total information, we could either keep persecuting and jailing each other over non-violent cultural things, or we could become more tolerant.

I must say that the current climate of everybody tearing each other apart on social media is so far not encouraging.

The rest of it was about the more concrete benefits, like improved traffic, logistics, labor and resource allocation.

That's my wife's position, and IMHO it's a wrong one. It's the same argument about letting them store your search history: everything about you ends up in a database that someone can look up whenever s/he wants. Where you shop, where you eat, where you go on holiday, all about your family and friends, what you like, your health... it's a treasure trove for all sort of nefarious activities that could target you, from ID theft to fraud, framing, entrapment, you name it. But of course it will never happen to you, right?

> "aren't well targeted ads better"

When you're the advertiser, sure. When you're the target, not so much. Do you really want billboards speaking to you as you walk down the street? Making suggestions based on your recent purchase history or activities and personal associations?

Just because advertising technology can achieve greater powers of reaching people, doesn't mean we need or want advertising woven into the fabric of our existence more than it already is. You can opt in to that if you want, I'm staying well clear.

Realizing that the sentence «big brother is watching you» accurately describes the world de live in ils kind of scary…

It's something to rationaly know it, it's totally different to experience it in real life !

This is probably the most important question to be able to answer effectively, though I (and it appears many others) have trouble coming up with a compelling reason why people should be worried. Most of the people I try to convince remain unworried, thinking along the same lines -- why is it bad if they know more about me? I inevitably try to explain that 1) it's not beneficial to you, and 2) more importantly, bad actors could use the information unscrupulously. However, they believe that if this information is helpful in any way in protecting them, and otherwise doesn't really bother them, then it's a positive trend.

I would like to come up with some powerful (frightening) examples of why the data collection going on is so dangerous, and why people should be worried and careful.

>aren't well targeted ads better than irrelevant ones?

Depends on whether you're a fan other other people making your choices for you, I guess.

Because he also looks terrible on the photo and he immediately received ads for MacDonalds jobs within minutes of posting this picture. His insurance also resigned his health policy after a system recognized him as a drunkard.

Insurance/banks are already teaming up with fb for moves in that direction. That isn't anything new.

"If you're not paying, you are the product"

It used to be that the law couldn't catch up with the fast change in technology, now it's us the people that can't keep up. All my friends using Facebook don't comprehend what is going on, it's just pictures right? The idea that FB is creating highly detailed profiles of every user, and selling them to anyone who will pay, is just dismissed as a joke. What good can come from this I wonder.

That's because they are not selling those very pictures to anyone who'll pay.

They (facebook) are the middle men - people who have money come to them to sell their product, and facebook knows who to show those products too.

your friends (and mine, and a huge percentage of facebook's userbase) trust facebook enough for that to happen.

And it does not help anyone's cause when people say "X company (be it Google, Facebook etc.) are selling your info".

Yeah, as someone who has used Facebook for advertising, what they're doing is pretty obvious and not really that nefarious IMO. When I set an ad, I get to say "I want people within 10 miles of this zip code who like dogs, shopping, sports, and breweries" and Facebook limits my ads to only that subset of people. I don't get a list of their names, I don't even know who they are. They just see my ad and I'm charged $1.

Whenever someone asks "what nefarious thing is this company doing with my data?" the answer is rarely "something really, really bad!". Rather, it's almost always "trying to sell you something".

That's true, but Facebook knows the real names, and that targeting technology could just as easily point to religious / political affiliations and personal experiences.

FBI (via NSL):

"Hey FB, show me all the posts from right-wing pro-gun users in within 20 miles of X because we think there's something going on near there".


"Hey FB, show me all the people with pictures taken outside the US with Middle East looking faces/names who are living in South East Michigan".

>> "It used to be that the law couldn't catch up with the fast change in technology, now it's us the people that can't keep up."

And I think that, in turn, is holding the law back further. If people don't understand why something is a problem, they don't care and nobody is going to waste time evolving the law to protect them from harms they don't even know are occurring.

> "If you're not paying, you are the product"

Even if you are paying, you are still the product. More-so if the company is a startup waiting for a buyout.

I am not on Facebook.

But that doesn't mean that I believe I am not on Facebook.

I am pretty sure that Facebook are able to construct most of the shell of me from fragments provided by less careful friends or just strangers.

I imagine, and do not believe I am wrong, that Facebook have a ghost profile already with photographs of me already associated, some preferences and interests already in place.

A montage almost indistinguishable from the whole, or perhaps in some respects better... have they got to 3d models for their Oculus universe yet?

They probably know my name, am I even a necessary part of that picture? What's missing?

Any friends of yours who have installed any FB application will have uploaded your contact details. All FB needs to do is merge all of those profiles of you from each of your friends and they will have a pretty accurate informational profile. Since many people have also added a photo of you to their phone contact entry, FB gets that too. Any time you visit a website that uses an FB Plugin, for commenting or sharing, FB drop a ghost profile cookie against you. If at any point you somehow leak your email address or cell number on one of those sites, they can now tie that ghost profile to a real person, thanks to your friends using FB, even when you don't.

It's not just Facebook, Amazon? Google? Microsoft? They all advertise too, and many others. I've deleted my Facebook profile a couple of times, I've only kept it this long for family. I may change that soon enough too. Especially if anyone ever asks me for my password for it that will be the end of that.

What is the proposed recourse? Ban Facebook from analyzing data that users give it? I use Facebook's automatic tagging because I find it useful. Should it be illegal for me to use this feature because someone might unintentionally be identified in a photo that I took? Is the argument that Facebook--or any other company--should never be allowed to develop software that could process data that could identify folks, even when the data was willingly provided by a user that's complying with the law?

I'm not arguing in defense of Facebook, I just don't understand what someone that's privacy-minded would want. If I can legally take a photo, should I not have the right to have a company analyze that photo on my behalf?

Not saying I agree, but an argument could be made that other people need to be blurred before it is shared with a third party, if they have a legal right to control images of themselves.

If you accept that people do have this right the logical conclusion is then you are infringing and causing harm to them by taking their photo and sharing it with Facebook. If you don't think people should have that right, I am not convinced there is any infringement going on and this creepy database is just the inevitable end result.

Symmetric key encrypt the image, upload the encrypted image with the symmetric key encrypted by your friends' pubkeys.

When you add a friend just append new pubkey encrypted symmetric key for each asset. Friend removal is even more expensive and requires the client side to reencrypt everything :(

I'm sure there are better cryptographic constructs out there with multi key encryption that can alleviate some of the insertion and removal costs.

You could do it with decent trade-offs for the content provider as well. You could obfuscate everyone else's face but yours and allow them to get access to that image and then just encrypt the map for your friends. Of course then it's all about just creating enough mock accounts to recover the full images throughout the graph. Or just take custody of a user's keys in exchange for features.

Still though, it's marginally more expensive to build a mass surveillance app!

I will never disagree with advancing software, because at the end of the day if we don't, someone else will. But I do disagree with companies taking advantage of the laws. There is no privacy law at the moment that bans Facebook from seeing you in someone else's picture and locating where you were, and targeting ads at you based on that information. But it is common decency to have some respect, and discard that information. This is where the capitalist mindset takes over and makes companies think this behavior is ok.

Devil's advocate: there's also no evidence that Facebook is spotting users in airport selfies and targeting ads based on that data.

Even if there were laws, it would be impossible to show whether or not they are (or aren't) complying.

I guess my point is, how would such a law be crafted to be a) reasonably enforceable and b) not impede on the rights of users who want such services

True but you don't train a neural network out of thin air; the data has to come from somewhere. I expect it would require radically new laws that target AI.

Blur out people without explicit consent. Draconian, yes, enforceable, certainly.

> What is the proposed recourse? Ban Facebook from analyzing data that users give it?

I think the answer's obvious -- replace Facebook with an entity, hypothetical at present, that's controlled by its users, not a corporate board of directors whose loyalty is to themselves and to stockholders, people for whom subscribers are a product being offered up for sale.

I'm obviously speaking hypothetically -- there's essentially zero chance for such a thing, given the modern Internet and the current political environment.

> If I can legally take a photo, should I not have the right to have a company analyze that photo on my behalf?

The unasked question is whether the analysis is carried out on your behalf.

Communism would't work, without some benevolent AI running it. People incharge of managing the system will have reason in billions to be corrupt. Such useful info, will always be monetised, right now we can follow the money, take away the legal way and a backdoor will open which will be more difficult to tame.

> Communism would't work ...

That's an example of a false choice. It's not a choice between corporate ownership of our information on one hand, and a failed governmental system on the other (which Communism certainly is). People being in control over their information isn't the same as eliminating capitalism. Those issues are orthogonal -- one can have freedom of opportunity alongside respect for personal privacy.

As an example, consider medical information and the rules for its dissemination. No imaginable corporate entity is so potentially rapacious as a hospital, yet the rules for dissemination of medical information are very strict, such that to reveal patient information to a third party without the patient's consent is grounds for immediate dismissal.

>Communism would't work, without some benevolent AI running it

Oh really? And who would build that "benevolent" AI? A lot of things that may be benevolent for you may not be so benevolent for others.

Facebook can of course do whatever it wants, and users as well. But bystanders should be able preserve their privacy if they so wish. The only way to do this is active obfuscation.

Here's hoping 2017 is the year it gets scaled up, because it would sure be profitable, with the right implementation.

A friend of mine had something similar[0] on his car (it was a Lamborghini) to avoid his car being identified in images online. I'm sure it's not hard to have hoodies and tee shirts with this integrated. It's not visible to the human eye so unless you hold up a camera, it'll not be a problem. That said, this might be an issue if you visit a bank or airport or something along those lines. [0] - https://www.youtube.com/watch?v=Z2oYReMaS4A

Two remedies I've heard about in science fiction are:

1) "Gevulot" in the book Quantum Thief. There are laws that allow you to control the spread of information about you. Digital technology without the 'DRM' that enforces these laws is banned (and yes, the book does explore the obvious problems with this). I've written more on this at http://www.bayleshanks.com/notes-computer-gevulot

2) "Friends of Privacy" in the book Rainbow's End. A charitable organization creates a zillion fake identities with your name so that someone getting a credit report for you, looking for you on Facebook, etc, gets a lot of hits, all indistinguishable from you, and all filled with lies.

Well in the EU Facebook can't do the kind of face recognition described in the article.

Most people in Europe actually still think face recognition is useless (like how speech recognition was useless until very recently) because they haven't experienced it on Facebook.

> Should it be illegal for me to use this feature because someone might unintentionally be identified in a photo that I took?

Regulating against it would be reasonable. What's the utility to the end user?

I don't think the article was advocating any specific course of action, but it's good to be aware of the scope of the information they have available in any case.

The alternative is that when you share something with your friends, it goes from you to your friends without being decrypted by anyone in the middle.

> If I can legally take a photo, should I not have the right to have a company analyze that photo on my behalf?

They have algorithms analyzing your photo. The solution is to run the algorithms on your computer.

> They have algorithms analyzing your photo. The solution is to run the algorithms on your computer.

Doesn't that defeat the purpose? The whole reason Facebook is able to do what they do is that they have existing tagged photos that I may not have access to. I don't need to train Facebook to know what my friends look like. If I have to do extra work to tag my photos, I'd might as well be manually tagging them.

Except that you do have a bunch of tagged photos with your friends in them, because they're your friends.

And the idea that someone who I haven't shared my photos with can still use them to tag me in other photos is not something that I would describe as a feature.

FB is a commercial privately owned publishing platform. In some countries, you need a model release to publish photos of me, in others you need a release for my kids, in others none. This is the thorny unresolved question of what jurisdiction 'cyberspace' operates under.

If you are storing any PID of EU citizens, regardless of your jurisdiction, that will come under GDPR very soon (not sure how that impacts social publishing, photos, info gathered in public vs private places, or if it has a get-out clause etc but mentioning it as an example)

There is a '/etc/hosts' blocklist here: https://github.com/jmdugan/blocklists/blob/master/corporatio... in case you do not want facebook on your computer...

But that doesn't address the issue mentioned in the article, unless everyone around you uses that hosts file.

Once things get rolling, any visa overstayer who shows up in a Facebook photo should expect a visit from ICE.[1][2]

[1] http://www.washingtontimes.com/news/2016/jun/14/illegal-immi... [2] http://www.huffingtonpost.com/entry/trump-vows-crackdown-on-...

Gonna be tricky when people peaceably assemble to block all the entrances and exists of every building ICE operates out of.


  Republicans in Washington state have proposed a plan to 
  reclassify as a felony civil disobedience protests that 
  are deemed “economic terrorism.”
Similar laws are being proposed in multiple states. You can protest, but don't imagine you're immune from prosecution by a sufficiently annoyed DA.

Oh I'm well aware of that. And I predict the more heavy-handed the attempts to restrict protest become, the more people will come out to oppose them.

If you're blocking an enteance or exit that is not being peaceful and does result in arrest.

Sez you. Try convincing a crowd of thousands backed by the local authorities.

Why convince a crowd? They can simply visit you at home or work a day after the protest, device location tracking and face recognition works well enough and they don't need to detain everyone, just enough for deterrence to work.

Facebook, Google, and likely others (observe Amazon with their Echo for instance) are effectively trying to build an electronic Jeeves. But in the process they are building up a dataset on every user that would make STASI look like the keystone cops.

I'm almost 100% positive that some of your best and brightest employees working in critical divisions at Facebook, Google, Microsoft, etc. are NSA moles. I have zero proof but it's what I'd setup if I was part NSA leadership. Just think about what that means for our data.

Think about being one of the best and brightest hackers out there... why would you want to work for the NSA? What incentive do you have, other than a boatload of money? Isn't the regular, guilt-free FB boatload enough?

FB pay plus the substantial NSA bonus perhaps? Maybe also the added benefit of access to NSA career networking (even assistance to land those top jobs in the first place)?

All supposition on my part of course.

That's why I ask my friends to tag themselves as me periodically and I tag myself as them.

The neural network is all confused and now it tries to tag the wrong people.

More people should do this. And be thorough, agree to consistently tag the same people with the same wrong tags.

It's not just Facebook. As more images become publicly accessible on the internet, that capability will be available to many organizations and individuals.

If that scares you, you should think about how we can protect ourselves from tyranny without anonymity.

I wonder what will happen when it becomes possible to search the entire corpus of nude selfies on the whole internet, by name.

Last year facial recognition was used [1] to out porn stars in Russia. Today Google Image Search will return real names (or alleged real names in cases of mistaken identity) for many selfies of people who were doxxed at some point. We're not that far from this.

[1] https://advox.globalvoices.org/2016/04/22/facial-recognition...

I can't get into my Facebook account right now because it's prompting me with a request to provide government-issued ID (eg, drivers license, passport) to verify me. Suffice it to say, I am no longer on Facebook.

I don't have a FB account and I'm not very savvy when it comes to photoshop, but wouldn't it be pretty easy to create a fake ID to email them?

FB might not be worth the trouble for you, but assuming someone really wanted to continue using it under a fake name, isn't this a viable option?

How did that happen? I have a 'fake' Facebook account (the only kind I'd ever have!) and I wonder what it would take for Facebook to ask for 'verification'.

I have found these ways for Facebook to require verification:

1. Created a fake account in one country and used it a few times, then many many months later I tried to login from another country and Facebook promptly required government-issued ID.

2. Created another fake account and changed the E-mail address after a few days and Facebook promptly required government-issued ID.

It makes me really happy that so many are deleting their Facebook account, or at least trying to use it less.

The handle I used was a reverse of my real name (surname is a Christian name), and I tried to log-in one day and was prompted with this request.

I created an account on clearnet, then I connected from Tor site facebookcorewwwi.onion. Account got locked with ID verification.

Mine is asking for a DNA sample.

You are on Facebook. All your data is there. You simply can not log in any more.

I've been using Facebook since college (circa 2005). Never "hidden" my profile from anyone or the public. Never deactivated anything or deleted a post. Recruiters and acquaintances look up my profile all the time. Still, I have never had the data I've given them come back to haunt me. I still trust Facebook leadership very much in this regard. Maybe it's because I trust myself and how I utilize the technology. Or maybe it's because I am cut from the same cloth as them when it comes to technology and I understand it at a very instinctive level. In light of the recent election, at this point I wouldn't trust any other entity with that kind of data (like Amazon, who seems to use my data to raise prices on me, frequently). In fact, I would wish Facebook to contract with and take over identity management systems (ie. social security, drivers license) away from local and federal government - not to dictate policy but just to dictate infrastructure. I really don't care about privatization or policy in a general sense, just progress in this regard.

10 years later I still don't get the point of these articles besides fear mongering and at most to provide a technological challenge to engineers and developers on "the other side". I understand ad-blocker companies are fighting a messy war right now with both content and ad providers. I guess that is another way, albeit much slower, way to achieve progress. Hacking goes both ways.

That age old "I have nothing to hide" argument. AKA "they're nice people, what could go wrong".

This is not the point. The point is:

Information in the wrong hands can become dangerous, period.

People change. Companies change. You have no guarantee Facebook will preserve the vision they have right now. You have no guarantee their new CEO won't have a different opinion... (wont be a "Trump").

Also you have to realize, how much pressure from authorities they have to handle. A Russian friend of mine (I'm originally from russia) used to work for "VK" which is (was) the biggest social network there. They literally got calls from surveillance agencies on a daily basis. At some point they were unable to fight the pressure and surrendered, the CEO was forced to resign and leave the country (Pavel Durov, he runs Telegram now), the stock were sold and the social network is basically controlled by the government now.

I do agree the article is a bit over dramatic. But that's just to gain attention from non-tech crowd I guess, who continue to happily post kitten-pics without thinking of the consequences.

Not OP but even if the next Hitler would get all my Facebook data I still don't care personally. Am I naive? I do understand why people have a problem with it though.

You probably never lived under communism. Often people got in trouble not because they were dissenting, but merely being associated with somebody that was a political dissenter.

The usual term of accusation was called: "Agitation and propaganda" for the imperialist/capitalist regimes.

So, why you might have been squeak clean, if your friend, or your cousin was not, then you were considered a problem just by association. When somebody got in jail, their whole family got 'interned' (means, they uproot the family and send them in some remote village). Doctors had to work farm fields, etc.

If you were just a cousin, or close friend then you were marked as a problem with not a clean history or biography. If you wanted the nice job, or good education, you would be rejected for it.

It seems like a far fetched distant dystopian reality, but during 1950-1990 was reality in half of Europe. Also, a reality in the US the 50s with McCarthyism: https://en.wikipedia.org/wiki/McCarthyism

If I start living in a dictatorship all of a sudden I feel my Facebook data will the least of my problems. It's such a minor issue in my mind that it's like worrying about whether the earth will be hit by a meteor.

United States IS ALREADY using this data to deny people's entry and interrogate them on the border. FBI and other agencies are ALREADY using those kind of connections to bring in suspects for crimes and suspected terrorism. Being flagged on several systems can mean that your ability to fly will be denied without explanation - in USA, RIGHT NOW.

This isn't something that went away with fall of the Wall, it came back with a vengeance in western world under the guise of Patriot Acts, Anti-Terorrism acts and it's in many ways significantly worse than it was under KGB and STASI.

He's saying that if you live in a dictatorship, your Facebook data may literally lead to your death.

Yes, and the day I end up in a dictatorship I may just as well kill myself anyway. What I'm saying is that the small risk of whatever bad things happening due to Facebook is still not worth my energy. I can fight the fight for other people though.

As someone who lives in Turkey (which you might consider as dictatorship), I might get arrested for this post, just for calling turkey a dictatorship.

Fun, eh?

The reason I do not kill myself is hope, that I'll be able to get off here one day. That and antidepressants.

Depending on where you live, a dictatorship might be plausible.

Ok so when will you be zipping up all your personal data and uploading it for me to examine?

And please also post your passwords to Facebook and bank accounts.

On a more serious note, are you potentially related to anybody Muslim or Jewish? Have you ever posted political comments or links? Are any of your acquaintances hardline left or right wingers? All sorts of seemingly harmless things today will get you on a list tomorrow.

It's impossible to say that you don't have anything to hide, because you don't even know yet today what you may need to hide tomorrow.

> Ok so when will you be zipping up all your personal data and uploading it for me to examine?

Why would I give it to you? I don't understand that argument. If I say "I don't really care if a bird poops on me", does it mean I want birds to poop on me? Just as I won't stop going outside due to the risk of being pooped on, I won't stop using Facebook just because there's a risk of someone obtaining my data.

> Not OP but even if the next Hitler would get all my Facebook data I still don't care personally. Am I naive?

Do you have Jewish ancestry?

Of course the next "Hitler" probably won't be after Jews. Next time it would be Muslims or immigrants or Stalinist purges of anyone who disagrees with the administration.

You don't know today what opinions would get you put on a list tomorrow.

And if you've never said anything that anyone could ever find objectionable, you're probably doing something wrong.

Just a little more on this subject:

Good luck proving you're not one of the targeted groups to someone in power who's not interested in your proof.

The problem isn't a system in which Jews or Muslims or Armenians are targeted for discrimination. The problem is a system with the power and legal authority to target any group whatsoever.

What you're missing is what security people call defense in depth.

The primary goal is to prevent a system that can target anyone, but it is a historical fact that we have not always been able to achieve that goal. What happens then?

> What you're missing is what security people call defense in depth.

I didn't miss it, I deplore it. True "defense in depth" puts all civil rights aside. "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin.

> What happens then?

Citizens fight back. The outcome that tyrants dearly wish for is a population that simply doesn't care, or that can be frightened into submission. It's my hope that we're not that population.

Even token resistance is better than none at all.

> I didn't miss it, I deplore it. True "defense in depth" puts all civil rights aside. "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin.

It seems, then, that the part you're missing is that in authoritarianism the authoritarians are the government? The entire concept of civil rights in general and privacy in particular is as a defense against a bad government.

> Citizens fight back. The outcome that tyrants dearly wish for is a population that simply doesn't care, or that can be frightened into submission. It's my hope that we're not that population.

Except that you didn't object to Facebook having all your information, so when the jackboots march in and seize their servers, they get everything they need to know to identify anyone with the inclination to resist and can dispose of them before they can organize.

People have been fired or denied employment from "groups" they "liked" way back in the heydays of Facebook.

Very benign things can activate very discretionary things in other people.

If I get fired because of my Facebook profile I'm sure I wouldn't want to work there anyway.

and I'm guessing you consider that a rebuttal?

What do you mean?

The point is to not only consider how such dynamics would affect you personally.

There are 7.4 billion humans on this Earth, and not all of them have the opportunities you do.

The point of what? The discussion is strictly about my personal situation. I 100% understand that other people may be much more affected and I'm supporting their cause. But that's off topic.

I'm guessing this is why elastic_church thought your response was a weak rebuttal. It's a very narrow view of a complex, important topic that will likely have big affects on our society.

That's because you don't have anything to hide right now. But you never really know what class will be targeted next. Maybe you don't care because you're not Jewish, or not a Muslim, or not a right-winger, or not a feminist... but whatever class you are part of could be the next one everyone hates.

I find it so unlikely that my Facebook data will ever constitute such a problem and even if it happens, well so be it. I have much more realistic and current problems to worry about. I just can't be bothered, even if I hear what you say.

Then you surely have no problem in giving me all your data now. Bank accounts access included, pics of your mom and all conversations you ever had online say for the last 5 years. I'll take care of it, also you can trust me, i'm a cool guy and no intentions of becoming a leader or govern any country ;)

We're talking about Facebook, not privacy in general. I don't want random people to get my Facebook data, but I won't take any extreme measures to prevent that small risk.

Also, I don't understand comments like yours. It seems like a fallacy. Just because you "have nothing to hide" doesn't mean you want everyone to get your whole file just for the sake of it.

I can guarantee to you that the data will only be used by me (that's more than facebook does).

Also, I don't understand comments like yours. It seems like a fallacy. Just because you "have nothing to hide" doesn't mean anyone should get your whole life just for the sake of it.

I still don't see why I should give it to you.


The difference is that I get something out of using Facebook, while giving it to you gives me nothing.

I really didn't want to be that guy, But you should really try to think about what you write before you post.

"...even if the next Hitler would get all my Facebook data I still don't care personally."

Sorry, i'm downvoting your post as you clearly seem to be trolling.

I don't see how that translates to "I want to give everyone my credit card number". Especially since that's not part of my Facebook data.

You seem to think it's black or white: either you want everyone to have your data or you die before risking to give it to anyone.

Let's break this down. You're saying that social interaction and the experiences offered by the Facebook platform are an important part of your life. I could maybe prod a bit more on this point, to really highlight that the modes of interaction and experiences offered by Facebook has comparable alternatives, but let's say that's subjective and you like what you like.

But in terms of the data collected by FB, especially the extent of it, your view is that it seems okay, considering the benefit you receive from FB and you're not bothered. This broadly places you in a category of people who have not experienced a negative experience / erosion of your position in a transaction due to information asymmetry. Either that, or you are in a significant position that this doesn't bother you much.

An example from the past - SS used to target dissenters in Germany by throwing bricks at their windows during the night, sending lewd anonymous letters to their partners and causing strains in family relationships etc.

Key to this was knowing your affiliations and information on when you were at/out of home, if you lived with a partner or not, what your address was etc. they collected this through extensive surveillance on the ground, storing this information on paper documents and sifting through them when needed.

In our case, we have an entity FB that can capture extensive amount of our information, through voluntary and non-voluntary means, store them easily with marginal costs and have the ability to sift through them in seconds. Now, it begs the question who gets access to these capabilities if they are being offered up for sale - a benevolent company will use it to market its services, an aggressive company will try to outmaneuver you at negotiations to maximize their profit and limit your savings, a benevolent government will use it to improve services to you, an authoritarian one will use it to crush you.

If you think about the actual operation of collecting this data, it's nothing more than the commoditization of detective services. What would take a human hours of work to keep track of your whereabouts, not how long you eat your food, what you possibly spend at different places, who you interact with and how much etc now is done through our devices for no cost.

Some of us believe this is not correct, that such information is being gathered on us, because some experience in our past has negatively impacted us, due to information access and asymmetry. We oppose this and seek out ways to curb this / put guard rails. Others like you, do not see the need for jede guard rails, which to me is a little naive indeed.

Am I naive?

Yes. Very.

Yes, you are.

Even when I paint the worst possible scenario in my mind (I get killed because of my Facebook data) it's still not something I can be bothered about. I could just as well be hit by a car tomorrow but I don't worry about that.

I could just as well be hit by a car tomorrow but I don't worry about that.

I don't "worry" about getting hit by a car every day, either. But still I always look both ways before crossing a street. Even one-way streets.

Of course. The problem is that look both ways in this case basically means stop using Facebook. It's not something I'm willing to do, regardless of risks. It's an important part of my life.

In your case, I wouldn't worry about the risks of FB as much as about the fact that you seem to keep going back and forth in your thoughts. You just asked us, a few levels up, to consider the "What-if?" scenario of some future Hitler coming to power, with all your data available on FB. And so people started explaining to you that, yes, in that case, you'd definitely be very naive not to consider the (obvious) risks of having all your data up on FB.

To which your answer to that was, basically, "But that's not very likely to happen."

You're right. I forgot what the discussion was originally about.

>Still, I have never had the data I've given them come back to haunt me.

Are you sure? Facebook has a patent on lowering your credit score based on who is in your friends list[1]. They also feed data to credit score companies who directly examine your posts and use it to tweak your credit score yet further[2].

It's totally possible that your use of Facebook has affected your ability to buy a car or house, or get a job[3]. The lifetime cost of your mortgage could be $20,000 higher than it need be due to your use of Facebook. Maybe you got passed over for that job that would have been in the perfect place for raising your new child, due to your posting. How would you know? Did you really think they were going to tell you?

Maybe you're not at a time in your life where these things have happened to you yet, but I have bad news. The data you've submitted to Facebook will never be deleted. It's invisible baggage, following you everywhere. Honestly, you have no real idea of what impact it's having on your life, because it's not in the interest of any of that data's consumers to tell you what they are doing with it.

[1] https://qz.com/472751/facebooks-new-patent-lets-lenders-reje... [2] http://www.ajc.com/news/national/how-your-facebook-profile-c... [3] https://www.creditkarma.com/article/why-some-employers-check...

> It's totally possible that your use of Facebook has affected

The really scary possibility is that your non-use of Facebook has negatively impacted your credit score.

My (mostly) non-use of LinkedIn (which is even worse than FB IMHO) has almost certainly had a negative impact on my career.

It's definitely something I have a serious concern over. I also have serious concerns about certain types of personal account being required for employment. I have personal microsoft, github and google accounts that I don't want, but had to create because I had to access msdn/github/google cloud console or I would not be employable. None of them provide a mechanism where my employer can open an account under the name of the company (so I bear no liability), bestow it upon me as a work asset, and then revoke it when I leave. AWS provides this in the form of access keys which are god damn great, but they're an exception.

At some point, we will have to start auditing and regulating the responsibility that companies owe to society once they come to dominate a field. There's a scary chance that LinkedIn might capture almost all the professional job market. Once that happens, we /need/ to be able to audit them to ensure they are fully complying with witness protection requirements, and to make sure their algorithms don't contain race biases.

Look forward to that one being the hot topic of 2025's legal circles.

Credit scores are percentiles. It's mathematically impossible for the effect of taking an attribute into account to only lower sores or leave them the same. So, you could just as easily have said that they raise scores based on who is or is not in your friends list.

I personally know several people who got jobs because an acquaintance posted on Facebook.

> The lifetime cost of your mortgage could be $20,000 higher than it need be due to your use of Facebook.

Or it could be $20,000 cheaper if you're actually low-risk and their algorithms are better than the status quo...

> Maybe you got passed over for that job that would have been in the perfect place for raising your new child, due to your posting. How would you know?

If you didn't have Facebook, how would you know if you were missing out on opportunities because you've since lost touch with various acquaintances?

>Or it could be $20,000 cheaper if you're actually low-risk and their algorithms are better than the status quo...

I'm sorry, are we now living on bizarro-earth where companies work with each other to develop new, exciting opportunities to make less money?

Yes, it's one of the tenets of capitalism. Competition results in lower prices.

Most of the US banking sector is owned by a small number of companies[1]. Now I don't live in the USA so I can't speak for the USA in particular.

However, I have lived in Australia, where the banking competition is so bad that the consumer protection agency is having to explain in baby words to the national banks why they can't gang up on apple pay[2].

I have also lived in Iceland, a nation in which essentially all industries exist in tiny vertical monopolies, and the banks are no exception. It's hard to link citations here because fólk lesa ekki Íslensku[6][7], but go ask an Icelander if they think the national banks are in vigorous competition, they'll laugh in your face. Landsbankinn was genuinely shocked and puzzled when I moved all my accounts to Arion because they wouldn't give me a visa electron card so I could buy things off the internet.

That having been said, some quick[3] googling[4] suggests[5] that the USA isn't in great shape when it comes to competition either. In general, consumer competition is poor among banks, and they like it that way.

[1] https://hbr.org/2016/06/one-big-reason-theres-so-little-comp...

[2] http://www.abc.net.au/news/2016-11-30/accc-rejects-the-banks...

[3] https://www.justice.gov/opa/pr/five-major-banks-agree-parent...

[4] http://www.reuters.com/article/us-banks-rigging-lawsuit-idUS...

[5] https://www.bloomberg.com/news/articles/2015-12-05/banks-sai...

[6] no one reads Icelandic

[7] please critique my grammar, I'm guessing here :(

There are 6,799 federally insured banks in the US; it's an extremely competitive market compared to anywhere else in the world. They're also constantly competing against non-bank lenders and P2P lending marketplaces.

If you have a better algorithm of determining credit risk you can make a lot of money undercutting the competition on the right borrowers.

In fact, I would wish Facebook to contract with and take over identity management systems (ie. social security, drivers license) away from local and federal government - not to dictate policy but just to dictate infrastructure.

Is it "fear-mongering" to bring up this episode again?

Zuck: Yeah so if you ever need info about anyone at Harvard

Zuck: Just ask

Zuck: I have over 4,000 emails, pictures, addresses, SNS

[Redacted Friend's Name]: What? How'd you manage that one?

Zuck: People just submitted it.

Zuck: I don't know why.

Zuck: They "trust me"

Zuck: Dumb fucks


Is there a newer interview with Zuckerberg where he expresses his views at length? Given how big Facebook is now as a company, it's possible that that "policy" was supplanted by a later more reasonable policy. What is their current view, have they explained it in any detail?

I'd suggest a better question to ask would be: could you ever trust Zuckerberg to honestly tell you what his real policies will be -- as opposed to what he might say they are, in statements to the public -- when the government comes by to twist his arm?

Given the sheer number of people involved in Facebook's decision-making, I would believe it if they told me there was an internal consensus that differed from Zuckerberg's earlier college-age views. So I want to know if there is such a consensus, because if there is, then to my mind it would override that chat snapshot.

Also, yes, you can generally trust people to tell you what their real policies are. They might not be good policies, or well thought-through, etc., but there are very few people in the world who make it their business to lie and cheat every day.

But there are very few people in the world who make it their business to lie and cheat every day.

Actually there are quite a lot of them.

Well said. Just look at conservative estimates of the number of psychopaths and sociopaths (2%) still gives you 140 million people that lie and cheat because they have no conscience and want to manipulate people.

Add some plain greed on top of that, and you'll end up with a lot of people. Grandparent is very naive.

Indeed, there's a whole host of reasons why sociopathic / psychopathic traits (such as the ability to lie credibly and manipulate others generally) enable people to ascend to positions of leadership in businesses (and hence, are represented in these ranks in higher numbers). See e.g.:


Strongly disagree, though I'm not completely certain: people use all their powers of rational thinking to convince themselves (if nobody else) that what they're doing is quite alright. So if you spot somebody lying, chances are it will show up in their reasoning if you question them about it at length—and they'll tell you about it, directly, because they've convinced themselves they're right. I think that's one way to explain why you should believe things people say about their own beliefs in interviews (while being skeptical about whether it's actually right).

People don't change. Facebook sprang from a bad seed.

In a just world filled with righteous people, that chat log would have doomed Facebook to oblivion long ago.

>People don't change

This is laughably, shockingly, categorically wrong. People can and do change, all the time. Your opinions, values, etc didn't change from when you were in college?

Sure, my opinions, values, etc have evolved along a continuum since my college days, yes. I've learned a ton, and make fewer unforced, stupid errors. I've had some damaging tragedies since that time that made me more wary and empathetic to others facing similar difficulties. I am more complex and nuanced.

But, my character, my moods, my tells, and the fundamental flow of my thought processes have never changed. I'm the same lumpish animal I was when I was a tot. When someone says "People don't change", I think the core of that sentiment is that the brain wiring that makes random person X who they are never changes (save the brain becoming damaged or fading, of course.) I'm talking about the essence of a mind.

So I contend that a creep like Zuck doesn't uncreep himself. A sociopath is wired that way, even if they're proficient at hiding that fact. You might say, "Zuck's been exposed to and riding atop a business operating at a mind-blowing scale and pace - that HAS to change a person!" I think that's just projecting what one thinks would happen to themselves in such a situation. What change can you actually point to in Zuck?

Yes, people change. Even Zuck seems to have changed a bit, in recent years.

But to get back to the subject of the original subthread: not enough for us to trust him running our national ID structure, thank you very much.

Well, the recent "policy" I heard had something to do with "racial affiliations" to target the ads, if racial profiling was allowed they would do just that.

> Zuck: I have over 4,000 emails, pictures, addresses, SNS

What's SNS?

A typo (in all likelihood) for either SSNs or "Social Numbers".

Could also be SMS (phone #)

Very unlikely.

Why would Facebook collect SSNs?

Like he said -- "People just submitted it".

But... why? When? How? I joined Facebook in 2006 when it opened to the public and it never asked for my social security number. Did they used to ask that prior to 2006? I mean, "people just submitted it" only works if it was asked for. Unless we're presuming people posted their SSNs on their wall for their friends to see.

I really doubt that's the case.

This isn't about Facebook though, it's about some prototype he created earlier. I'd say he probably had SSNs because lots of universities used SSNs as student IDs before it became universally clear why that was a terrible idea, and he probably required your student ID number to use the service.

Yes, it was from an earlier prototype of FB. But the bigger point is that it was Zuck who was saying that. And it tells you everything you need to his real attitude toward your privacy -- no matter what his "policies" say.

As well as attitude towards his users as human beings generally.

The point of this particular article is that you don't even need to be on Facebook. Your image is bound to be captured, perhaps only in the background in a public space, by someone who is. Your face will be recognized and it will become part of your "public record". No amount of opting out will prevent this. Perhaps going full Amish will, but even that simply pushes back the timeline.

"FYI man, alright. You could sit at home, and do like absolutely nothing, and your name goes through like 17 computers a day. 1984? Yeah right, man. That's a typo. Orwell is here now. He's livin' large. We have no names, man. No names. We are nameless!" lol i used to love this quote in Hackers and your point made me recall it.

On Facebook and other social media websites, people regularly volunteer to identify their friends in photos.

That does not happen with ordinary street surveillance footage, as far as I know.

So you might have pictures of you taken by street surveillance cameras as you walk around in big cities, but your face isn't ordinarily going to be recognized by anyone.

These days, I'd be willing to bet that "ordinary street surveillance" uses facial recognition algorithms. It wouldn't be as effective as FB's, because FB has an enormous stream of training data coming in all the time. However, that could change if law enforcement got access to FB's data - hence this article.

Facial recognition software can only recognize you if your face is already in the database and identified as you. It's not going to magically know your identity otherwise, no matter how sophisticated it is.

On the other hand, I guess it could do some inference, such as: person X seen at location Y is also seen going in to residence Z every evening and coming out of the same residence every morning for the last 6 months, therefore there's a high probability that this person's address is residence Z, and since John Doe is the only person registered as living in that residence, person X is probably John Doe, etc.

> Facial recognition software can only recognize you if your face is already in the database and identified as you.

Right, which is exactly what would happen if law enforcement/governments could access FB's database.

Government already has a huge database of photos with name tags attached: the photos you submit when you want to get a passport, drivers license, or any other form of ID.

Fear mongering?

Consider yourself lucky if you or your loved ones haven't been harassed or stalked because of information you've posted about yourself or your family online.

Some have not been so fortunate, and don't want to make themselves or their families any more vulnerable than they already are.

Statistically speaking, the apple only ever falls so far from the tree. Imagine if we had Face-book in the since the 1920s. Imagine if DHS could use FB info to figure out who's parents gave them alcohol as infants when they wouldn't STFU or hit them when they swore. I bed they'd start showing up at schools and randomly questioning kids the way young people crossing the border get searched "randomly"

You might not have anything to hide now but you might in the future and even if you don't that doesn't mean you won't be harassed because you "might" have something to hide.

Immigrants from japan/germany/italy in the US during WW2. Those people all had nothing to hide on Dec 6th.

Yeah, I always get annoyed at standing in line for building security needing to take yet another photo of me and stare at my license. Let's just be friends on Facebook so their security cameras can identify me when I walk in the door.

I honestly can't tell if you're being sarcastic or not.

Nope, not sarcastic. I understand that my comment might sound like a parody to folks that share the sentiment of the article author.

The data accuracy is terrifying, really. Also, I visited shopping centre last week and in the next morning, I got Facebook Notif asking me if I would like to review the visit. I felt very annoying.

The problem is real.

Annoying? That's terrifying and I'd feel terrified.

Anyone know this technology well enough to know if sunglasses and a scarf of some sort would prevent my being recognized if not making me look somewhat silly or suspicious.

You may be interested in the movement against facial recognition [1].

[1] https://cvdazzle.com/

My iPhone camera face detection was able to detect some of the camouflaged examples instantly.

Worth making the distinction between a human face in general, and the face of a specific human.

The irony here is that if you look like the people in the photos, i.e. a 80-90s era post-modernist hipster in the year 2017, you'll probably draw far more attention to yourself than you would otherwise.

If all you want to do is prevent the credit bureaus from knowing you hang around with poor people then massive mirrored aviators, a ball cap and the kind of beard that would make Osama jealous are your best bet.

Facial recognition works primarily on mapping the distances between key features, kind of like a bitmask. The more features you have the longer the bitmask and the fewer matches.

It's not about being "un-matchable" it's about having so few data points you match with enough people that whoever's deciding what "good enough" is for the application has set the bar above how ever good your match is.

For something like sending advertising the bar is super low, who cares if you send out some extra spam the cost of doing so is low. The advertisers don't care if they can't precisely target the mystery man because gaining or losing one lead isn't important when you have thousands. They'll either just not send anything or send something to every possible match.

For something like insurance and credit the bar is higher because if you get the risk wrong then you lose profit margin or the ability to price competitively. This is the one area where the mystery man can win. The people selling data to the creditors can't just set the "hangs out with poor people" bool to true for each big group of people that is a partial match with a mystery person. That approach doesn't scale.

For something like IDing the guy who got a good look at the guy who placed the suitcase that had the bomb the bar is low because while the cost of interviewing a bunch of people is high the available resources are high.

If you want to stay under the radar of the analytics companies then license plate scanning should worry you a lot more than facial recognition (in the US at least).

>>If you want to stay under the radar of the analytics companies then license plate scanning should worry you a lot more than facial recognition (in the US at least).

Can you elaborate on this?

> Anyone know ... if sunglasses and a scarf of some sort would prevent my being recognized

Not really, it's a classic example (at least, one I've seen several times) to show recognition even when obscured.

That said, I just searched for an example, and found this paper [0] claiming highly effective tortoiseshell glasses to block recognition or deceive to be another. Though it certainly doesn't satisfy your other requirement of:

> not making me look somewhat silly

[0] - https://www.cs.cmu.edu/~sbhagava/papers/face-rec-ccs16.pdf

This doesn't really answer your question directly but I find a fun exercise is to take a picture of a face and modify it (clip it, skew, morph, rotate, repeat, etc), and then see at which point Facebook will cease to recognize a face in the image (and then perhaps your face specifically), while you still do.

The real point is that: I believe there are some images in the search space that any recognition algorithm will not see a face in, but which your brain will and vice versa.

Any recognition algorithm? How does your brain do it then, magic?

And people are always wondering why I ask them to delete pictures of me if they take them without me stopping them first. Been doing that for years just because I don't want my face to Facebook or Instagram...

What made me stop caring about Facebook is how damn sneaky they try to be to keep you from logging out or turning pretty much anything off. It's really easy to accidentally leave things on, and stuff like chat can decide to turn itself back on.

Awhile back I noticed that fewer and fewer Facebook pages offered any of the top menu items (including "log out"), requiring you to be more and more explicit about which Facebook page you were viewing to even see a way to log out. I am sure the idea is to have you "accidentally" stay logged-in and then view half the Internet so they can track you.

The final straw for me is that now I see no log-out link AT ALL, not even if I reenter the root facebook.com into my browser to go to the home page (which used to restore the links on top). There is now no apparent way to log out without killing my browser so I am done with them.

Would Facebook's facial recognition work as well in an airport or train station scenario? It is definitely an easier problem to recognize one face out of a few hundred or few thousand (your friends) than it is to globally match across their entire database.

They wouldn't have to match globally across their entire dataset. Check your messages before/after landing, maybe post something like "lol, guess I'm going to Madrid". Governments know you flight and boarder activity, financial institutions would know your purchase history.

You've just eliminated a large amount of possible faces.

Well, considering all the computing power they have (more than 100k servers across dozens of datacenters - and that data is from 2010) this is not a problem.

Hell, they can even quickly detect copyright infringement a posted video right? Ever posted a video with some background music? I don't think computing power is a problem...

The problem isn't computing power, it's algorithm accuracy. If there are thousands of people who are a close-enough match to your face, then when they see your face in a random crowd at a train station, they don't know which of those people you are.

To fix this they'd probably need other heuristics, which for all I know they're already using. An easy one would be to narrow it down by location, though sometimes that'd be wrong. A more sophisticated method would be to build a model of human movement, keep track of locations where they have high confidence it's you (e.g. in pics of you in small groups with your friends) and combine these into an estimate of the probability of each candidate match being at the train station.

There are companies who are selling tech that will recognise a person rapidly walking past in a conference crowd (had it demoed to me), so yes the tech is definitely capable now

That's still a small population to choose from.

I use facebook.com as a tool for networking just as I would LinkedIn, no app, no messenger, just the site. I know people who don't need facebook at all, I know others that use it to share their creative content and others that just post useless articles. However it is still a tool for many, if you don't want it to collect a massive profile of yourself either limit the amount of posts you share online or don't use it at all. I don't understand the massive fallout of facebook on HN, the 'collective think' mentioned earlier and companies like Cambridge Analytica seem like bigger issues than the data facebook collects itself.

Facebook collects information about you whether you use it or not.

> Even if you’re extremely cautious, even if you never post anything on Facebook, even if you have “location services” disabled on your phone at all times etc. etc. Facebook still knows where you are. You can’t stop other people from taking selfies in an airport.

This seems a bit over the top. What are the odds I'll end up in the background of someone's selfie that they post on Facebook? I imagine the chances are incredibly small. And if I choose to take a picture with someone, I just have to be aware that it may end up on social media and be OK with the baggage that comes with that.

> What are the odds I'll end up in the background of someone's selfie that they post on Facebook

Uh, pretty high? Depending where you live, I suppose.

I frequently find myself in front of someone seemingly 'selfy-ing', and always feel slightly uncomfortable since it looks exactly as if they're taking an ordinary photograph of me.

I'd have only to be behind instead of in front of them in order to be in their 'selfie' (assuming that is what they're doing!) - and I'd have thought that would happen even more often than being in front, assuming some of them feel just a modicum of embarrassment at the ridiculousness of the activity.

Another org with a network of surveillance cameras just has to do a deal with FB

> a little privacy tip: use Facebook in mobile Safari, with an adblocker, and delete the iOS native app — helps a lot AND saves you from tons of ads and 3rd party cookie tracking. Not to mention wonders for the battery. I’m sure there’s a similar solution for Android.

This is how I use it on my phone. I don't use the app because the app cannot be trusted with any specific permissions I provide with the belief that it won't be misused or that more data won't be collected.

> On a desktop — use an extension like Disconnect to block 3rd party cookie tracking.

On a desktop/laptop, I have it a lot better. I use Firefox with uBlock Origin, Privacy Badger and a few more extensions (like removing the Facebook link redirector PHP script from links within FB).

I am still totally amazed by what people share from their private life FOR FREE on Facebook. If you want to beat Facebook you only have to make a similar platform that actually pay people for posting their private stuff. Would be a nice startup :)

That's one way to look at it. I think you'd admit that this isn't how a lot (if not most) people look at it. Facebook and other platforms provide them a convenient way to share their parts of their lives with their friends and family. Reasonable people can view this same situation differently.

You're almost assuredly right that there are still opportunities out there in this space. I do think paying people to post would change the dynamic: it would change what and how often people would post. It's definitely an interesting problem!

I like how he doesn't get around to actually suggesting that you get rid of Facebook.

Every claims to not use facebook anymore (in no small part due to posts like this), but at every quarterly earnings report the daily and monthly active users continue to grow.

So where's the disconnect?

Part of that is probably Facebook getting into more emerging markets that previously had limited connectivity - probably why they're getting into the infrastructure business.

But you certainly don't hear people talking about Facebook any less in the States, yeah. Maybe the demographics that use it most don't read the sources that put out these sorts of pieces?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact