Or lordy, didn't expect this comment to blow up this much. Do forgive me if it sounded a bit smug, that was not my intention. But the fact of the matter is this was something we were all warned about, we were shown countless examples of exactly this, not just us nerds, everyone, people like Edward Snowden risked their lives telling us about how all this data was being used against all of us. and yet everyone kept giving more and more, you were looked at like a tin foil wearing nutter when you told people not to give away so much information about themselves so easily.
At the end of the day, this is not really 100% facebook's fault, this is our fault, the fault of everyone who so readily made their information available without giving much thought to who sees it and what happens to it. And no just because you are not a techie you are not off the hook for not caring enough about your own privacy. I mean what level of technical knowledge is needed to know that once you post something online others can see it?
Funny thing is, this would all blow over after a few months, and everyone will go back to the usual habbits.
In general it's pretty amazing how trusting the average human being seems to be as soon as computer are involved. I suppose that it's mostly out of ignorance and complacency. People seem a lot more careful when physical mail is involved than emails for instance. They also don't hesitate to share extremely intimate details about their private lives with a faceless corporation. Some of my friends willingly opt into streaming their position in real time continuously through their smartphones. That's terrifying to me but apparently very convenient for them. I think Zuckerberg agrees with my sentiment since that's the source of his "dumb fucks" comment.
I hope these articles will help change that mentality but I'm not overly optimistic. I read a comment on a forum earlier today that basically said "screw Facebook, I'll close my account and do everything from WhatsApp instead". I don't think it was sarcastic.
1990s: your signature needs to match exactly so we know it's really you!
2000s: you must enter a PIN that hopefully only you know?
2010s: fuck it just tap the card near the reader
“No one company should have the power to pick and choose which content reaches consumers and which doesn’t,” said Franken. “And Facebook, Google and Amazon, like ISPs, should be neutral in their treatment of the flow of lawful information and commerce on their platform.”
And then one week later, his political career was suddenly over. Politicians got the message loud and clear; Don't F* with Facebook.
How do you avoid this? I have a GPS in my car with stored routing information, but if I need to navigate for someone else or get walking/biking directions, I am forced to do this. Printing out directions beforehand is something I did only a few years ago, but these days I don't always have a chance to do that.
I remember installing a dating app one evening, and thinking "I'll look at it tomorrow.". Next evening, I opened and it said "This stranger and you were both at this subway station around noon!". Geezus Christ! I didn't even open the app the whole day! Uninstalled it straight away.
I usually leave Location services off. I'll enable them for 5-10 seconds, get the directions from Maps, then disable the Location service again. Of course, they can still estimate my location with cell towers (or WiFi, but I usually have that disabled as well), so it's not a perfect solution. Saves a lot of battery life, though.
Most people don’t think “the data used to sell me milk could be used by politicians.” And those that do didn’t think “political ads today could be replaced by surreptitious foreigners tomorrow.”
If your reaction is “they should have known” you are in a Silicon Valley thought bubble. (I was until recently, too.) What you find “horrifying” is that bubble’s edges fraying.
“Of all the news crises Facebook has faced during the past year, the Cambridge Analytica scandal is playing out to be the worst and most damaging.
Why it matters: It's not that the reports reveal anything particularly new about how Facebook's back end works — developers have understood the vulnerabilities of Facebook's interface for years. But stakeholders crucial to the company's success — as well as the public — seem less willing to listen to its side of the story this time around.”
What if your reaction isn't "they should have known" but rather "they should have listened when I told them this!"?
Then you, like me, are still figuring out how to message privacy as a priority to non-technical folks. Maybe it’s an issue of timing. My “delete Facebook from your phone and log out, by default, on your desktop” pitch was more productive yesterday than ever before.
The real discussion to be had is how do you know that the person is actually aware of giving consent, similar to how a recaptcha verifies whether or not you are a human. I see in the future, some sort of test for users, that verifies that they read the terms of service, as a form of consent for the user agreement.
Edit: Fixed all urls. All work except, cnn where you have to copy paste.
This will only happen if terms of service get vastly shorter, or if a law is passed that forces it. I would bet that any such measure would absolutely destroy user signup metrics, which means that not only do companies have no financial incentive to take such measures, but they also have an active financial disincentive to make the "I read the TOS, let me sign up now" process any more complicated than they absolutely must.
I'm also pretty sure that the everyday user would be pissed about that additional barrier to entry.
(2010) - http://www.zdnet.com/article/fbi-feds-collect-facebook-socia...
(2010) - https://www.technologyreview.com/s/418971/facebook-personal-...
(2011) - https://www.independent.co.uk/life-style/gadgets-and-tech/ne...
(2011) - https://blogs.wsj.com/digits/2011/09/26/facebook-defends-get...
(2011) - https://techcrunch.com/2011/11/01/researchers-flood-facebook...
(2012) - http://www.nytimes.com/2012/02/05/opinion/sunday/facebook-is...
(2012) - http://money.cnn.com/2012/03/22/technology/facebook-privacy-...
Also, I tried unsuccessfully to convert all those URLs to use HTTPS, but it either failed to connect or the server forced me back to HTTP. That's rather sad.
It will become interesting with GDPR, when customers start to revoke their consent to exchange data with credit scoring companies.
I was only referring to the remark about credit scoring companies which I believe to be wrong
In what way is the law used arbitrarily? I would like some sources for this claim.
The thing that may feel arbitrary is simply the fact the laws in Europe actually enforce privacy, whereas a company, and people, form the US expect that these laws are teethless.
Across international boundaries where those laws may be difficult to enforce because other countries are not in sync with them? Hell yes. Call me cynical, but...
In Germany where data-leaks (which are a symptom of insufficient data protection) at telecommunication providers seem to happen on the regular, with no (reported) punishment as a result, yes I think that is a bit naive.
Every company tracks you. From what you purchase at target, to broad pattern behavior tracking on the web via ad companies, I think most people know their being tracked at various stages for various reasons.
However, is it bad that target knows I like to buy grass fed beef? Probably not. It reveals some things about me, but I am far less concerned, as are most I imagine. This same mindset is what fuels people when they don't care what FB/etc is doing. Not that it's right/wrong, but I think people don't care who knows about their lunch or catpics. Thinking that's all that FB could gain out of it.
Humans in general are really bad at thinking long term. Nothing bad happens immediately when you sign up to FB, when you post personal information, when they sell your data, etc. For a lot of FB users, it might be 20 years before they regret their actions. That's just a hard feedback cycle for people.
For example if you drive a bicycle and eat beef, most likely you have a certain income, have a certain family type ( you use same IP!! ) , which means you might have a certain political view and concerns. And this is where targeted manipulation is active, they can drive you in a certain direction. Psychology at it's best.
This is how you win an election.
Giving my information to FB/etc though? That's another story.
It's really not that they "don't care" about privacy, even if they themselves think that's what it is. They usually say that because they don't understand the 1,000 horrific ways in which that data about them could be exploited, from personal blackmail situations, to identity fraud, to manipulating elections, to using it against them in court in a possible future conflict with law enforcement, and in many other situations.
I've seen people who are typically quite "anti-privacy" because "they want to benefit from Alexa, Google Assistant" and other such gimmicks, and "aren't scared" if Google or Amazon holds their data, because after all it's not the government holding it (ha! good one).
But now they've deleted their Facebook accounts, because they're finally beginning to understand the implications of these companies holding all of this data about them and how it could be abused. And it's still early days. It's only going to get worse from here, as we see more such abuses using Facebook, Google, Amazon's data, carriers', and other data hoarders' data.
People that don’t have jobs working with data, who are not technical or mathematical, aren’t going to know.
Look, I'm a developer, I'm somewhat privacy-conscious, and I quit Facebook years ago because they're slimy.
But "doesn't keep up with technology and privacy news" is not the same as "dumb". For any product as big as Facebook, there are people of all kinds using it, including many who are brilliant.
Is it wise to trust Facebook with your data? No. But not having come to that conclusion doesn't make someone dumb. Please don't be so condescending. I'm sure many of those "dumb" people could be condescending about some of your life decisions based on their own expertise. But it's not helpful.
If you want cursing or other low content, there's always Reddit.
Zuckerberg: I have over 4,000 emails, pictures, addresses, SNS
[Friend]: What? How'd you manage that one?
Zuckerberg: People just submitted it.
Zuckerberg: I don't know why.
Zuckerberg: They "trust me"
Zuckerberg: Dumb fucks
Teenagers and college students say a lot of condescending, dumb, immature stuff in group discussions. It's not news and no evidence at all.
I don't need to. Facebook just illustrated it for me.
IMO it’s very apropos because it sums up the core attitude of the company. That 19 year grew up to become one of the richest and most powerful men on the planet, with unchecked power.
Please. 19 is not 5.
Makes it even creepier. He was willing to dox people for social cred, before he realised the data had financial value.
On Reddit the normal person can be forgiven for not knowing the full context of quote, but this quote has come up on HN many times over many years.
I've never seen an "explanation." It seems self-explanatory. I haven't seen an apology either, but this was in the New Yorker:
When I asked Zuckerberg about the IMs that have already been published online, and that I have also obtained and confirmed, he said that he “absolutely” regretted them ... Zuckerberg’s sophomoric former self, he insists, shouldn’t define who he is now.
These stories are newsworthy because they represent the break from generalized scepticism to specific examples of harm. If the New York Times had waged a nebulous campaign against Facebook without clear evidence it would have rightly been accused of getting ahead of the facts.
In any case, if this should have been known by everyone already, I guess Facebook has no reason to panic if it's all over the news now. Just a bit of publicity for them, right?
It was fairly well known at the time I thought.
People still have an expectation of privacy, even when, from an HN perspective they should be extremely skeptical about having such an expectation.
So from one reckless company that doesn't give a damn about the law to the next. Who teaches developers that it's okay to work for anyone as long as the tech is cool and the salary is great?
Who teaches them otherwise?
Absent parental/primary-school-instilled ethics, rather a lot of engineers operate in a bubble of like-minded (and similarly-employed) people, making large amounts of money, and are often insulated (voluntarily, deliberately, or accidentally) from the impact of their work.
What could be changed to improve on that situation? I've heard simplistic suggestions to "sue the C-class until they learn/abandon the incredibly lucrative profit motive", "fire/imprison engineers whose changes harm people", and "make the bridge-builder stand under bridge they built" (whatever that means in a software context). Those seem utopian. What tangible, plausible changes can be made to improve on developer accountability (for their work) and discernment (about prospective employers)?
What about if you're making a social media app, and the ethics are less clear-cut? It's not like you can show every new hire footage of Trump and drive home the negative impact of data mining/sharing--the causal link is tenuous, the viewer might sympathize politically, or they just might not care about politics.
Ethics in the abstract is very hard to teach; object lessons are easy.
It’s blinders. Plain and simple. I’ve worked with too many developers who will pander for money. A few that tried to shame me for not being on board (my life skills tell me calling someone a whore in a team meeting is a bad career move but it doesn’t stop me from staring at them and thinking it). When enough money is on the line principles get set aside. We like to think our cohort are above this sort of thing but the evidence clearly doesn’t support it.
Then the corporate koolaid of come and tell you you’re doing the most important thing in the world and you just eat it.
I wish a little philosophy and ethics were part of the curriculum. This would not be to inculcate normative values, but to help eng students clarify what they believe, and what the implications are.
That said, most engineers I've met who work on sketchy stuff are either naive, apathetic, or suffer from massive cognitive dissonance.
The latter will too often regurgitate the self-justifying language of the business people in their companies.
Ever listen to ad tech people spew absurdities about people wanting to be engaged with "their" brands? How about the justifications for massive data collection and analysis - targeted ads are so much better for people. Pfft.
Then there are, say, NSA engineers who convince themselves that what they do is necessary, if illegal. That said, I saw a lot of NSA LinkedIn profiles that swapped out NSA for DoD a few years back.
Company leaders tend to hand employees ideas and the slogans to repeat to themselves and others. The internal spin is huge and insidious.
Uber doesn't appear to have historically given a damn about the law, but AFAIK it has historically given a damn about its users. Facebook, OTOH, doesn't appear to be giving a damn about its users.
As for the law: there are plenty of unjust laws out there; I respect someone who fights unjust laws such as the taxi monopolies. I don't respect someone who fights just laws.
The tech wizards who build things and run these companies:
1. Are not smarter than you
2. Do not have your best interests in mind
3. Will lie to you repeatedly
4. Will do everything to avoid negative attention or consequences
Stop worshipping anyone. Not Jobs, not Zuckerberg, not Gates, not Musk, not anyone. They aren't on your team. I don't care if they look like you or represent something you are really passionate about, you still need to be skeptical.
Edit for interesting link to the 2012 Facebook election data story.
If those little radio buttons in privacy settings do literally nothing on the backend, then FB could have a massive legal/financial battle if they knowingly ignored user preferences and sold off unaggregated data for profit.
I'd expect it to use it for advertising targeting. The privacy settings I've put on there exclude other uses.
I even remember such articles from TheGuardian before decrying that people are "going dark" - no, it wasn't about using Tor or VPNs. It was simply about using tracking protection.
And I am not in support of the mass surveillance exercised by those companies, just noticing the timing. When Obama won, his data scientists were hailed as geniuses. What do you think they were doing?
Its a bit like comparing withdrawing money from your bank account and robbing a bank.
> They came to office in the days following election recruiting & were very candid that they allowed us to do things they wouldn’t have allowed someone else to do because they were on our side.
An Obama Campaign data scientist from the 2012 campaign explaining how they did the exact same thing but Facebook were ok with it "because they were on our side".
WikiLeaks also covered this earlier in their spyfiles warning. People don't care that a political opinion survey being spammed around by their friends is actually harvesting their details in a campaign dossier to manipulate them directly later.
"A more productive answer to someone saying something you agree with is “I agree”, not mistakenly berating them for not agreeing sooner." (https://news.ycombinator.com/item?id=16627766)
It's not like huge numbers of people didn't know about global warming before society started caring about fixing it.
First, it absolves the perpetrators, who are definitely in the wrong. I include both FB and CA in this category.
Second, it is becoming clear that there can be no such thing as "informed consent" in a networked world with respect to data privacy. Zeynep Tufekci, whose writings I heartily commend, had a good article on it a few weeks back. She argues both that the actual uses known of that data are not fully described in consent waivers, and also that it is not possible to know ahead of time how that data will be combined, recombined, projected, analysed, and used in the future to fully consent to all those things. Even if you could do so for yourself as an individual it's not possible to consent to the effects of the combination of an entire society's data as a whole, on others.
Again, it's not possible to obtain informed consent in today's privacy environment, so let's stop blaming the victims.
It can't blow over in the UK or the EU, because it is seriously f-ing illegal in those places.
Yes, we "knew" it was happening before this (hence all the regulatory steps taken that were dismissed as anti-American protectionism), but we were lacking hard evidence, so all we could do was reinforce regulations and regulatory authorities.
Now that shit has leaked, it's simply not an option for those authorities to not act. Not to mention the fact that they really, really want to act.
So no, this will not blow over. Maybe in the US and/or the media, but not where it matters.
I agree. A couple of generations ago the media was much more combative and willing to take on the powers that be (and each other). By this time most media outlets would have been saying "told you so (many times)". Unfortunately, now media mostly follows trends and competes on beauty of their talking heads, which is a lot safer than, say, investigating slavery or organized crime.
- This was part of an open API, you just needed to sign up for free. There is no data breach.
- EVERYONE was using it - this consisted mostly of games like Farmville. This is how they can show your friends progress and their profile pic.
- It was shut down more than a year ago.
Actually there is no newsworthy thing at Facebooks side at all, the new thing is that companies built games just to harvest this data and use it for something else.
Facebook has reached this size but has not prepared itself for it, and what's happening is that they took a bit of a stumble, and absolutely nobody is rushing in to defend them because they've burned all bridges. The media hates them for the economics of taking over the media industry and their ad revenue, and making them dependent on them. Conservatives have a pretty solid case that they are being censored by the platform systematically, even if it isn't true they feel it is true, so no friends there. It's pretty obvious that Facebook can expect no help from the Republicans in general. The Democrats may not hate Facebook, but there's no positive reason to burn very much political capital on helping them. (After all, they didn't deliver this time, did they?) And increasingly, the chickens are coming home to roost with their customer base, as fears about surveillance, power, and abuse of power are now going from vague fears to metastaticized, realized issues with Facebook that appear to affect it down to its very core.
It's not just the media narrative, though that's true enough... everybody is now at best neutral towards Facebook, and they're accruing enemies fast, not least of which is an ever-increasing portion of their own customer base(s).
How will they get out of this one? It's possible this will just die down this time. But these forces aren't going anywhere, and if it isn't already too late for Facebook to change course on this, the clock is definitely reaching midnight fast.
Facebook has been aggressively monetizing user data for years. They are just one player in an entire industry built around this business model.
The existence of this industry is most obvious to technically literate, who you can generally identify by their use of strong ad blockers and password managers. But it’s been reported on before . Online privacy is not a new concern... just look at the “Facebook is listening to me” meme.
So what I want to know is: why now? Why Cambridge Analytica? Why Facebook?
Here’s my best take so far.
1) Facebook’s user base is so big that it’s a relevant political constituency, and thus democratic governments have a reason to care.
2) Facebook creates an expectation of privacy and illusion of control that doesn’t exist with public-first platforms like Twitter
3) Cambridge Analytica is a scummy company in many respects, not just their work with Facebook data. They got lots of Facebook data from a third party who probably wasn’t authorized to sell it to them. This makes them a good candidate for regulators to make an example of.
4) Cambridge Analytica is closely tied to the Trump and Brexit campaigns, both of which are regarded as “dangerous perversions of democracy using lies to exploit vulnerable people” by exactly the kinds of political and media organizations that are driving this story.
Overall, I think this is a “Pigs get fat, Hogs get slaughtered” situation. The industry’s toxic practices are finally causing enough damage that institutions responsible for protecting the public (government, real media) are responding.
Bravo, I say.
 WaPo has an article explaining this on the front page today https://www.washingtonpost.com/business/economy/facebooks-ru...
For lack of a better word: sad!
I know whats happening in Yemen, I've read the facts, and now I don't care anymore. I don't want to see it in the news everyday because it wasn't relevant to me when I read about it and it has practically zero chance of every being relevant to me.
What Trump said about xxx person at yyy place is varying degrees of relevant to my life, all of those degrees more so than Yemen.
If Fox had a large Middle Eastern demographic that it's advertisers cared about, you would see Yemen Nightly at 7:30 without question.
Yes, because on the other side of that conflict is the Saudis, who are one of our biggest "allys", and of course, the other side of the coin is the general hypocrisy of caring what goes on in other parts of the world and not this one because it doesn't fit a specific narrative.
> What Trump said about xxx person at yyy place is varying degrees of relevant to my life, all of those degrees more so than Yemen.
I don't know how to not say this in a disrespectful way, but I really feel sad for you on a personal level if that's truly what you think. I have a feeling that you are just attempting to be a contrarian in this instance.
Anything Donald Trump says is more relevant to the west than Yemen.
I keep seeing comments which equating cheating and cleverness. If I win a chess game by moving making illegal moves this is not a sign of my brilliance. If you can't distinguish brilliant play from cheating, perhaps you don't understand the game.
See this thread: https://twitter.com/cld276/status/975564499297226752
Here's Time describing exactly the same tactic of friend-mining and using the data for targeting, and praising it as a game-changer: http://swampland.time.com/2012/11/20/friended-how-the-obama-... ctrl+f privacy -> no results
When we do it it's awesome, when they do it it's a data breach, it's a privacy violation, it's a breach of trust, and it requires government regulation.
When Obama's campaign did it, it was heralded as the future of democracy. Even the social media director for Obama's 2012 campaign acknowledges that they did the exact same thing that CA is being blasted for now . I'm not sure why you're getting downvotes other than people just wanting to suppress the truth.
... the campaign literally knew every single wavering voter in the country that it needed to persuade to vote for Obama, by name, address, race, sex and income.
...the digital-analytics team, led by Rayid Ghani, a 35-year-old research scientist from Accenture Labs, developed an idea: Why not try sifting through self-described supporters’ Facebook pages in search of friends who might be on the campaign’s list of the most persuadable voters? Then the campaign could ask the self-identified supporters to bring their undecided friends along.
...They started with a list that grew to a million people who had signed into the campaign Web site through Facebook. When people opted to do so, they were met with a prompt asking to grant the campaign permission to scan their Facebook friends lists, their photos and other personal information.
So, they used Facebook data, including "Friends" lists and personal information that those "Friends" had never directly consented to providing to the campaign.
 How did Facebook react to the much larger data harvesting of the Obama campaign? The New York Times reported it out, in a feature hailing Obama’s digital masterminds:
The campaign’s exhaustive use of Facebook triggered the site’s internal safeguards. “It was more like we blew through an alarm that their engineers hadn’t planned for or knew about,” said [Will] St. Clair, who had been working at a small firm in Chicago and joined the campaign at the suggestion of a friend. “They’d sigh and say, ‘You can do this as long as you stop doing it on Nov. 7.’ "
In other words, Silicon Valley is just making up the rules as they go along. Some large-scale data harvesting and social manipulation is okay until the election. Some of it becomes not okay in retrospect. They sigh and say okay so long as Obama wins. When Clinton loses, they effectively call a code red.