Hacker News new | past | comments | ask | show | jobs | submit login
Facebook was warned about app permissions in 2011 (techcrunch.com)
425 points by domevent on Mar 24, 2018 | hide | past | web | favorite | 129 comments

I built apps on FB back in 2011-2012 and was gobsmacked at how much data we got about the friends of our users. I also knew of several shady people building apps. Because I saw how much data we got without consent, I realized other shady people could get that data about me via my friends.

Which is why I severely curtailed my FB use around that time.

Oh but I'm sure all the shady people honoured the terms and conditions Zuck had, right? In that case, gow can there be any shady people, as Zuck said, they're strict about protecting their users' data! /s

Any chance you can expand on this? What data, in particular, did you obtain that would make people feel uneasy?

From what I remember, you had access to the data that would be visible to a users' friends by default: photos, posts, friends list, but not private messages.

None of that data is actually particularly scary by itself, although I wouldn't enjoy the thought of it all being out there.

What Cambridge Analytica was bragging about was their big data model promising to distill users' data to a psychographic profile.

There's this story about 30 "likes" (of books / artists/ movies/ etc) being enough to predict peoples' sexual orientation with higher accuracy than the coworkers sharing a desk with someone.

The large publicity for such "big data" methods in the last years may have contributed to the change in public opinion, and (part of) the reason Facebook is just now getting its 15 minutes of infamy.

I’m going off memory too, but I think that besides the name and profile photo of your friends (and email address?) this API didn’t return much else. And I also think I remember that the amount of your data that would turn up in a friend list API call was limited in some way by your own privacy settings.

In our circle around that time people were calling out apps that required these permissions and recommending that users not authorize them if it was not obvious why the app would require that kind of data. John Gruber comes to mind as one of those people. These calls for caution were not in the mainstream though.

Edit: I believe this API contained info like favorite tv show or band if those fields were filled out in your profile, but again I’m fairly sure that your own privacy settings could have limited this if you had them set to draconian levels. So in other words, yes this API was limited to publicly available data, more or less.

I've written up a number of these issues. Here's one where you can use Likes to determine quite a bit with minimal effort: https://caseysoftware.com/blog/social-apis-for-social-evil

I also worked on a quasi-popular facebook app in a similar time period and you got a lot of data but the specifics would change from month to month so it was sometimes more and sometimes less.

The worst, for me, was posting on behalf of other people and getting replies to your app like "I'm so glad to hear from my favorite grandson after so long!".

Ironically, considering the current kerfuffle, I remember my biggest frustration being The Guardian, as they'd spam my feed with 'friend X read article Y on The Guardian'.

Why would you post on behalf of other people?

Because it was allowed and it is an easy way to spread an app virally? "John Doe via ViralApp: [This app is great! Get your own Virus today by clicking here!]"?

Yeah I mean their API usage policy for many years was basically a gentleman's agreement to only fetch and keep what you needed.

but... you were forced, basically, to have access to more than was needed in the first place. just to implement fb login, you had to ask for permission for friends list. you couldn't not ask for it, regardless of whether you used it or even wanted it.

Was the data anonymized ?

I had the contrary experience. I always felt that FB gave me less information via the API about the people around me.

I feel all this discussion around CA is non sense because everybody knew that was possible and we are arguing about it only once someone big took an advantage. Is like leaving you door wide open and finding that someone stole your stuff. On the other hand a more limited API makes it unusable for fair purposes.

I was also working on Facebook apps from 2011 to 2013 using Facebook APIs.

At this time whenever we have released any app, useres could login to it using OAuth which means they were presented with a list of privileges our app needs from them (eg. Friends list, photos, posts etc). Once user has authorised the app we could fetch all of this data.

This was how Facebook worked at this time, you can’t say it is a leak of data because we explicitly ask user for permission. You basically say, I want to use your app, here is my profile if you need it. I don’t really understand why people are so mad about their data privacy. If you publish your photos, list of friends, what you like, where you live and work, who are you merry to, then it shouldn’t be a surprise this data can be viewed by not only your neighbour but also a dodgy automated scripts. Once the data is fetched then you can only imagine what people can do with it. It’s not really Facebook fault. It’s people who thinks when they publish things on the Internet, it’s safe and can be only viewed by other people.

Maybe Facebook only role should be to make people more aware of all of this, but is it in their interest? I don’t think so.

> I don’t really understand why people are so mad about their data privacy. If you publish your photos, list of friends, what you like, where you live and work, who are you merry to, then it shouldn’t be a surprise this data can be viewed by not only your neighbour but also a dodgy automated scripts.

I don't understand why I keep reading comments like this. One of the main issues is that your data could be leaked to an app developer even if just ONE of your friends installed said app. So even if you diligently made sure only your friends, or even particular friends, could see your stuff, it'd still be accessible to the app developer.

That is absolutely not something even a privacy conscious person would've expected, and absolutely enough to get mad about.

As I said I was developing Facebook apps back in 2011 and at this time as far as I remember, your friends list was publicly available to any logged in user. API was only making this easier for apps to fetch the data about you. There was an explicit permission about accessing friends list and their data through the API so yes, any of your friend at that time could just give away your profile to a third party.

I stopped using Facebook back in 2011 (only used it to manage and test my apps) as I was really concerned how easy is to collect personal data.

But I guess for me, as a developer, it is easy to imagine how things works and when to get suspicious online.

On the other hand it makes me really happy, Facebook privacy issues like this one with CA, got much attention and finally more people, hopefully, will understand how things works.

It's not a matter of understanding. It's matter of, among other things, not allowing a friend to give away your data without your permission. I really don't understand how you cannot see that this is not a matter of 'understanding how things work' and instead a matter we can and should be pretty mad about...

By being friend with someone on Facebook you already make your data available to this friend. Your friend can show this data to anyone curious about you by showing his screen or by talking about what he saw on your profile.

An app on Facebook is only an automated way to ask your friend to share data he/she has access to. You cannot both share data with your friend and expect him/her to not be able to share it with 3rd parties.

If you don't want your friends to be able to share your data you don't become friends with them on a social network and/or you don't share data with them.

You don't tell to your acquaintances things you don't trust them to keep secret. And you can't expect them to keep secret things you share with every acquaintance

What happens when it's your Mother or Father?

I tell my relatives repeatedly to not take pictures of me if they're going to share them on those platforms. This whole thing is a problem with people's complatiency with technology and especially the coorporations taking advantage of it.

You know what? I, and I’m pretty sure a majority of people, would rather just regulate Facebook to death. You jump through hoops to maintain your privacy, I’ll lobby for change to existing laws. Meanwhile you tell people how they’re just not into computers enough, or not hard enough on friends and family.

Let’s see which prevails.

Whether this is intuitive for you as a developer isn’t the point. The point is that Facebook gave your friends permission to expose your data, without making this very clear at all to you. It seems hard to argue that this was in users’ best interests.

The crux is this: Granting your friends access to your data does not mean your friends' apps should also have access to this data. Your permission should be required by apps, not your friends'.

Thank you. Hacker News works because adults make their points succinctly and without personal attacks. The exchange above this is the kind of "you don't understand" "no, you don't understand" time-wasting that killed Slashdot.

Hacker News is a big game of Chinese whispers were each step is a popularity contest over 24 hours. You would be hard-pressed to build a more efficient system for misinformation if you tried. While rational discussions should of course be encouraged, it isn't in itself rational to get ones information from Hacker News. The more damaging thing is of course that once your mind gets trained to whatever opinions are popular here, you will have a hard time seeing other arguments. The "you don't understand" "no, you don't understand" is arguably the point of Hacker News.

For the record Tepix point is supported by essentially anything published by any authority on the subject from the beginning of facebook. As others, further down on the page, have pointed out even the FTC complained about this in 2011:

'''Facebook represented that third-party apps that users' installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users' personal data – data the apps didn't need. [...] Facebook told users they could restrict sharing of data to limited audiences – for example with "Friends Only." In fact, selecting "Friends Only" did not prevent their information from being shared with third-party applications their friends used.'''


They have access to your stuff, and they signed away access to the stuff that they have access to when they gave such and such app permissions. It's like if you loan your house key to a friend and they make copies of it and give it to all their friends. It's hardly the lock-maker's fault or the lock's.

Do you really think that the average user understand that the permission list instead of saying "I need to access your friend's list so I can work" it actually says "I need to download all your data and if you do not agree I will refuse to install/work"? And do you think this is reasonable?

I think this is really a main point and not discussed enough.

I absolutely do not think the average user has an idea about the implications of that.

I have to say Google has been mildly better in that way with their Oauth system but it really struck me one day when signing up for a passive service with my Google account — they for some reason requested unlimited access to read, write/send, and delete my emails from my account. Needless to say I backed away. I work in the field and know what this really means. I still get tripped up.

The average person doesn’t 1) give it the time to consider what it means, they just want it to work 2) even if they read the request they don’t understand what it’s actually saying they are doing(data harvesting) and 3) they have little idea of the scope of implications. “Oh it’s just a stupid farming game” but don’t realize the massive trade and profiling going on behind all of it.

The Facebook fiasco is the first time in recent memory where people have been reminded that their data is being taken and not only that — it’s being traded, bought, sold, compiled, refined and worse.

I watched an old 60 Minutes episode yesterday on Amazon circa 1999. Bezos was showing the reporter the recommendation engine. The reporter was clearly shook when it recommended a short list of books he’d actually bought recently outside of Amazon based on a couple of purchases on the platform. In 1999. They collected about a GB a day then.

I guess people got used to the idea of generally benign profiling, and the questioning stopped after a while.

Because the permissions often don't work as the users expect them to work. See this earlier thread for what I mean:


I remember doing security work for a few companies at the time and discovered some standard SQL injection vectors in databases with upwards of 50k access tokens. It's unlikely, but entirely possible that someone could have stolen access tokens from apps, and subsequently stole user data from Facebook too.

At the time, signing into apps with Facebook meant you were not only giving the app access to your account, but also anyone clever enough to steal the token. In some cases, "clever" even meant anyone who had a basic understanding of sqlmap or other pentesting tools. In theory shady "analytics" firms could have hired a low level security researcher and had him use shodan and sqlmap all day to expand their databases.

Today it's pretty rare for apps to ask for intrusive permissions, and people tend to be a bit more wary of apps that do. Facebook has also made an effort to alert users when the permissions requested are more intrusive than the usual email address and profile picture - often requiring explicit agreement to these permissions.

Nonetheless, if Facebook's "audit" turns up apps that did a lot of suspicious queries, what stops them from saying "oh we were hacked someone took our tokens from our DB, we are conducting a full investigation". Sure it's still bad press, but it's probably better PR to look incompetent than creepy.

> Facebook has also made an effort to alert users when the permissions requested are more intrusive than the usual email address and profile picture - often requiring explicit agreement to these permissions.

Facebook were required to do this by the FTC in 2011.

I think that the whole point about this Cambridge Analytica and Facebook scandal is not that Facebook collects all sorts of data, but that Facebook shares that data to third party services via "Login With Facebook" without any previous consent of users. The privacy settings of your Facebook account lose their purpose when Facebook creates an advertising profile (which may or may not be very accurate) which all said third party services may use to fuel their own advertising strategies. The contents of said ad profiles include your interests which also may reflect your ethnic background, sexual preferences, political views, et cetera. All of which CA (mis)used for analytics. But, (I checked today) users are able to disconnect ad profile sharing or delete some data. So, there is no scandal here, yet I didn't know until today that such settings even existed. So, it is convenient for Facebook to say that users usually have full control over their data.

That Facebook now feels betrayed by CA because such data (generally available to service providers) has been used inappropriately shows either that they were complicit by enabling CA to do so and knew about it all along, or they didn't know what they were doing at all. I'm not sure which is worse. If a third party says "trust me, I'll handle all the data responsibly" doesn't mean anything, because there is no oversight whatsoever. Additional clauses in contracts do not make Facebook a victim of contract breach. The product in itself is flawed, because it handles the data irresponsibly.

"[Facebook] systems were so laxly designed as to actively encourage vast amounts of data to be sucked out, via API, without the check and balance of those third parties having to gain individual level consent."

That is a gross oversimplification of the issue. There were controls in place to stop excessive data collection. In fact, the only app in this situation that was allowed to "suck out" "vast amounts of data" was the Obama For America app. According to Carol Davidsen, Obama's Former Campaign Director "We ingested the entire U.S. social graph" [1], despite the fact that less than 1 million people actively authorized the app to access their data. Approximately 99.5% of the hundreds of millions of people whose data Obama took, with Facebook's blessings (actively allowing it to bypass its data collection limits for apps), never knew about or authorized Obama to have or use their data.

So only one app was "actively encouraged" to suck out vast amounts of data in the history of the existence of the API. All the rest of them were subject to relatively strict controls, requiring months or years to collect even a small fraction of the data that the Obama app was allowed to collect. The API was not a data free-for-all, except in one unique case with the explicit authorization of Facebook.

[1] https://www.washingtonpost.com/business/economy/facebooks-ru...

From the article you link:

"But thousands of other developers, including the makers of games such as FarmVille and the dating app Tinder, as well as political consultants from President Barack Obama’s 2012 presidential campaign, also siphoned huge amounts of data about users and their friends, developing deep understandings of people’s relationships and preferences."

Last I checked, Farmville was not associated with OFA. So you need to back up your assertion "All the rest of them were subject to relatively strict controls, requiring months or years to collect even a small fraction of the data that the Obama app was allowed to collect. " and explain why this also renders the entire dataset collected by CA to be completely harmless, in contrast to the current narrative. Because it's not that interesting if a relatively benign political organization got a little more data than another which used it to impose the will of a foreign enemy upon the US electorate.

There’s a massive difference between Farmville et al and the OFA app. Facebook had limits in place that constrained the ratio between the number of friend profiles that were allowed to be accessed and the number of people that had explicitly authorized the app. They were a black box on this issue, but for example I had apps that were stopped from accessing deep profile information of friends (likes, occupation, etc.) when I reached 10:1. OFA’s ratio was in the 200:1 neighborhood.

It was somewhat possible to overcome this by spreading the collection out of a number of months or years, which is what I believe the Kogan app did. But even in that case, with the data collection spread out over a long period of time, they had nowhere near the data that the Obama campaign was allowed access to. Finally, the CA data was years old, while the Obama data was allowed to stay fresh right up to election day because they had no API limits.

So these apps with much larger install bases than Obama could have ever dreamed of had access to less data than OFA did because their ratio was not allowed to be as ridiculously asymmetric as Obama’s was. They still had access to large amounts of data, but only because of their massive authorized install bases (which in all of the cases you mention were far larger than the OFA install base). But none had the entire US social graph - with the exception of OFA.

Are you sure that Farmville didn't have a 200:1 ratio?

It certainly looks suspicious, but I don't think you can rule out the profit motive. Perhaps in 2012 Facebook's position was, "If you pay us enough money we'll remove the API limits"

Farmville had a massive install base. So they weren’t accessing that much data relative to the number of people that had directly authorized their app. The difference between it and the Obama app was the leverage that was allowed: less than 1 million people gave them access to their data, and they were able to use that to get deep profile data on nearly every US Facebook user - ~200 million accounts. Their attempts to do this set off all kinds of alarms, but Facebook went in and manually shut those alarms off and opened the floodgates to the data. Our data.

Considering that at least half of them - ~100 million people - would have consciously objected to helping Obama do anything, much less get elected, that should have been earth shatteringly scandalous and probably should have buried Facebook right then and there. But instead, the press celebrated this technique, right up until it helped create a result other than the one it wanted.

There are two questions here:

(1) Was Facebook biased in favor of the Democratic party?

(2) Should the press have been more critical of the way personal data was used for political purposes?

My answer to (1) is 'probably', but maybe Facebook would have been willing to "manually shut those alarms off and open the floodgates to the data" for anyone who gave them a million dollars?

> OFA’s ratio was in the 200:1 neighborhood ratio.

Great, what's your source for that data ?

> So these apps with much larger install bases than Obama could have ever dreamed of had access to less data than OFA did because their ratio was allowed to be so ridiculously asymmetric. They still had access to large amounts of data because of their massive authorized install bases. But none had the entire US social graph.

Nevertheless, they didn't seek to hoist a fascist leader apparently controlled by a foreign enemy on the US. It is perfectly fine that OFA and other organizations should not have this kind of access either. But this is whataboutism. Its truth or not does not mean the CA situation is not revealing of an enormous problem.

OFA’s ratio was in the 200:1 neighborhood ratio

Great, what's your source for that data ?

My source is that I can do math. The campaign admits it had “the entire US social graph”. With ~200 million US Facebook profiles, and less than 1 million people that actually authorized Obama’s app, we come out with a ratio of roughly 200:1.

Its truth or not does not mean the CA situation is not revealing of an enormous problem.

It revealed an enormous problem when Obama did it (and worse, with Facebook’s approval). It only became an issue for the press, though, when they failed to manipulate the election in the way they wanted. I’m actually not an advocate of Trump - I’m just saying that this was either wrong or it wasn’t, regardless of who did it. In truth, they both did it. Obama just did it on a vastly larger scale.

The statement made in the article:

"In 2011, Carol Davidsen, director of data integration and media analytics for Obama for America, built a database of every American voter using the same Facebook developer tool used by Cambridge, known as the social graph API. "

is ridiculous. There are millions of voters who have never had a Facebook account, and lots more back in 2011. They are handwaving, and this is not data. You have little basis to use qualitative, exaggerative terms like "vastly more" and you also don't know what kinds of access Cambridge Analytica may have had that differs from the data limits you experienced in your own development.

You have little basis to use qualitative, exaggerative terms like "vastly more"

Obama took data from ~200 million people ("the entire US social graph" is unambiguous). The CA incident involves ~50 million profiles. I think a difference of 150 million is "vastly more". That's not exaggeration, that's math. It was wrong in either case, but one did it on a vastly larger scale.

You can sit here splitting hairs and arguing with the specific wording of my comments and the articles backing this up, or you can say "yes, it was wrong in principle" which is what any objective person would do. Democrats and Republicans alike do bad things sometimes. Are you actually trying to defend the actions of any party involved in any of this?


>which is because it did not have a catastrophic outcome at the time

The problem with that statement is that you believe it was a catastrophic outcome. For the first time in history, media and new technology is able to instantly tell you if the president has so much as sneezed while the sitting president is a (highly controversial) Republican. Obama was considered a nightmare scenario for the American right, and if you listened to the right outlets, you heard every single one of Obama's missteps. Every poor decision, embarrassing association, or undelivered promise was constantly paraded as grounds for impeachment, but social media and what many consider "neutral" news sources have a noticeable progressive bent, and the Obama administration got the benefit of the doubt more often than not.

The Obama administration deported more undocumented immigrants than every past president minus HW Bush combined. The Obama administration killed over 3700 people (over 300 of which were civilians) in drone strikes. In that regard, Obama reportedly said that it "Turns out I’m really good at killing people. Didn’t know that was gonna be a strong suit of mine." Attorney General Eric Holder was the first US cabinet member to be held in contempt of Congress, and Obama exercised executive privilege to support Holder's decision to withhold documents pertaining to Fast and Furious.

Most US citizens who actively use social media don't know those things (among many other controversies) happened, but they sure as shit know that "Donald Trump gets two scoops of ice cream", and constantly beat the dead "covfefe" horse; you can swipe right on Snapchat or Twitter to that social media company's curated news page and instantly hear every single slip-up and hot take that Trump has. This notion of a "catastrophic outcome" largely exists because for the first time, news outlets are at odds with the administration in the age of mass media.

The drone strikes we're widely reported, everyone knew about them and the American right was completely in favor of them. They were also in favor of the deportations which we liberals are also well aware of. Fast and furious was widely reported. You've basically listed all the major disasters of Obama's presidency (the day to day bullshit listed on talk radio is just that) and there is simply no comparison to what is happening now and the things you refer to were also widely reported by the media.

It is of course a rote and entirely predictable exercise to take my statement that "this is a catastrophe", turn it around and say, "well Obama was a catastrophe for the right". I'm here to say that this is a false equivalency and the right has lost its mind. The conservative view of Obama is equivalent to the liberal view of Bush, that's a lot more reasonable. But the right has not has their "liberal Trump", and it is perfectly fine that they never will.

because it did not have a catastrophic outcome at that time. This time it did.

That is your opinion, and you're entitled to it. But do you not detect even a whiff of hypocrisy in this whole thing? It should have been portrayed as the terrible thing that it is today back when Obama did it. That is what I have an issue with.

Which is more important to you, pointing out hypocrisy in others or taking advantage of an increase in the number of people who share you belief that this is something that should be fixed? I can understand possibly be worried that they may be "fair-weather friends" or some such, but by focusing on the common ground rather than on infighting, you may help build a non-partisan coalition that might effect real change. Yeah, I can understand the frustration, but quibbling amongst ourselves only serves a common enemy. Let's use the momentum to move forward.

I’d welcome a non-partisan coalition that would fight the bias of the press, which led to this and many other issues. Unfortunately, such a group will never form because most of the press either endorses or excuses everything done by the left, and castigates everything done by the right. No more clear example of that exists than this situation.

Therefore, the left has no incentive to fight the bias of the press, because it favors their side on nearly every issue. The ironic part is that by making the misuse of Facebook data acceptable (even celebrated) when Obama did it, the press may have inadvertently helped Trump get elected years later. They’re upset now, but they’re just trying to put the genie that they unleashed back in the bottle. We reap what we sow.

So, the answer is to continue reinforcing the divisiveness and polarization, giving up because it's others that are causing the issue? That's one of the ways we got to the point we're at. Sounds defeatist to me, and something I'm not willing to do. I encourage you not to, either.

I’m an Independent. I find it harder and harder to stay in the middle because the views of everyone else - on both sides - are so extreme. It would be wonderful to get rid of divisiveness and polarization. But in the imperfect world in which we live, it seems that the only way to even try to bring a little sanity back to things is to point out hypocrisy wherever I see it, and hope those that are practicing it feel ridiculous enough when they are exposed that they change their ways.

Where you stand on the (multi-axis) political spectrum doesn't matter if the actions you're taking continue to divide people and work against your goals. Pointing out hypocrisy in others may feel good and righteous in the moment, but puts people on the defensive and they stop listening to you: it's a remarkably poor way to get someone to change their behavior. People don't respond well if you're intent is to make them feel ridiculous. It's just a part of typical human psychology, and one you're working against if your goal is to actually make a change.

Does yelling at your computer make it work better? (Perhaps an increasingly poor example in the age where voice commands are becoming popular.) Or figuring out what's wrong and doing what needs to be done to fix it? Gotta work with the facts on the ground, not how you think it should be. And maybe by doing so, you can move what is towards what should be.

I find the idea that you shouldn't point out hypocrisy because it might trigger divisiveness, divisive. It stinks of a desire to shut down debate because it's not going the way you want.

What's your goal? What do you actually want to accomplish in the end? I'm asking in all seriousness. And following up, how do you plan to accomplish that goal?

In the case of working for user data privacy, we're working against companies that are benefiting from the data they collect and their lobbyists, as well as people who aren't aware of the situation and often only see the benefits of the apps they're using. And those people cross many demographic and political lines. I don't think user privacy is a partisan issue. It's going to be an uphill battle. You think pointing out all of the differences and disagreements of those who don't agree with you, all of the inconsistencies you see in their positions is going to help? I sincerely don't think so.

The point isn't that pointing out hypocrisy is wrong, it's that it gets in the way of your goals.

If it's more important to you to point out those inconsistencies than improve the user privacy situation, I think you have your priorities wrong. If you think you can only remedy the user privacy situation by first correcting their inconsistencies, I think that's wrong-headed and doomed to failure on both counts. But you're certainly entitled to your opinion and free to disregard mine.

no not really, here is an example: the World Trade Center was bombed in 1993. It was serious, there were six deaths, but it wasn't a catastrophe. I was living in NYC at that time, and for me, I realized there were terrorists trying to blow up parts of New York City and quite frankly it scared the crap out of me from that point on how insecure things were, how easy it would be for the WTC (a building I worked in a few times) to be attacked again. But this was not a very widespread sentiment. The problem (terrorists targeting NYC) was there, but the catastrophic outcome was not.

Then of course terrorists from roughly the same organization tried again on the same building eight years later and it was the largest attack in US history by orders of magnitude. Terrorism proceeded to become the key societal and political issue pretty much for a whole generation.

The problem was there for a long time, the hazard was there for a long time, but it's only when we get the catastrophic outcome; e.g. the Uber car actually killed someone, the plane actually crashed, the WTC was actually destroyed, it's largely rational that that is when lots of people care. There's nothing unusual or hypocritical about it.

You might not think the outcome of this election was catastrophic but the reporters who cover the government and the white house do. They know the norms and customs that have been in place for many decades and they see that they've been ripped to shreds in just a little over a year. They know this is a catastrophe and they are rightfully trying to shine a light on every possible thing that we can get at to both patch the situation and hopefully prevent it from happening again.

lol. so your answer is you have no proof. people exaggerate all the time when they say things like "entire social graph". Do you have any data that in 2012, 200 million unique americans were using facebook? And that obama had specific permission to bypass facebook's limit and get the 200:1 ratio?

The data speaks for itself. Read it. As for proof that they got special permissions:


FarmVille had the benefit of being owned by an early Facebook investor, Mark Pincus. It was favoritism all around.

And Peter Thiel, who was a funder of Cambridge Analytica [1], sits on the board of Facebook, and he also worked directly on the Trump campaign. So there's some extremely fertile ground for favoritism there as well.

[1] https://mashable.com/2018/03/22/facebook-peter-thiel-cambrid...


Nor was Farmville a political organization so perhaps read what I wrote more carefully.

Not political? It's only the biggest pro-Farma lobbying effort ever. ConAgra and Monsanto's fingerprints were all over that "game" /s

Agree, Facebook was always in cahoots with Big Farma.

sorry if it wasn't clear, I wasn't trying to troll, just a little tongue-in-cheek Southpark humor

Other people have noted that 2007-2012 is notably absent from the timeline in Zuck's post.


Where do you get that Obama’s campaign had special access that other apps didn’t have?

"[Facebook] came to office in the days following election recruiting & were very candid that they allowed us to do things they wouldn’t have allowed someone else to do because they were on our side." - Carol Davidsen, Former Obama Campign Director [1]

[1] https://twitter.com/cld276/status/975568208886484997

The NYT magazine article about this also mentions that the scale of the Obama campaign's data extraction tripped internal Facebook alerts which had to be overridden: http://www.nytimes.com/2013/06/23/magazine/the-obama-campaig... (Back in 2013, they of course spun this as a demonstration of just how impressive and well-done it was.)

This all should serve as another reminder to not yield certain leniencies to "our" guys just because we want them to have an advantage. Because it sets a precedent, and then future organizations, like CA, can do the same thing for people we don't like.

Nice. So they intentionally helped Obama, but indirectly helping Trump has caused international outrage.

I'd say its that the intervening years have shed the bloom from the rose that was Facebook, and a lot more people have become a lot more savvy to the topic since then. That makes CA the tipping point for public sentiment in the US, but Europe has been ahead of us for these types of concerns. Worth noting that i haven't seen many people placing blame on the Trump campaign either, it seems to be going swuarely where it belongs: CA and Facebook. It would be nice if more splashed on to other big players for this type of data too, like google. Google hasn't yet betrayed their trust to as great an extent though.

I disagree. Its undoubtedly a political issue. When it was used by Obama, the media lauded it as a genius use of tech and proof that his campaign was 'hooked in' to modern tools. Trump is obviously less popular in certain circles, which is the only reason why this is now a huge issue.

Yep, liberals are so full of themselves and surround themselves with other liberals only, so the thought of someone actually voting differently is hard to fathom for them, be it Trump, Brexit, Le Pen. They are trying to rationalize it somehow that the poor people are being manipulated by Russia/fake news/Facebook/CA/insert the next week's boogeyman.

Claiming that other people are ignorant doesn't justify your own ignorant argument. The only things you have showed here is that you thinks all liberals are the same and that they must be acting irrational. Which is exactly what you accuse all of them of doing, something far more implausible since they are a large group of people.

That of course doesn't conclude that liberals or what you prescribe to liberals is correct. But there were still significant differences between the reelection of Obama, a sitting president who won with a lesser margin than expected and Trump, an outsider not only to politics but the republican party, who won by a slim margin targeting certain fringe issues and key states.

And that's why I am getting downvoted for pointing out the obvious. Classic HN.

That is overly simplistic. Undoubtedly Trump's unpopular status has helped the issue gain traction this time around, but there are two key aspects you can't overlook here: First, CA obtained the data improperly, raising the new question of just how much abuse has occurred. Second, blame here isn't being cast on Trump or his campaign, but the entities that improperly obtained data, or allowed it to happen.

Further, the "only angry because it's President Trump" narrative ignores the fact that there has been a rising tide of concern and pushback on data collection and customer surveillance business models. The fact that Trump's campaign was involved may have been a catalyst, but a catalyst cannot operate in a vacuum, it requires very specific preconditions, ready and primed for that spark. And the longer it builds, the smaller the spark needs to be.

The Obama campaign took all that data and did normal political campaigning with it: targeting likely voters and bombarding them with campaign messaging. Cambridge Analytica ran Facebook-powered ratfucking operations: for example, organizing Black Lives Matter rallies with violent messaging, then highlighting the violent BLM rallies to scared white rural voters.

Facebook should never have facilitated this level of data collection for any campaign, but characterizing the current anger at Facebook as media-driven favoritism is Internet Research Agency level trolling.

I believe it's quite obvious that the campaign director either remembers this wrong, or the person they talked to gave them the wrong reason.

Why? Because four years later, Facebook would let Cambridge Analytica do something similar without having a reason to particularly like them.

And even after learning about CA's breach of trust, they chose to mostly remain inactive, even when they learnt that the company was working for Ted Cruz and Trump, two candidates you probably wouldn't want to help if you're making business decisions based on political sympathy.

First, Facebook didn’t allow CA to do anything. That’s because CA didn’t ever have an app on Facebook. The app in question was a personality quiz created by an independent developer. It accessed a small fraction of the number of profiles that OFA did, and it was only able to do so over a much longer period of time. The data from the app was then sold to CA years after the fact. It was a normal app that operated within the normal parameters imposed by Facebook on all other applications.

That’s far different than the Obama situation. They accessed ~4 times the number of profiles, and were allowed to keep the data current because Facebook voluntarily removed the API limits for them. Why would you question Obama’s own campaign director? As if it were a secret that Facebook is left leaning and wanted to help Obama.

> Why would you question Obama’s own campaign director? As if it were a secret that Facebook is left leaning and wanted to help Obama.

Precisely because everyone knows/thinks Facebook was sympathetic towards Obama, I believe it's not unthinkable that someone used that fact as an explanation when they were asked and did not actually know the specific reason.

Her statements are highly specific.

I hope you can take a step back and realize that this is one of the most blatant examples of mental gymnastics / cognitive dissonance that I personally have ever seen. In the face of direct, first-hand evidence that the Obama campaign did exactly the same thing that the media and social media ecosystem is now very angry at Trump for doing, your response is literally to go into denial about it, and insist that the evidence is inaccurate. You are essentially just yelling "fake news". This exact behavior, denying reality when it goes against what you want to believe, is how we get people insisting that climate change isn't real, and discrimination doesn't exist. Shame on you. I truly believe that you're better than this, please use this as a growing moment.

Because four years later, Facebook would let Cambridge Analytica do something similar without having a reason to particularly like them.

Ruling out money as a reason seems a bit presumptuous.

Is it / was it known that other potential candidates were barred from doing the same or was the Obama election campaign the only one granted such permissions?

"Barred" isn't exactly the right word, in that it implies that Facebook actively took steps to prevent other candidates from doing so. Instead, Facebook had standard data collection limits in place that were enforced automatically by the platform for all apps. When the Obama For America app hit these limits, Facebook explicitly removed them for that app. It is the only publicly known case where this was allowed for a political campaign.

Do you have a source on the exemption of the data:permission limit being lifted for them? Given the soft run at quote mining in your earlier post, I’d feel more comfortable if your core assertion was verifiable.

Umm..wut? Read the thread. Read the direct quote from his campaign director saying that they had special treatment. There are a hundred articles saying alarm bells went off over OFA’s data collection activities, and Facebook reacted by shutting them off.

Google is your friend.

Here’s one to get you started...

“The campaign’s exhaustive use of Facebook triggered the site’s internal safeguards. “It was more like we blew through an alarm that their engineers hadn’t planned for or knew about,” said St. Clair, who had been working at a small firm in Chicago and joined the campaign at the suggestion of a friend. “They’d sigh and say, ‘You can do this as long as you stop doing it on Nov. 7.’ “

[1] https://mobile.nytimes.com/2013/06/23/magazine/the-obama-cam...

When you say removed "them" I'm assuming you mean removed the collection limits and not the Obama campaign, correct? Thanks for the info by the way!

Yes, by "them" I meant that they removed the collection limits.

No, it's known that Facebook did not take any meaningful action even after learning that this sort of data had been retained against their developer ToS, and was being used by the Trump campaign.

There are also enough stories from FarmVille and far smaller apps and the access they had. I wonder if anyone remembers running into API rate limits in the 2010-2012 timeframe?

I remember being as surprised by the API access as many of the testimonials we now hear. I had initially implemented rate limiting on my side. After never running into any problems, I gradually reduced the delays to 0 without ever hitting any limits. But I only ever accessed maybe a few dozen GB of data, not the 100+ million accounts others apparently got.

It may also have been important that CA saved all the data with no expiration policy. The API limits may have been set based on the usage pattern the ToS prescribed, namely never caching data for more than 24 hours. If you save and reuse the data instead, you save a lot of duplicate API calls and get new data instead.

Yes, I did all the time. Even the Obama campaign itself ran into them, and then Facebook explicitly removed them for their app to help them along.

I'm just going to keep posting this.

I told Mark about this exact problem in 2005.


And I warned him about FTC liability if he ignored it.


After that, we stopped talking.

Presumably Zuckerberg did not consent to this conversation being captured/recorded and shared.

Do you feel even the slightest bit of embarrassment at the irony and hypocrisy of using this content, that you acquired without consent, to further your argument against the trustworthiness of this guy?

Where are those screenshots from?

Why is Zuckerberg's nick 02? Who is 01?

I graduated high school in 2001. Mark graduated high school in 2002.

AOL Instant Messenger (which was super popular at the time) had this format. You could choose your own screen name, maybe he wanted 02 instead of 01 for whatever reason.

Presumably because he registered his nick in 2002 (which was a popular "naming scheme" at the time). thinkcomp should tweet someone like @pinboard, @nitashatiku, @karaswisher etc.

People didn't seem to care back then, though. If you asked a random FB user about app permissions in 2011, I suspect that person wouldn't think it was a big deal.

Social mores are changing, becoming better developed.

The Internet, social networking, OAuth -- these are not exactly well-trodden subjects in humanity's past. It's not like we have decades or centuries of precedence to look back on.

The important thing is what FB does now.

Again with this "not caring" comment.

In at least 90% of the cases people don't understand what the privacy policies or permissions mean or what they could be used for. People trend to trust others, in general. And many developers abuse that trust, especially when they're allowed to do it by design with the permissions they're given by the platforms.

When an app asks me for "Access to media" I only give that access expecting that maybe it needs that access for when I will open a media file with that app or to download or create a media file inside the media folder.

I do not expect the app to analyze my media for the type of content I have in there, and I do not expect the app to upload those files to its servers, or any other uses that developers may come up with for that particular permission.

Yet, the permissions are set-up in such a way that they allow much more than people expect them to allow.

Saying "well you shouldn't have given them access to media" or "you shouldn't be using the Internet or a smartphone" is really a nonsense type of comment to make. If it's a video player, of course I have to give it access to the media. That's why I need a video player. But I didn't intend to give it access to upload my media to its servers. That's what the platform developer allowed it to do, without me knowing or understanding that it can do that, not me "not caring."

This is just an example, but it can apply to phone permissions, contact permissions, and other types of permissions just as well.

Also, sorry for the double response, but I had one other thought.

I'm not sure that most people understand even now, after the CA story broke, what the specific issue was with CA, FB, and app permissions. CBS news characterized it just like any other data breach. Slate's Political gabfest did the same. Most news articles near the tip of Reddit's front page were also light on details. Channel Four's original report didn't even focus that heavily on the FB/App problem. Friends in my FB news feed similiarly sound confused about what specifically happened. Everyone is outraged, but few seem to understand, even now.

Someone elsewhere made a great point that I'm wrestling with. There are totally legitimate uses of friend-data for an API client, such as a custom news feed.

Apps on Windows have access to pretty much everything. There are legitimate reasons for that. It could be abused.

When a Windows app misbehaves, abuses the trust the users have placed in it, we don't blame Windows. We blame the app.

Why then, in FB, in the same situation, have we mostly blamed FB?

I think that’s an important point. Back then Facebook was more of a toy, a fun thing. “I don’t use it for anything serious, so it doesn’t matter”

Well, I remember working at a startup in 2006/7 on Facebook apps and having this exact conversation with my boss (specifically about the ability to de-anonymize users by joining across multiple different sites).

I remember building very innocent Facebook Apps for Marketing purposes back in 2011-14 and being very annoyed at the privacy changes as they made our "cute" usecases basically impossible. At the time I always imagined Facebook would monitor their API usage to prevent aggressive mining as this would surely be against their own interests, but as it seems they didn't care.

If only someone would have used this hole to seed something like Diaspora to help break the critical mass problem for those kinds of projects.

Funnily enough, I vaguely remember there being articles on HN claiming that Facebook's lockdown of access to their social graph was an anti-competitive practice that needed to be stopped when it originally happened, though I can't seem to find them again so might be misremembering.

There are comments in this thread suggesting that FB made the OpenGraph changes to preserve their competitive advantage. If they lock down their APIs even more, I wouldn’t be surprised to see more accusations of these.

how long you think that hole would've stayed open if that were happening?

"We also asked why Facebook users should trust Zuckerberg’s claim, also made in the CNN interview, that it’s now ‘open to being regulated’ — when its historical playbook is packed with examples of the polar opposite behavior, "

It's like when Trump said he could shoot someone on the street and still win... It's when your supporters start to back off that you start giving in to demands, not before.

The real problem with app permissions is that developers are allowed to even REQUEST permissions that are not necessary for the functioning of their app. This is not just an issue with apps on facebook. It's also an issue with Android apps (and, I presume, iOS apps).

The fact is that the majority of users can not be expected to look out for themselves. People hit install and then hit accept to whatever permissions request pops up. It is like agreeing to the TOS that no one reads.

I tried to download an alarm clock app on Android. It wanted access to virtually everything. Why do you need so much information for a fucking alarm clock? My analog alarm clock doesn't know my name but it still wakes me up each morning.

Platforms (Facebook, Mobile OS's, Desktop OS's) need to reject apps that request unnecessary permissions.

Exactly this.

Part of the reason is pre-emptive cost cutting by these companies to remove human review from these apps.

Google also played a massive part in this with their strategy for growing the Android app store. (as did Facebook)

Favouring quantity over quality puts users at risk.

iOS asks for a permission only when an application actually tries to use protected data. It is very clear to user and was like that since forever. You simply tap “deny” at runtime and never care that it will access something you don’t want.

Android has similar behavior, but only for new-style apps (starting with 6.x, as someone corrected me in last year’s thread). Trillions of old-style apps still enjoy TOS-like god permissions, afaik.

I don't understand why Facebook ever shared friend data. It's one thing for a user to opt in to sharing things like their likes. But as soon as you share friend lists, you are sharing stuff about other people.

There are non-evil uses of that data, of course. A custom-built news feed for example. That would actually be pretty nice...

That's okay when it comes from Facebook. Everybody on Facebook signed up with Facebook. It's sharing with third parties that I don't think is cool.

There are non-evil uses for anything. That doesn't mean we don't need security.

Never said that there wasn't. I was responding to someone who couldn't fathom a legitimate use of the friend data.

I have to say, I have never seen so much bad press about facebook in such a short time frame.

Seems like this is picking up a lot of steam.

It's astounding. And much of the reporting is really, really terrible. Like just not describing things with any degree of accuracy at all.

There is literally nothing new about facebooks invasive practices in all this news (except that CA took their lunch money).

I have a feeling all this coverage is driven by quite a bit of schadenfraude from the traditional media.

This coverage is well deserved, but I am sad that people are only taking notice now.

Coverage is well deserved but only focused on one single case: Trump's campaign.

Syrian Civil War began in social media first. The journalists criticising Facebook nowadays used to run campaign for how social media helps protesters organize. What if Arab spring wasn't an organic movement? Isn't it weird that some "experts" suddenly changed their mind about social media after Trump's election?

Also, why noone even talks about Google? It's much bigger weapon for manipulating facts if you consider millions of people trusting its results for their questions. People ask Google if Brexit is good, people ask Google if Trump is doing good. And we don't even know how Google picks the best results. What if there are some SEO tricks shared with only a few companies?

News sites largely care about what brings in the money - when a wave starts, they all pile on, and the ad revenue goes up for a while.

I don't entirely blame them - it's driven by extremely perverse incentives, and alternatives haven't worked out (yet). But it's undeniably terrible for everyone, and IMO contributes to undermining their usefulness.

Facebook always required the initial user to give permissions including access to friends. But for many years once that was granted all public/friend shared friend data was available that others shared with their friends by design. They closed that off with OpenGraph v2 where they even changed friend ids/invites to be unique to the app so that data was not able to be correlated easily across apps. They did it for privacy but mainly because other groups were pulling in the social graph and maybe it became a competitive threat.

People that weren't developers or in marketing probably had the expectation Facebook was a private walled garden where they were only sharing with their friends but once one friend gave those permissions, many bad apps started to see how they could pull down the entire social graph. This has since changed with OpenGraph v2 in 2013-14 but it was exploited by nefarious groups for a time.

I think most of the permissions model was fine before the bad apps and shady groups that are using your data for targeting purposes beyond games, apps and ads. Once it started to be used for aims beyond harmless fun like games that is where people got angry especially in targeted politics.

2011? I can't recall that far back with FB app perms, but I do remember working on a few projects in ... 2013 IIRC? And one of the pieces of feedback I got the most from people I'd asked to test was "why do you need all these permissions?" They weren't all an overly tech-geek crowd, but many seemed to question it.

"I can't not ask for these permissions - even just for a basic login - facebook forces this information to be available to my systems. I'm not using it for anything, and I don't take much of the information I'm given, but to connect via Facebook, they require me to have access to this information". That became my standard-ish response, and it wasn't that surprising why many people got miffed, especially if I was just doing basic "login with facebook" stuff.

IIRC, FB has changed the minimum permissions a couple of times in the last several years (or, at least it's seemed like it - maybe names or presentation of the info has changed?)

Any app developer will tell you that Android is much more invasive...you can suck so much location/device data with no (or very standard) permissions. Apple was bad too until a few years ago.

Delete and forget it existed. Ignore and move on. Give up the benefits and pay the cost. Do you really want to live your days feeling dependent on this sort of "service"? Do you really want to say, "but I need Facebook!".

In today's age, you need a phone number and e-mail. It's ok - they are decentralized. Don't let a centralized platform of Facebook's evil nature become necessary for you to live your life.

In the last couple of years the company I work for wanted to build social scoring methodologies. In 2013, Facebook revised their privacy rules and we were not allowed to collect the data we needed. However, there are paid partner programs with different rules. Same as LinkedIn, afaik.

Did Facebook try to block this company from interacting with affected users after this happened? or did they just let them target anyone with any ad?

The thing that never ceases to amaze me is just how easy it is to scrape Facebook profiles. Every other social network has strict usage quota but with FB you can scrape tens of thousands of profiles with a single ip. With a thousand proxies you could scrape all profile pages of any given country. I won't be surprised if there are companies out there doing exactly that as we speak. And FB allows it, probably because it enhances the ecosystem by providing useful insights to corporations.

They weren't just warned by Ireland. They had to agree to oversight following an FTC decision in 2011.

The article does not mention the issue FTC took with "Verified Apps" in 2011.1 This was before FBs IPO.

WSJ had reported several times about apps leaking FB IDs and about companies such as RapLeaf linking them to users.2 They were apparently combining Facebook data with some data from public sources to identify Facebook users, in 2011.

Zuckerberg in his statements so far has used the term "derivative" data a couple of times, as if the word derivative is significant. Does Facebook believe this somehow takes it outside the scope of what they are responsible for?

1. https://www.wsj.com/amp/articles/SB1000142405270230477280457...

2. https://www.wsj.com/amp/articles/SB1000142405270230441050457...

This story seems to be very carefully planned attack to Mr. Zuckerberg to oust him from Facebook CEO. Recently they exposed some IM history from the past decade where he calls user "dumb" http://www.businessinsider.com/exclusive-mark-zuckerbergs-se... everything that they know about me. Z to be revealed.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact