Users' data is Facebook's main asset. They created the danger posed by these defendants by intentionally collecting user data on such a massive scale. They're not protecting users, they are protecting their business of creating pools of similarly situated users for advertisers to target. Facebook will never protect users from advertisers. They will not sue their own customers.
At least with these defendants one can get a rough idea of what they were trying to do, the methods they were using to collect data. With Facebook, the internal operations of the company, how they solicit, collect and use people's data, is deliberately withheld from public scrutiny. "We're using your data to make our service better." For whom? Their customers, which may include political campaigns. Facebook is free. The user is not the customer. "We cannot reveal what we are doing because that would put us at a competitive disadvantage." Obviously they are doing much more than just storing your data and making it available to your friends list. You are not the customer.
This is why what Cambridge Analytics did was bad, right?
It seems like a week doesn't pass that there isn't news of yet another scraping/dark-adtech firm exposing hundreds of millions of these types of records
If you think Facebook are bad, these companies are an order of magnitude more evil, and you're never going to hold any of them accountable because they don't care for regulations.
edit: The threat model here is really concerning. To build user databases legitimately takes a lot of effort and funding. To do it via extensions and scraping requires finding browser extensions that have a lot of users and loose permissions (usually https://*/\*) and acquiring them for cheap, pushing an update and then just watching the data roll in.
The only recourse is further lockdown of browser extension capabilities (which also punishes good apps like uBlock Origin), purging extension stores (which also usually traps innocent players) and/or taking legal action as Facebook are doing
It's like expecting keyboard manufacturers to sue developers of keylogging software.
Also it’s not clear what fb is supposed to be doing then? Just let people write malware and steal user’s data? Be damned if you do and damned if you don't.
It is generally good that Facebook is taking these actions.^1 But the point I am making is that it is likely to be used as an argument by Facebook to try to hide the fact that Facebook created the problem in the first instance. And they have historically failed miserably as "stewards". And they are the much larger threat to user privacy than anyone they are suing. Their interests are not aligned with users. Facebook has reasons to keep others from obtaining user data that have nothing to do with user "privacy", a concept Zuckerberg is in fact actively trying to destroy.
1 But I am wondering what Facebook would do if a user was "scraping" her own data and the data their friends have shared with her. In other words, imagine the user writes her own "bot" to automate her Facebook usage and reduce the amount of behavioural data she gives to Facebook, i.e., the data she does not get if she "downloads her data" from Facebook. Clearly this is not "malware". TOS would surely be interpreted by Facebook to not allow any sort of automation. As anyone can see reading the public filings they make with courts and regulators, Facebook lawyers are heavy on the over-the-top rhetoric and arguments that border on the absurd. The user is not the customer so no reason for them to hold back on going after users.
These extensions didnt just scrape from fb, they did so from every website the user went to.
It's not surprising that this press release focuses way more on the extensions mining ancillary 3rd-party information available via the extension (stuff outside of FB) than just what they took from FB - which otherwise FB gets unlimited and unscrutinized access too.
Instead of taking the opportunity to look within at how they are part of the problem, they push enforcement you'd normally expect more from the extension publishers, Chrome/FF/etc browser extension stores. Instead the massive data silos themselves want to run the show while still eating their cake.
They realized tncentives have changed as the interest groups and likewise the regulators (whom have the latter increasingly have their ear) have become increasingly concerned about blowback from the large pile of data they vacuum up every day, and their own self-proclaimed stewardship of that data.
They realized they can control it domestically for their own interests and fool the public into thinking the only concerns are Russia, China, and in this case malicious fringe nobody political groups with zero real-life power.
These are the new sheriffs in the 'wild-west' with inherently vague privacy rules, everything goes internally and for internally 'verified' 3rd parties. Meanwhile they create a smokescreen via engaging in token rule enforcement against tiny firms or the odd domestic authoritarian group so they can showcase themselves as being pro-privacy (ignoring the mountain of despots still using the services or blatant bipartisan double dealing).
IRL it's most likely not some top-level master plan or conspiracy as many claim, these sorts of moral inconsistencies happen naturally in these firms when they set up teams to control priority narriatives and have their loyalists moderate content, with a) primary focus on the fringes and easy hapless targets while b) willfully ignoring the bigger players or 'politically acceptable' groups (and their own businesses over-arching models).
History is littered with examples coming from the 'morally superior west'. Just look at northern Pakistan on the borders of Afghanistan for these sorts of compromises. Engaging in a decades long phony-war while ignoring geopolitical elephants in the room. These same inconsistencies are rampant in our new politically acceptable reality.
These inconsistencies are often obvious by default until some super egregious cases get 'caught' or more importantly politically unpalatable use-cases get exposed, then all of a sudden they are the good caretakers over your data - the people they long promised they would be!
Phony inconsistency is their calling card and easy to sport for anyone who is paying attention.
I sometimes wish I too was dumb enough to engage in hyper-partisan politics. Like blindly backing a sport team. And not see the long term deterioration of democracy, transparency, and rise of misguided authoritarianism by people who just discovered politics and think flailing about with new forms of top-down censorship will not simply backfire. Or is somehow better than the universal rejection of the (already) tiny fringe negative forces which we saw immedately after the capitol riots from bipartisan sides.\\
No, FUD convinces them we have to destroy the rights, rights created to protect them, to get there...
It made me laugh a little
That data was public in the first place. These extensions can scrape anything, including your messages.
Obviously this doesn't prevent you from breaking other rules. Actually, once you make it into the big leagues, you can now afford to break more rules than ever before.
I know "Facebook data" is not quoted, but I gather that is the way they feel about it, they aren't protecting the user and the user's data, they are protecting themselves and their data!
Facebook data. Not user data. That pretty much sums it up.
I was extremely shocked to learn that facebook requires you to upload a real picture of yourself in order to use the service!
I tried several times creating new accounts. Each time the account was locked and it required 1.) my phone number and 2.) a real picture of myself. Why would this ever be a requirement for using social media?
Facebook requires you to use your real name when creating an account.
>I was extremely shocked to learn that facebook requires you to upload a real picture of yourself in order to use the service!
Nope, Facebook requires you to upload a real picture because you got caught creating fake accounts. You know who else uses fake names and emails and creates multiple accounts once the previous one runs into a checkpoint once it appears to be fake? Scammers and bots. Use your real name, and then lock down your privacy settings to where only your friends can see info about you. It'd be annoying to your friends trying to remember who "John Smith" actually was all the time anyways.
Seems to be a bunch of comments that look like they've been generated with some kind of GPT3 type setup, almost sensical and somewhat related.
Were the ones I saw, re reading them a few times I could see them as being human written. Maybe just someone in a hurry to post.
Bad actors hate when you talk about punishments for their actions.
Headline is missing context. I run a Chrome extension that's a non-spyware web crawler so I appreciate the distinction that they're not just going after any scraping tool.
Still a d*ckmove from FB, especially considering that a browser plugin can not really be used to scale up. Anyway, looking forward to hear from FB :)
That's the reason the actor in the article is being sued, not because they're scraping, but because it was sending it to a 3rd party without consent or knowledge.
You can probably mislead them all you want in most jurisdictions. After all, that's what Facebook is already doing - how many of its billion+ users do you think are fully aware of how much external data Facebook gets access to?
Outright lying on the other hand, that's what's going to get you in trouble:
Remember kids, when you scrape FANG, always use prepaid cards, tor + vpn. You might as well be up against a state actor.
Sold what early? Stock? Were you involved?