Hacker News new | comments | show | ask | jobs | submit login
You Might Have an Invisible Facebook Account Even if You Never Signed Up (groovypost.com)
269 points by pessimizer on Aug 12, 2013 | hide | past | web | favorite | 178 comments

Is this it? This is our brave new world of pervasive data gathering, social network analysis, and the dying gasp of any shred of privacy? This is the future we've built for ourselves?

I haven't had a facebook account for 3 years. I'm certain FB has a shadow profile for me today and there's nothing I can do about it. My friends don't understand (or don't care about) the implications of everything they do online being tracked, in minute detail, and stored indefinitely.

Real-time indefinite mass surveillance is a fact and yet failed to galvanize the public into action. What can I do other than allow the cynicism to take hold and become a recluse?

I earn my livelihood from technology. I want to believe technology has great potential for medicine, exploration, and improving the human condition. The cognitive dissonance has to give somewhere.

You think your cognitive dissonance is bad? You're heaps ahead of where the people that "don't care" are. I try to evangelize privacy to friends and family all the time, and 60-80% of the time I am written off or ignored.

Most people don't seem to want to accept the fact that something terrible may ever happen to them, and will gladly drown out the pain of dealing with a potential future threat to prolong happiness in the short-term. How's that for dealing with cognitive dissonance? After all, the easiest way to remove the dissonance is to render the counterargument false without resorting to reason that might shake your emotional foundations.

As for your own cognitive dissonance: I don't believe that you are death, destroyer of worlds, by default just because you have the ability to build technology, no more so than a man with the capacity to develop firearms is by default a murderer. Improve the human condition, engineer systems toward that goal, and just pay more attention to the question of "what would somebody evil possibly use this product for?" and try to mitigate against the evil bits.

If you are terrified of ever having unintentionally built a weapon, then it is best not to be an engineer at all, as nearly every tool can be weaponized in the right environment with some degree of effectiveness by someone that means harm.

I have the same issue with the 60-80% - trying to convince others of the deep evil that can (and when there's a bad quarter probably will) be done.

I generally let people know how absolutely permanent this stuff really is... More permanent than a tattoo. The information people put on facebook will, like it or not, outlive your grand kids.

and then there are those engineers who have intentionally built weapons, hoping that they would be only be used defensively, but knowing that's likely not the case. . .

We work with technology and love to see cool new things developed and released in the world, but like anything, it can be used for evil too. There shouldn't be any cognitive dissonance and it's good that you're cognizant of the possible downsides. I wish more people would think of the possible negatives before they lay finger to keyboard and start coding.

What can you do? Keep talking about it; don't give up. Most people have to be exposed to an idea many, many times, and also see social proof (i.e. their peers accepting the idea too) before they will accept it. This is why we as entrepreneurs love early adopters because they give us the social proof we need to pull new, less adventurous customers on board.

What else can you do? Don't code bad shit and compete against those that do. Make the privacy destroyers lose.

While your recommendations are great - keep talking about it and DON'T CODE BAD SHIT (if you do, no matter if you think its just to feed your kids or whatever, you're a bad person).... there's more we can do.

The NSA and their ilk think they can take the knowledge of CS, and other aspects of information science, and use it against us. But what is preventing us from defending ourselves with that same knowledge? Surely there's enough public information out there to, say, build a system which uses the public news stories and communications from politicians previously busted for adultery to train a machine learning system that will also monitor contemporary news stories and communications and let anyone check their politicians "aduletery score" to see what % likelihood there is that they're a cheat (according to the system, of course).

There are many projects like that which could be done that would help the public, and the politicians, understand why the things the NSA wants to do are radically dangerous and must be stopped.

Personally, I don't give a shit about a politican adultering. How did they vote when it came to my rights?

Yes I'd rather have a politician who regularly attended brothels than voted for SOPA. Raising alarm over OMG sex is a great way for media to control the dialog away from actual issues.

Creating no-cloud solutions that are heavy on good encryption is probably the best bet to secure the world's privacy and defeat global surveillance!

I admire your positivity.

However, is it not the case that this:

  Don't code bad shit and compete against those that do. 
  Make the privacy destroyers lose.
...has been disproved by facebook? They are (one of the larger) privacy destroyers. They are not -- at present -- losing.

Facebook made MySpace lose. MySpace made Friendster lose. Facebook isn't invincible, it's just that nobody has created the next Facebook.

People are growing tired of Facebook and it's becoming passe. People are leaving and new generations are failing to sign up because it's not longer cool. Teenagers give a shit about Tumblr, Instagram, and Twitter, and less about Facebook. A growing number of people are getting tired of it and becoming less active or leaving. It's becoming cool to deactivate your Facebook account, and that's the most hazardous thing to Facebook's longevity.

All brands die. Facebook isn't immune from this law.

You are correct. Facebook was not the first social network and they will not be the last.

I guess I'm more concerned about the precedent they've set, in terms of (mis)handling user data, and how other companies seem to be falling over themselves to add 'social' features. Very few companies begin with a commitment to user privacy.

My fear is that FB has done some kind of irreversible damage, even if only as measured in terms of the attitudes other companies are adopting towards privacy.

They have made real data privacy an issue they can be competed with on.

Who says the next social network has to be run by a corporation seeking a profit motive? Why can't the next social network by a peer-to-peer network where your personal data stays on your personal machine at home and where you have total control over who has access to what. Don't want to give access to your pictures to the guys who wrote the system? Fine. No problem. Want to delete your profile and know it's offline for good? Easy as pie.

Yes, of course it can't be spun out today as a web service because the web is designed like a piece of shit. We need like some sort of simple home appliance that serves as your node on the network, preloaded with the necessary software that people can just put in their closet and forget about. If you're really ambitious, make that box your business. Make it a simple, secure server that you plug 'apps' into as easy as you do your phone... except the box makes sure you can access those things - and so can the people you authorize - anywhere in the world... without you having to learn DNS, figure out your IP, or any of that jazz.

Of course then the ISPs will cancel the accounts of all your customers for running servers. Oh well, go back to giving all your data to Google and Facebook. I'm sure your ISPs 'no servers' policy actually has nothing to do with guaranteeing a stranglehold on data by hosting and other companies.

Why can't the next social network by a peer-to-peer network where your personal data stays on your personal machine at home and where you have total control over who has access to what.

Eben Moglen's FreedomBox project has been working on a soup-to-nuts software stack for that sort of thing for a couple of years now. They can use more talent.


I see your point, but I disagree. There will always be those that just don't give a shit, but I get the feeling that people generally are better educated about privacy and the consequences of freely giving up information online.

People not respecting their own privacy is a marketing problem. Teach people it's cool to respect their privacy and people will be more careful. It used to be cool to smoke too, after all.

"It used to be cool to smoke too, after all." True, but I don't think marketing made it "uncool", at least not initially. I think that started with individuals, families, friends, health-oriented groups. . .the marketers were among the last to the table. I think the same is true of individual privacy.

>Teach people it's cool to respect their privacy and people will be more careful.

There is no profit in this, and the government makes facebook privacy-encroaching look trivial, so looking to them to regulate it is a non-starter.

I disagree that there's no profit potential in it a privacy-focused social network, but a lack of profit potential doesn't mean a social movement is doomed. The anti-smoking campaign wasn't designed to fatten a bottom line, it was designed to create a positive social change, and it worked.

I think anti-smoking was done to fatten a bottom line. It was largely a money grab by the states, and state/federal/tobacco money continually poured into anti-smoking organizations.

The reason why nobody cares anymore is because the money dried up (lawsuits ended, settlements happened), and now tobacco companies themselves are using the laws to keep smaller/foreign competitors and safer alternatives (such as Swedish snus) off the market.

Now that there's no money to be had, anti-smoking initiatives are going nowhere.

edit: luckily, this money grab contributed to improving the health of the public - but it was still a money grab.

You certainly live up to your screenname!


It isn't that there is no profit in it. There is profit - but it is craigslist level of profit, not google level profit.

I think that Facebook has a social duty to set the bar in terms of what is acceptable to do with this wealth of user data. Never before has there been one place that has so much detailed information about so many people - with great power comes great responsibility. The rules are still being refined. Things get tried - some work, some don't - then from this, lessons are learnt.

Yes. However, I believe Facebook has a history that shows it repeatedly failing to be trustworthy enough to make those decisions.

> I believe Facebook has a history that shows it repeatedly failing to be trustworthy

You can say that again. Here's a great list from over the years: http://pleasedeletefacebook.com

I don't think there's a rigid bar to judge them by, though - nobody else has had this much data in one place before. There are best practices and things that one might deem "sensible" or "fair" but they're ultimately still trying to figure out just what to do with all this data.

Put it a different way - do you think anyone who works at Facebook would want people to think the company isn't trustworthy? I'd suggest not as it does nothing but harm the company. The decisions are likely made with the best intentions in mind, but to err is human and I don't think that Facebook have all the answers.

My fear comes from a different old saying - absolute power corrupts absolutely. I've never trusted Zuckerberg.

If 'has your contact info in a database' amounts to a "Shadow Profile", there are quite many shadow profiles of you laying around. It probably has relations to all the people on Facebook who have your contact info added, but overall this is much ado about nothing.

By what measure do you assess "quite many shadow profiles of you laying around" to be "much ado about nothing"? Isn't that exactly the problem?

What of one -- and one is all it takes -- company, disaffected employee, or black hat desiring to analyze, filter, or publicize data about me, even in aggregate? What of user preference or control? What of the right to be left alone?

But how much can others fill in the "blanks" of your shadow profile compared to FB ?

> tracked, in minute detail, and stored indefinitely.

Don't forget being analyzed and profiled. When I get arrested for conducting my life in a way that is more than 2 standard deviations outside the norm by some metric the government has deemed critical, it's on all your heads!

Worse, you'll can labeled a security concern just because you express an opinion that differs from the government's POV. Just look at the surveillance the government does to peaceful protesters.

I wonder if FB also has deep facial recognition data sets for these shadow profiles?

How many people have a picture with their contact information for friends and family? My guess is a metric fuckton. Since they're allowed to access "contact information" then a few cross references of a different picture of you along with your name and phone number should be more than enough to add facial recognition data to your shadow profile. They can already guess who is in a picture of your friends. Why would this be any different?

And add in the number of times you're tagged - often against your will - in others' photos. . .


Facebook has nothing to do medicine, exploration, or improving the human condition. Facebook isn't a business created to fund biomedical research or somehow make the world a better place, Facebook exists to collect personal data and serve advertising.

According to Facebook[1], they exist to "give people the power to share and make the world more open and connected."

I think it is arguable that Facebook has improved the human condition based upon anecdotal evidence of it mostly being positively regarded in our culture for exactly the mission statement above.

Whether we personally agree or disagree with this, right now, most of the world's population still seems to believe that Facebook is a net positive, and I would argue that even if people turned away from Facebook, it would still be positively regarded with some nostalgia by the majority of its members after its obsolescence.

Perhaps Facebook has strayed from that optimistic (and potentially naïve) goal, but in its infancy it didn't even have advertising, then had shitty banner ads, then had a pretty bad ad product, etc. Now they have a decent ad product. That is not very indicative of some type of pervasive corporate culture that exists to serve advertising.

[1] https://www.facebook.com/facebook/info

Nope, Facebook is still in business to serve advertising. Their very long history of privacy snafus, especially Beacon, is quite indicative of this. Oh, and that part where they're a publicly traded company and 100% of their revenue comes from ads, user data being their product.

> According to Facebook[1], they exist to "give people the power to share and make the world more open and connected."

Yup, and the Morlocks feed the Eloi. They might even post signs saying so, if only the Eloi could still read.


I actually got a peek at Facebook's behavior maybe 5 years ago when I signed up to beta-test a video game. They had used the Facebook login API for their beta forums without marking it on their site, so signing up for the game signed me up for Facebook.

Suddenly all the Facebook ads everywhere knew my name. Three weeks and about 40 emails to "update my Facebook profile" that I reported to Gmail as phishing later, I received the dubious honor of being banned from Facebook without ever using it.

I threw all their domains into loopback in my hostfile at home and haven't seen their site or ads on that machine since, but if I log into LinkedIn in my work browser it starts all over again, so I've figured for a while there's probably also an account for everyone who has LinkedIn.

My suspicion is pure and simple: Both Facebook and LinkedIn are operating business models that are based on stalking users on the web. If this is your mission it is almost obligatory to implement something similar to Panopticlick [1] to stalk on anything and everything that could be one of your (future) users.

[1] https://panopticlick.eff.org/

I have the same feeling about LinkedIn! I only recently signed up for LinkedIn, about a year ago, using my GMail address I use for job-hunting purposes. I've had this account since circa-2008 but I ONLY use it for work purposes (since it's a bit more professional sounding). I also have another GMail account which I have had for much longer and shared amongst friend and some old colleagues.

When I signed up for LinkedIn, I put in my name and "work" email address and straight away, without me having provided any other piece of information it was suggesting people I may know. It was not possible that it could have shadow guessed this from my email since those colleagues don't have that one, but both my GMail accounts are linked so I wonder if that was the weak point. Definitely something strange going on and it scared me somewhat...

I should also note that at no point did I use the "find my friends" type feature and give it access to my GMail to mine my contacts either.

LinkedIn's "people you may know" is notorious for its creepy accuracy. Not only colleagues, current and past, but friends, acquaintances, ex girlfriends, university professors, landlords, hairdressers and more.. The least paranoid explanation is that, unlike me and you, many others click "find my friends" and let LinkedIn slurp their thousand-entries address books.

I imagined so too, but what were they basing this match on? The people they were suggesting did not, or at least should not, have had this particular email address since it was created after I had worked with them. They only ever emailed (for group meetups/drinks) on my "personal" email address.

Now I can recommendations for other people in the same company, previous colleagues who were at the same company at the same time, "friends of friends" and all that makes sense. But creepy as you say. Maybe the guys who wrote the algorithm now work for the NSA...

The connection point might be your name.

Probably based on your IP (range). If 5 people from IP address X work at company Y, chances are you work there as well.

This was long after (4 years) I had left the company in question, so nothing to do with IP range. Besides, it was a BIG company, and it fairly accurately found my colleagues that I worked most closely with.

The main invasion of privacy here is your friend(s) agreeing to give Facebook (a 3rd party) your information without asking or informing you. This is analogous to Facebook giving the government (a 3rd party) your information without asking or informing you.

i brought this up when my family using the "family tree" app a few years ago. they kept marking their familial relations online for all to see, for free and in great detail.

needless to say, i was met with blank stares when i brought this up.

You're worried about family tree data? Births, marriages, deaths, etc are all public information.

This data should be free and open instead of behind pay walls or locked away in a records office or library.

Google combinations of your full name, father/mother and birthdate in various formats and you might be pleasantly surprised how much is out there.

>You're worried about family tree data? Births, marriages, deaths, etc are all public information.

Not databased and internetted they're not. The lion's share of that data on living people (not to mention dead people) is probably only on paper, and to get pieces of it often required a written request.

Not to Godwin too hard here, but that's exactly the information that the Nazis and IBM used to detect Europeans who were descended from Jews but who didn't self-identify as Jewish.

Re: Godwin, which solution is more "brittle"?

Keeping the next fascist government from gaining control of the state, or somehow managing to keep all people and companies from retaining any extra data about you?

This isn't to say that we should allow companies to maintain extra data, but if that is your defense against the next Nazis you're screwed before you start, for the same reason that we say writing secure code in C and most C++ is a Bad Idea. It's impossible to do even for well-trained, very smart people who are trying to do the right thing.

On that note, doesn't the state already have the majority of PII on you just for tax purposes alone?

I'm not defending against the Nazis, just noting why somebody might be alarmed that their connection to every member of their family is being published on the internet.

That "lion's share" is rapidly shrinking, I think. If you're remotely related to a Mormon or someone with an affinity for ancestry.com, your birth and marriage(s) are probably databased and internetted. And soon enough, your death.

If they made the data available for free, it might be OK. But really you're just doing free work for a company who's going to lock up the data and sell it.

In the USA maybe... There are more countries in the world and that is not a common practice.

Same here. I barely spend time on FB, but check in once and a while.

A while back I received a stream of "family tree" invitations from a relative, who'd noted our relationship via the app.

She'd done the same with a bunch of other relatives (who in turn did likewise). None of them meant any harm, but it turned my stomach.

OTOH, any of the good family tree sites will hide full names of living people from public view.

Let's think of a typical use case where a "shadow profile" is useful.

Let's say my friend Jane is on facebook. She has my phone number on her phone with my first name. Facebook notices that this phone number is not linked to any other accounts, therefore I must not be registered.

Fast forward two months, and I decide to sign up for facebook. I put my phone number in (as a form of password recovery I believe) and it automatically asks me if I'd like to add Jane.

"Shadow profile" sounds scary, but in actuality it's just the modern web at work.

No, that's how modern privacy invasion works.

After Facebook scanned Jane's phonebook, and made the invites Jane asked, Facebook should have deleted your phone number.

Define privacy. If I tell my mother what my girlfriend's name is, that's not an invasion of privacy. If my friend tells Facebook what my phone number is, that's not an invasion if privacy either.

If I share my phone number with my friend, under the agreement that my friend will not share it with others, and he shares it with Facebook, then my friend has violated my privacy... not facebook.

> "... and he shares it with Facebook, then my friend has violated my privacy... not facebook."

I disagree. Your argument assumes that everyday people are aware of all the things going on with the multiple apps they install and the permissions they ask for. I'd argue that they're largely ignorant of what it means to grant something like Facebook access to your phone (contacts etc). This is because apps from companies like FB/Path/etc make it silky smooth to hand over ongoing access to such data sources and never think about it again.

People don't really understand how 'the machine' works and I'd argue that FB and it's ilk have learned how to exploit that to great effect.

> I'd argue that they're largely ignorant of what it means to grant something like Facebook access to your phone (contacts etc).

Being ignorant of how information you've divulged to people is used, does not make that information private.

You're right that if a friend shares personal information we would rather be kept generally private, our friend is responsible for the privacy breach. But the person they share with can also be guilty.

Using a binary distinction (private/non-private) for privacy is unhelpful; it is more complicated than that. Things can be semi-private. Privacy is, more than anything, a matter of expectation. This means, among other things, that it is a messy and complicated thing (which it is) because people have different expectations.

You seem to be working off a definition of privacy that is close to "can be accessed by someone else" where in common usage the word means quite a bit more than that.

For example, if I'm talking to a friend in a coffee shop and someone sits down with a mic to start recording us, most people would acknowledge that they are invading our privacy. Perhaps they are legally able to do so. Some people might mock me for trying to have a private conversation in a public place. That doesn't change the fact that if I caught someone trying to listen in, I would consider it a Jerk Thing to do. Not on the basis of legality or even on practicality but on the basis of social expectation. I do not intend to share the conversation with them, nor do I expect them to access it.

Security folks tend to say things like "Expectation isn't a real barrier. You don't have any right to expect people to voluntarily not access things that they physically can." But that's a naive perspective, because social expectation is a real thing and it makes human interactions work.

Now it is true that if we abandon expectation as a real constraint, we will plunge into a dark and cynical world where everything that is not nailed down is for the taking, without recourse. But what I don't get is why we would want to do that. There are some who would say we are in that world; I'm happy to disagree with them.

I'm very happy to stay in the world where other people in the coffee shop would look at the person with the recorder and brand them creepy, because they're snooping - they're trying to access information that (whether or not they can) they're not invited to. I'm happy to keep expectation as a real barrier.

So for example, if you tell your mother your girlfriend's name, it might be a breach of privacy, depending on whether or not she expects you to do so. Your mom might be her boss...

In this case, Facebook is definitely doing a Jerk Thing and violating privacy, because they're working out of sync with peoples expectations. They ask for information for a presumed purpose (to populate your Facebook account) and then use it for an additional secret one.

For instance, if I lent my physical address book to a friend for the purpose of sending out wedding invitations for me, and they made a copy of it so they could flog their pyramid business, you can bet that my friends would be mad, but they would also accept that I was betrayed and that the real privacy violation was on the part of someone who used information they had access to in a way that was not invited or expected.

The right language of what is happening here is that of betrayal and privacy violation.

I agree with you up to the point about Facebook violating privacy expectations. I've been a Facebook user for 4 or 5 years and have never felt they violated any expectation of what I set to be private.

The privacy "breach" in the article was a bug, not any sort of intentional exposure by Facebook.

Facebook even addresses specifically what they do with emails collected: https://www.facebook.com/help/241275309301947/

I guess I don't understand what you think Facebook should be doing, instead? Do you think they have to specifically disclose every internal use of the information they collect prior to collecting it?

Actually the bug 'breach' in the article is not the breach I was thinking about. It's a bad breach but it's a separate issue to me.

For me the issue lies in how Facebook communicates. (Fair disclosure, it's been a long time since I signed up and what they say to get you to share your e-mail contacts may have changed). The relevant section of the article for me is this one:

"When someone “connects” to Facebook using their Gmail, Yahoo, Twitter, Outlook or whatever account, Facebook will ask for permission to access your contacts to “find your friends on Facebook”. While Facebook may actually be trying to find their friend’s profiles on Facebook, Facebook is also harvesting all of that contact data and using it to create “shadow profiles” based on name and email address information. Ouch… And before you ask if Facebook notifies anyone about this process, apparently this page which is ambiguous at best is an attempt." [the "this page" referenced in the quote is the one you linked]

Fair disclosure: my reference for what Facebook should be doing comes from my own subjective personal expectations. These are probably different from yours. Fair enough :-)

I'm happy to agree that FB doesn't violate your privacy expectations :-)

"I guess I don't understand what you think Facebook should be doing, instead? Do you think they have to specifically disclose every internal use of the information they collect prior to collecting it?"

This is a great question, because it's genuinely complicated, and there's no one word answer that will suffice. That's the messiness of relationship...

Every use? No. Every significant use? Yes. For me, secret accounts are significant. What is happening here is an uncomplicated bait and switch. They promise one thing (friend population) and deliver another (friend population + creepy secret dossiers). Facebook has every ability to set the tone of the conversation and yet they oh-so-conveniently forget to ask to use the data for something that is really a big deal. Hiding something major in a help page is a scummy deceptive trick, and if any of my flesh and blood friends conveniently neglected to mention something major in this way I would be mad at them, too.

What Facebook should be doing is this:

FB: Can I import your contacts to populate your friend list?

Me: Sure, that'd be great! Thanks FB!

FB: Cool! Have a nice day!


Or even this:

FB: Can I import your contacts to populate your friend list?

Me: Sure, that'd be great! Thanks FB!

FB: Great! Now that that's finished, can I use the same contacts to create shadow accounts for your friends in case they ever want to join?

Me: Umm... where's the link to delete my account?

What I want FB to do is either to not make secret profiles, or at the very least to ask me before they do. Here's the kicker: if they were honest and up front (honestly, who reads the help file?) about what they were doing, I would have said "NO", and they know it. And they went ahead and did it anyway, without asking.

Now, I can abandon my expectations as naive and just expect FB to do every single dastardly Jerk Thing they can possibly get away with, but I don't want to live in a world that cynical. I think this is why we were all so joyous when Google came out with "Don't be evil" and all so devastated when they broke that promise. I'd rather fight a little (even if it's just griping on HN) to recover a world where Jerk Things get called out as Jerk Things rather than give up entirely.

(edit) spacing on dialogue

Isn't the issue that people aren't really aware of how much they are sharing of their own or other peoples data and that UI doesn't really reenforce this.

It's normally considered somewhat rude to give another persons phone number out without a reasonable reason.

You are going to be in for a real shock if you ever see a phone book. Pages upon pages of names matched with phone numbers!

And you're going to be in for a shock if you ever decide to do some research and find out that you can request your name and number to not be listed in a phone book.

But a phone book doesn't show connections between people nor have people's unlisted numbers, like somebody's phone contacts might.

And Facebook isn't showing unlisted numbers to the public.

It's a relatively new idea, the modern expectation of 'privacy', and one that's completely out of touch with reality. It's only within the past hundred years that most people did not know everyone in their town - Even in cities, you probably shopped at a small set of stores and were known by name by the clerks. Technology has caught up, and now it's possible for shopkeeps to know your name again.

I'm still known by the clerks of the stores in my neighborhood. That's completely orthogonal to this.

The reason this type of discussion of privacy wasn't being had 30 years ago is because 99.9% of the things we did 30 years ago were private, outside of getting arrested as an adult and, eventually, drivers' license info. If I didn't want to be recognized while buying birth control or hemorrhoid medication, I would just have to go to a store that I didn't usually go to.

Also, of course, 1890: https://en.wikipedia.org/wiki/The_Right_to_Privacy_%28articl...

Technology has caught up, and now it's possible for shopkeeps to know your name again.

And people you don't even know from nowhere near where you live, and who definitely don't have your best interests at heart (remind me, why exactly is this data being collected?). Even with the "local" knowledge you espouse, I say privacy is necessary. Until society can put aside it's childish prejudices (say, against non-heteronormative sexuality), then privacy will be necessary. As many noted thinkers have seen fit to enshrine (eg, the US constitution).

This is somewhat different though, rather than having various small communities where everyone knows each others you have a handful of large companies who know everyone.

Google probably knows more about me than my local shopkeeper for example.

Invasion of privacy is what's new, not privacy itself.

"Recording the relationship" is the privacy invasion.

>>"Shadow profile" sounds scary, but in actuality it's just the modern web at work.

I think you have a different definition of "modern web" than most people here.

Fast forward two months, and I decide to sign up for facebook.

And this is where your use case fails: some of us already know about Facebook and will never, ever sign up. Don't track us until we ask you to, full stop.

If you don't want to use the service, nobody says you have to. Facebook having your name and phone number doesn't actually mean anything until you sign up and so if you never do, the situation doesn't change.

It means more than it should. I do not wish Facebook to start correlating me with others when I quite explicitly wish them not to.

Why would Jane not be in your contacts? That way you add who you want, and Facebook doesn't keep tabs on your personal info until you want them to.

Serious question here. Why should I care?

Convince me why I should close my facebook account. Why I shouldn't purposely feed google with infos. Why I shouldn't answer to phone surveys.

Hell. I /like/ having accurate ads on the web. I like reading meaningful spam that sells me the products I want for half the price.

Anybody can already look up my name on 411 and get all my infos. Why should I care if the big corps also gather it to sell me meaningful stuff? It's not like they could use magickal voodoo power based on those infos to brainwash me...

You meet $g at a caffeinated yogurt startup tasting party. You want to form an intimate relationship with person $g. $g looks you up on SureEros.com and finds a bogus profile for you claiming you actually don't like milk products or stimulants. $g figures you lied to get into $g's pants and you look like a lamer.

Race or religion $x takes over a large portion of the local government. You belong to race or religion $y. All of your friends tell facebook you're a $y and their clever algorithm confirms it based on your last name, which you actually only acquired when your father remarried into your stepmother's caffeinated yogurt family enterprise. Local, infiltrated gov't decides to launch a pogrom against $x. They come and get you.

You apply for a job at $q. All of your friends have been telling linkedin you're good at $r. You have no profile at linkedin. You show up at the interview. They say, "Well you have lots of $r experience, but we consider that wasted time, you probably picked up bad habits doing $r. We want someone who's spend more time on $q than $r and who doesn't lie about fermented dairy and alkaloids."

How do I come up with these scenarios? What is my formula? It's based on an article I once read by a Canadian politician who described the right to privacy as simply the right to not be known before someone actually meets you, to have no false representations before you. (And then I added details about yogurt and caffeine b/c that's what I'm consuming this morning and afternoon.)

You present a compelling case for having profiles on major social network platforms, with you controlling the shared information.

I also don't know why I should desire to work at company $q which is has a completely incompetent hiring department.

And governments are pretty good at progroms and determining ethnicities without using social media platforms - they've done this literally since dawn of time. If you add this scenario, you'll need to add the increased sharing of information about the government that is happening through facebook and the fact that governments are banning access to social media whenever they are up to something shady.

> the right to privacy as simply the right to not be known before someone actually meets you

Then you need to ban gossip as well.

> I also don't know why I should desire to work at company $q which is has a completely incompetent hiring department.

Then you should not try getting a job at all, since many companies have similarly incompetent HR departments, which gather background information on you that you might not otherwise wish for them to use when weighing your application.

I've never seen a company I've wished to work for that cared about my Facebook profile.

Companies that care about their employee's choice of fermented milk will go not be a good place to work at, regardless of Facebook. And they will have serious competitive disadvantages.

> I also don't know why I should desire to work at company $q which is has a completely incompetent hiring department.

The pendulum is swung our way right now. Put yourself in the position of someone going for a job in a market that's tight and competitive.

(Like trying to rent a place in Sydney or NYC, they can discard you and there'll be plenty of people left lining up to take your place.)

>>Then you need to ban gossip as well.

That's precisely the thing - effective society does ban gossip. Sure, it doesn't get rid of it 100%, but it recognizes it as a harmful thing and stigmatizes it. It does not meekly accept that because some gossip exists and cannot be eradicated, all should be free to gossip however much they like.

If all companies are $q and the undesirable skill you have happens to be, oh, say, your skin color, ancestry, religion, or sexual preferences, things rather go out the window for you.

This debate isn't about online ads or even spam anymore.

I actually like to see good ads online too and often find them useful. For most people, trading some data for better ads and free services is a deal that they're willing to make - most people don't have the mentality of RMS. I might be willing to trade some data about myself voluntarily so I'll see some ads about products I might actually buy instead of ads for viagra and other penis-related things.

What Facebook and Google is doing here would not be nearly as troubling without this NSA data collection stuff. As annoying as online advertising can sometimes be, generally that information that companies gather about people from online ads isn't going to wreck anybody's life in any serious way and there are always ad-blockers and things to use to limit that if a site is annoying you.

But if the NSA's algorithms use some random meta-data and Facebook likes and search keywords to somehow determine that you're a potential "terrorist sympathizer" or something and you get placed on some no-fly or watch list with no recourse, that can put your livelihood or ultimately even your life in danger. We don't yet know the full extent of these programs or how the data is used and I'm not trusting the same politicians that hid this from us and lied to us and have always lied to us for more power.

The groundwork is in place for the next politicians that come into power that are unlimited by ambition to create a nearly perfect political dictatorship. This isn't a situation we should be in.

> This debate isn't about online ads or even spam anymore.

While privacy and the mess regarding the NSA are problems, to be sure, I'd like to suggest the real problem with facebook is trying to be the ultimate middleman in society. They have the potential to become the worst "rent seeking" business we have ever seen.

Crap like their embed-in-any-webpage login and comment services are good examples of how they seduce people into their walled garden. I've already seen websites that only supported facebook logins, and one "trendy" restaurant in SF that only accepted their payment service.

Worst of all, most people seem to be able to separate the middleman threat (when it is acknowledged at all) from the privacy threat. Even when talking to friends that should know better (several engineers, one bio PhD), any time I bring up the subject. The response is _always_ something about how they don't give facebook their REAL information anyway or similar privacy-based argument. They are assisting in the creation of yet another long-term barrier-to-entry and can't even see it.

Ok so maybe I'm alone here, but this doesn't bother me at all. How is this an invasion on anyone's privacy? They are just using the info a user already gave them access to.

Why does it matter if Facebook has information about you you can't see? Is it really surprising that they do? It's not like FB just shows us the DB tables so that we know what info they are storing on us. As programmers we should all understand that there is some data that you keep that doesn't need to be shown to the user but helps make your program run. That's all I see this as.

Why wouldn't you consider it a violation of privacy simply because another person provided information about you? If you had friends and family who intentionally shared any information you provided in private, you would have no problem with that, and think it should be a generally acceptable societal norm?

The idea that any information you share beyond your own mindspace is up for grabs by any method seems bizarre to me.

It is simply too inconvenient to live in a way where you give up zero information about yourself to everyone. It shouldn't be a black or white decision when it comes to sharing any information, but it's to the advantage of companies that make money on other people's information to want people to believe such a severe stance on personal information is a reasonable choice people have to face.

A few days late in my reply, sorry.

The distinction I make is that it isn't Facebook that is violating your privacy. Facebook. If anyone is violating your privacy it is your friend/family that is giving the information to Facebook, and I think that in providing this information to Facebook they are violating your privacy, but you shouldn't blame Facebook.

My best analogy is the 'guns don't kill people, people kill people' argument. It isn't the gun makers fault if you murder someone, just like it isn't Facebook's fault if someone gives them info about you, you didn't want shared.

Its connection as well as contact information. Who you have been in communication with as well as your contact details.

When you install the Facebook app on your phone it requires permission to read your contacts, call log, location, accounts, and application data.

Is this true?

Good thing deleting the pre-installed Facebook application (if it's ever been used at all it was inadvertently) off of my Android phone is quick and easy, and doesn't require root access!

EDIT: This is why we need sarcasm tags. No, I have not actually been able to remove my Facebook application.

How? Sony Ericsson Xperia Arc S, ICS, locked to my carrier, unrootable. I've been wanting to get rid of it ever since the phone started running out of space all the time, app info gives no option to remove it. Is this a case of my manufacturer/carrier are more annoying than yours, or am I really missing something?

I was being sarcastic. I'll probably never rid myself of the damn thing.

Dammit, it's really easy on my rooted Touchpad, but this thing's horrible for it. It'd be fine if it had storage space, but nope.

You can "disable" it through the Applications menu under Settings.

I had to uninstall updates (the option where disable normally is), and then I could go and disable it, weird. Thanks though, disabled and uses about 1/6 of the space of the updated one :)

Excellent. :) It's not the best solution, the best solution would be the ability to uninstall it completely, but it's better than nothing.

I was able to root my Arc S (but UK model/unlocked). I seem to recall using this method, but would need look on my PC for the files i used to verify... http://theunlockr.com/2012/10/09/how-to-root-the-sony-xperia...

I always have a chuckle when Android users say it's open source and free. iPhone is worse, of course, but still. We all really need an actual FOSS phone that is liberated from the carriers. Maybe Canonical's (modulo Amazon results when searching contacts).

I jumped for joy when my new phone didn't come with preinstalled facebook!

Yes, but this shouldn't come as a shocker to anyone that uses Facebook and Android. You can arrange to have contacts synced in Android so that you can see updates / photos / phone numbers merged with your Google contacts. NSA access notwithstanding, Facebook is in the business of making it easier to interact and socialize with people.

Alternatively, you can use the app "Tinfoil" for Facebook, which is essentially a locked-down web browser that provides a watered down Facebook experience.

First thing to do on an Android is to go under settings/apps/All and disable the privacy parasites such as the facebook apps(4) and google+.

But aren't you doing this AFTER you install the app? Which defies the purpose because by the time you turn it off, all your data is transferred.

You could do it after you install the app but before you login/use it.

Some OEMs include Facebook in their system image.

Anyone knows if the preinstalled FB application sends anything to FB even if you've never used it?

If you are disabling the app in the Applications menu in Settings, the process for that app will not be able launch while disabled, so FB won't be able to collect anything.

Theoretically it could, definitely. I don't know if anyone's done the packet sniffing for it.

Even better, it updates your contact book email addresses to facebook domain ones.

They had to do that for national security purposes, and you know, the children. </sarc>

And yeah, that was very sad. http://news.cnet.com/8301-1023_3-57464415-93/facebook-e-mail...

I never sync Facebook/my contacts, but I do wonder if they steal this info anyway... most likely is my guess, but that's just me being a cynic.

yes, the facebook android app requires about 20 other permissions

on Android, yes

I use iOS, and don't use Facebook, but you can't selectively disallow Facebook access to things like the address book? It's all or nothing?

The lack of fine-grained permissions per app is Android's fault, not Facebook's (not that they aren't benefiting).

Android application manifests means that if even just one user of your app might want to use a feature that requires elevated permissions, your entire app must be given these permissions for all users at installation time.

Which is obviously a huge security issue. What if I want to use the Facebook app but deny it permission to my address book? Not possible out of the box.

E.g. There's a feature to see if any of your phone contacts already have Facebook accounts. To service the potential people that wants this feature to work so they can easily "friend" these people on Facebook, the app must have this permission for everyone who installs it.

Thanks for the reply. I appreciate the info.

It's all or nothing, that's correct. Either you install it and accept it's access conditions or don't install it. A popular mod for Android (CyanogenMod) has an extension to the OS that has a toggle button to block any elected app from accessing personally identifiable information, this includes sending the app (say Facebook) an empty address book when asked, and fake details like IMEI, GPS location etc. It should be part of every mobile OS in my opinion. A feature I'm scared to live without.

I love that feature the most. Every phone and computer should have a feature like that. And permissions should be fine-grained and it should be possible to turn them off.

Yeah I wish desktop OS' had this feature. I suppose we'll be heading there. The ability to not deny but send a blank list is better than the former too. Do you know if CM is doing fine grained? I suppose it would be better of AOSP themselves did it.

It no longer asks for these things on iOS?

iOS doesn't allow access to most of the items listed.

Others are prompt-based and can be disabled/prevented by the user in the iOS privacy settings.



The bigger picture is in terms of Social Network Analysis https://en.wikipedia.org/wiki/Social_network_analysis

and the fact that companies are able to figure out lots of stuff about you even though you never consented to being a part of their service.

Hopefully the next "leak" will be about one of these big companies and what they do with your information.

None of this is unexpected.

If you were making exactly the same service, you would come up with exactly the same evil outcomes.

"Hey, we can upload every contact list in the world with no consent then cluster and cross reference every entry behind the scenes!" Sounds fun to me, especially if you have no sense of societal ethics or boundaries (quintuply so if you firmly believe you're changing the world and everybody else only advances at the pace of your unique genius).

Imagine the graph the NSA can construct about how people are connected throughout the world. facebook probably has close to exactly the same information based solely on voluntary information coughed up by Social Internet Morons. People aren't trained to think about data and relations and how everything can be sewn together, and that puts them at a gross disadvantage when interacting with global megacorps these days.

I think this might be a good example of how to communicate software architecture to non-technical people. It was informative on that level. And by the end, we saw a full-blown process diagram, with even a loop, of Facebook waiting to create a shadow profile.

I wish Facebook fades into oblivion like Myspace.

In my opinion that is highly unlikely.

For one thing, myspace was largely a network of early adopters. Therefore it was not a surprise these people would look for something new soon.

For another thing, "everyone" is on facebook and thus it is not convenient to leave. Most people don't like change after all. We all know how long people stuck with IE6 (and that was just a browser).

I'd say we have 2+ decades of FB ahead of us.

We'll need a replacement for all the pleebs to use.

I fear any replacement will be just as bad.

Use Diaspora.

last year, i - without having a facebook account - tried to get the data facebook might have stored about me through the corresponding EU privacy protection laws. all i got was the answer that they do not compile custom data exports upon request anymore and that i would have login into my facebook account [sic] to any data through some data downloading service...

now i wonder if i should have pestered a bit more, i.e. by demanding the release of the possible stored data (which definitely exists seeing the "please join"-spam from some years ago) in writing through snail mail. anyone had any success with that?

Would you get a lawyer to write the letter? That might be most fruitful.

Title is sensationalist and the article is melodramatic.

In terms of threat-level to privacy, this isn't all that egregious. The term "shadow profile" is not one that Facebook itself espouses, it's just added for flair. Clearly, this is making a lot of noise about something that's actually fairly harmless.

I would place more blame on the people sharing my data with Facebook than I would blame Facebook for "mapping" interpersonal data. It's really not that big a deal people.

I joined Facebook last year and my profile was 80% done and waiting for me to claim it.

It was beyond creepy.

That is creepy. To be fair that 80% metric is something that Facebook has "measured" and told you, and is probably gear to coax people into finishing things that are unfinished. Some smart social engineering.

Oh no... 80% is my own estimate. I even had pictures of me in the gallery.

How did they do this? Facial recognition? Did you create a profile, upload one picture, and they said "these might also be you?" How did it work?

People tagged me on their photos. From there, facial recognition I guess.

I wouldn't really know how else it would happen.

That's why this is still very relevant: http://betabeat.com/2011/12/in-which-eben-moglen-like-legit-...

By merely using Facebook, its users are harming others (i.e. their privacy). And it extends even to those who don't use Facebook themselves.

How does this differ from credit reporting agencies and other forms of legal public spying and data collection?

This kind of practice just makes me aggressive against the company that practices it. It builds negative connotations towards Facebook.

I guess I am the kind of person that is becoming aggressive in general to invasions of privacy, including personalised advertising. In the long run I'm just going to become deliberately blind to it, even extra negative to companies that use such techniques.

As an example, I recently used SkyScanner.net to search for flights. Shortly after I kept being shown ads for the exact flights I searched for on third party sites. Bam, I shall never use skyscanner.net again.

These companies will only learn when it affects their bottom line. Period.

What's a shadow profile? Sounds so sinister.

It's probably just a line in a database with your email address and phone number. It's not like Facebook is actively keeping tabs on people that don't have accounts.

The profile also probably contains a list of all the Facebook users who had you in their contact lists, and all the photos that you were tagged in. Since such information would get updated every time a Facebook user uploaded your contact information or tagged you, I'd say this qualifies as Facebook actively keeping tabs on you.

How do you tag someone if they don't have a Facebook account? AFAIK it's not possible to tag someone with an email address or telephone number?

Certainly you can "tag" someone if they are not on Facebook and not in your friends (of friends) list, but it is then just tagged as text, not associated with an account... maybe I missed an option somewhere...

>it is then just tagged as text, not associated with an account...

Not associated with a non-shadow account.

I would suggest that the noise from associating free-typed tags (subject to spelling errors and without a user account attached) with photos would be way higher than the signal you'd gain. I even have irritating friends that tag people who aren't even present in photos just because they want them to receive a notification about it. All of that is total garbage input to any machine learning model or otherwise.

It'd be easy when editing the tag for the server to say "Does this name match this user in the imported contact list? Yes? Ok, it's most likely that person then."

I have a lot of noise in my contacts list though. Very rarely do I have a surname, mostly it's suffixed with "home", "mbl" or "work" or even city name as surname sometimes. I'm sure a "best guess" would be possible, I'm not sure of anyone that religiously stores first/last name aside from pure business contacts.

With smart phones with keyboards and cloud sync I think more people are starting to. I do now, and have since 2008 when I started using a smart phone. I've noticed more people switch over from short nicknames to full names with easier input. It's easier than going to your contact and saying "who the heck is James?" Now I just keep as much data as possible on each person. That way I also have their address handy, in case I need to mail them something. I've been meaning to start keeping birthdays in there too, so I can get a notification on my phone.

I wouldn't be so sure about that. We know that FB works with third-party companies to track offline purchasing behavior of its users (data which is supposedly anonymized).

So, I wouldn't think it a far leap that Facebook might correlate non-member invitee e-mail addresses with, say, the activities/interests of the inviter. This could be happening right now for all we know, or it could happen in the future. Once they have the data, it's their choice.

Thank god there aren't groups out there that are using Facebooks data to do just that. Then we'd have a real problem on our hands.

and the ties between all the email addresses and phone numbers.

Oh my god, this is it.

I posted a story a while back saying that I receive messages from a FB account created with my email. I suspected that somebody may have made an account with my email by mistake, but FB keeps on sending messages with "you know this guys?" etc, and it's about people I know.

So I had a FB shadow account created, it inferred my email (probably through looking up some of my friends address books on their email), and now it keeps trying to make me join FB with that account.

This is both creepy and scary. Yet, I'll leave it be because it adds to the noise in the data they have.

You need to make sure you mark every single email like this as spam. Eventually, f we all do this, they will be permanently marked as spammers.

Great. So all my effort in an attempt to keep my info off Facebook has not paid off; my friends with Facebook apps have "allowed" Facebook to create a ghost profile for me. Thanks a lot, Facebook!

There was a related HN discussion of the fairly recent security vulnerability where Facebook was giving away information about your friends (a shadow profile with additional info on users who hadn't been the ones to give that info to Facebook) when you requested your extended data download:

Facebook security bug exposed 6 million users' personal information


If there was a browser plugin that would surf some random innocuous crap in the background for me, with an eye to messing up the data scrape, I'd install it. ( Fly fishing? sure. Country Line dancing? OK. Fancy goldfish? sign me up. ) A three for one ratio of random to real would make the data set pretty much crap for advertising purposes.

The only drawback, so far as I see, is wasting bandwidth of sites I don't really visit.

I'm surprised this wasn't widely known. For a couple of years I would get invitations to join Facebook that showed the names and photos of some of my friends (some of who didn't know each other).

My problem now is that somebody tried to create an account with one of my email addresses and even though I didn't confirm the account (and contacted Facebook asking them to delete it) I'm now getting emails from Facebook.

Is this any shadier than a credit bureau aggregating data?

I find this very creepy, but I think that fundamentally, the idea that my contact info isn't mine, once it's "public", is correct.

What if that info became "public" because it was conned out of one of your friends, a friend hypothetically fully aware of your distaste for facebook and also someone who would never put any of your info into it consciously, when that friend allowed facebook to access their email/phone contact list to find people on facebook that they knew?

Well, right, which to me points out that we have to learn to cope with the difference between "private" and "public" being fuzzy.

I really don't see how this is an issue. Your friends have access to your contact information. When the delegate that access to Facebook, of course Facebook would log in. In fact, I've implemented systems similar to this in any number of apps—it helps to improve the onboarding experience of future users, and honestly isn't giving up any information which wasn't voluntarily shared.

aha! there is the term I have been looking for all along, "shadow profile"!. I just knew there was something going on in the back ends that seems to keep me connected even when I was not even connected. Sadly, they (FB) are not the only ones who keep this information around, building up your profile with crumbs left by others. The problem is that we are interconnected and while we can be friends with people who respect our privacy and do not opt in to allow "contacts access" in all apps they install, they themselves may not have friends who think the same. Therefore, you are talking about your friends' friends allowing access to their contacts, which in turn probably exposes you as well and this probability just keeps on increasing with the number of friends/acquaintances you have. It almost seems useless to try to avoid it, but we can hopefully at least push for way to have our shadow profiles cleared completely when requested - by law.

It happened to me before I created an account on facebook, that there was a profile with my name but the photo was of another guy.

Later I googled "him" (or myself) but found nothing except that photo about "him", it is really weird.

Some of my friends already had facebook accounts, so maybe it has something to do with this, maybe it was my not-so-invisible profile...

Most probably it was just another guy who happens to have the same name that you have. And if this person has never published anything to the web, he won't show up on a Google search.

I thoght that too, but is really strange that he has the same photo five or seven years later.

Could Facebook be storing the email addresses/phone numbers in hashed form? They should not need to hold onto the cleartext one, and if it's hashed, there's no temptation (or danger) of it being used to send unsolicited emails.

I'm wondering... If someone requests his data of facebook without him having a facebook account.

Facebook has to give him all the information they have about him, right?

So, i have facebook :-S, who will request their data.

PS. I see a class action lawsuit coming up:)

Pinterest and Twitter too. It has gained some mainstream attention recently, I remembering seeing it in the New York Times within the past month.

Doesn't LinkedIn do this too?

Yeah, no shit.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact