While it is buried in the article, an interesting data point that I noticed as a former alum of the team is that the FB security team has apparently been picked apart and divided up between the prod and infra orgs. Being able to stand apart from these two massively powerful entities within FB and tell them when they were screwing up had been one of the moderating influences between the desire of the prod team for 'increase engagement, fuck privacy', and the desire of the infra team for 'move fast, screw safety.' This will not end well...
It also relieves Facebook of any sufficiently necessary capability to surveil, centralize, and manage risk.
Given the firm's susceptibility to GDPR and its newfound position under the microscope of a series of international criminal and counter intelligence investigations, this would seem objectively to be the wrong move.
