Being opt-in and getting compensated are the two things I've seen people want from usage of their data. No one should have an issue with this since it does both.
I harbor serious doubts that most of the 'volunteers' here know exactly what it is they're providing -- the sign-up sheet probably didn't say "we will know very specifically your porn-watching habits" e.g.
I think that this is a fairly common when it comes to technology. The terms and conditions seem reasonable ("we collect some data to provide more relevant ads"), but when you look a bit more closely they build a personal file that contains who you communicate (email/text/call) with and how often, where you go, what you buy, which websites you visit, which videos you watch, etc to the extent that they are able. My mother is very smart, well-educated (she has a PhD), and relatively tech savvy (she works in scientific computing), but she was still floored when I told her about some of the tracking Facebook and Google perform. Google recording her location (which she technically agreed to, but did not realize) was enough that she asked me to help her migrate away from Gmail. She probably would have managed without my assistance, but the barrier would have been much higher.
"We will hold logs of you saying awful things to your girlfriend as you're breaking up in a file on you for the next 50 years" is more accurate. Privacy nihilism comes either from a lack of imagination, or a lack of perceived power.
It was open to adults as well, but yes. However, they had no duty to specifically enumerate that particular case anyway lol. And technically that is a crime under US law to distribute porn to minors, but its not a crime for the users to view it, so if they connect to a website intended for and operating in another country without such laws, there is no legal issue.
While I'm generally all for opt-in and free decision making I think some lines should only be crossed in special circumstances. Similarly to medical procedures that are only legal if the patient is very clearly informed about all potential risks (and that includes even those risks that are really not that probable) by an actual human being and not by just clicking on a button. In the case of Facebook they would in my opinion need to state very clearly that there is an albeit small risk of a breach and all collected data could be made public ("for example you employer might suddenly know which porn websites you are visiting or what people you have googled")
Big opt-ins require big explaining because people can only truly make free decisions if there is an actual effort to inform them about what is happening.
Edit: so maybe this is a bit extreme because I realize that this might similarly apply to (for example) phone manufacturers. I still think that actually analysing the traffic is a bigger risk than simply providing the phone/browser to generate the traffic because of the centralized target that is Facebook.
Regardless of whether Facebook was also trying to deceive users specifically—which we'll never know—they likely wanted to deceive Apple. I'm not going to blame any developer for attempting to bypass Apple's stupid restrictions.
Using intermediaries also allowed Facebook to technically not violate Apple's enterprise certificate contract (because the intermediaries were in violation instead).
> Using intermediaries also allowed Facebook to technically not violate Apple's enterprise certificate contract (because the intermediaries were in violation instead).
I actually though they would have done that, but it used the regular "iPhone Distribution: Facebook, Inc. (In-House)" cert, they didn't even create a shell entity and get a new one. Reports say Apple has revoked this cert, breaking all internal (legitimate) apps and possibly creating quite a bit of chaos for internal ops.{1} Their separate Apple Developer Program organization account, used to deploy TestFlight public and private betas and App Store apps, as well as local deployment to a small number of devices without Apple involvement for development testing, is not affected.
The intermediaries may or may not face consequences if they have separate agreements with Apple, but they did not use any Apple products to do their part and have not violated anything with Apple.
This is a massive overreach. I would be pretty shocked if the people involved in this "research program" truly understood just how much access to their private data they were granting Facebook.
Maybe there wouldn't be an issue if they were being 100% transparent and explicit about what information they are collecting and how it will be used. However, the article seems to paint a fairly compelling picture that FB is not acting in good faith.
The fact that they're targeting kids makes it that much more unethical.
It depends very much on what users are told they are signing up for. The ad in the article says a "paid social media research study", which couldn't be more vague compared to the level of access Facebook are granted through the root certificate.
Plus, the deliberate targeting of children that won't know better. And asking people to upload their Amazon order history! Pretty scummy.
> No one should have an issue with this since it does both.
Surely there's something to be said about age. There's a reason 14-year-olds can't enter into a legally binding contract.
Besides this, there's also the issue of how clear it is that the app is collecting private data. The article says:
"Facebook first got into the data-sniffing business when it acquired Onavo for around $120 million in 2014. The VPN app helped users track and minimize their mobile data plan usage, but also gave Facebook deep analytics about what other apps they were using."
which seems a lot like Facebook luring users into giving them their data without the users' knowledge.
Yeah.. these are minors though. It may not be illegal explicitly but the fact that they are minors feels different than the perspective of an enlightened bargain.
Come on. Facebook and twitter APIs are so restricted you can't even build a usable alternative client (look at all twitter clients that we had a few years ago, they are all gone now).
Facebook won't even let you read public events through their API anymore, public events created by businesses that want the public to attend, that are visible to anyone even if they're not logged in, that are easily searchable through Google.
But that's probably because the same day they removed that events API, they launched the Facebook Local app that shows all the events around you. Can't have anyone competing with your app.
You have to give Facebook a copy of your ID, your SSN and wait for them to snail-mail you a code before you can get as far as Vice did. There's nothing friction-less about it.
Well normal ads you do not need to do any of that, you just need to have an account and a credit card. But yes for political ads you are supposed to go through their "Identity Confirmation and Authorization" process https://www.facebook.com/business/m/one-sheeters/ads-with-po...
And apparently, after you do that, you can post as whomever you want. Maybe you'll have a little personal liability (after the election, if someone can find any law enforcement that actually cares), but thats what the campaign war chest is for.
It’s even worse: many people are demanding Facebook monitor Messenger chats for abuses in Mayanmar while at the same time not wanting Facebook to monitor Messenger chats. This is just a perfect example of constant catch-22s I see in people’s expectations of tech companies. You can’t expect Facebook to both not monitor chat messages AND prevent chat messages that do harm. You can have one or the other.
This is the doublethink the most people like to indulge in. The free speech I like must be protected at all cost and that I do not like should be handled via glib statements: 'free speech is not free reach', 'private companies are not obliged to give platform to anyone' and so on.
> You can’t expect Facebook to both not monitor chat messages AND prevent chat messages that do harm.
Not monitor, or not use for advertising targeting?
I'm fine with spam/malware/virus prevention in my Messenger or Gmail. I'm not enormously comfortable getting an ad for baby clothes after I send a private message to someone that I'm pregnant.
Most founders of major acquisitions leave after a year or two. The founders of Instagram and WhatsApp were at Facebook for more than 5+ years. That's very rare.
That already exists. If you click the menu icon next to an ad on Facebook you can select "Why am I seeing this?". You can also see all the advertisers who have targeted you on https://www.facebook.com/ads/preferences/.
It's kinda useless, though. They give you the most general of the targeting - all mine say stuff like "men in the United States" when they've clearly got additional very specific stuff enabled.
So, as an example, I just got an ad for a "personalized women's fashion" retailer (I'm male, and Facebook knows that for certain), that stated "You're seeing this ad because eShakti wants to reach people aged 23 to 56 who live or have recently been in the United States. This is information based on your Facebook profile and where you've connected to the Internet."
Now, I'm fairly certain that they're not casting that wide a net. Those filters may be in their targeting specs, but I can guarantee you there are more specific than that, especially as it started showing up after my wife went looking for women's dresses recently.
Background check companies that do employment reference verification checks for employers
All three credit reporting companies have employment history products. So for example if your rental application includes your current and/or past employers, those will end up permanently with the credit reporting agency.
Plus others. Basically anyone that gets your employment info will sell it since as far as I'm aware it is not protected in the same way your credit history is.
Favebook’s policy for not giving information to family members came out of situations where the decreased was not on good terms with their family. When to give out information and to whom are not obvious or easy decisions when you have a billion users.
This. It is hard to imagine a situation in which providing information on the identity of person who requested the removal of a dead person's profile to an aggrieved party is going to result in anything other than the harassment of that person. Especially in circumstances like this when that person may well have felt they were acting reasonably, and does not appear to have committed any actual criminal or civil offence.
Facebook's responsibility to not promote the harassment of its users exceeds its responsibility to provide details of why they carried out a request.
Additionally, Facebook had some reason to believe that even if they wanted to doxx that person, disclosing their communication to a third party without that person's own permission may have been a breach of UK/EU data protection laws
Thank you! Amount of insane comments here is deeply disturbing.
Deceased person could have "secret" lover whom he was going to marry. He could have secret son who had more right to decide what to do with the page than anyone else.
He wasn't married to person who harassed Facebook. He could have relations with dozen other women all of whom asked fb to erase all history of it including messages and photos. Grieving person might try to demand restoring profile and giving her access to it so she could identify them and make their life living hell. Yes this might sound farfetched and a little bit insane but stories like this really happen all over the globe thousands time a day.
Its easy to agree with fb here especially because "widow" couldn't possibly do anything good with requested information.
As I already wrote: Nobody (reasonable) asks them to do anything other than TALK. If that is the issue, then say so! Of course, they would also have to provide a way out if the issue can be shown to be invalid.
I don't want my scumbag parents or extended family getting information about who is carrying out my affairs from random companies after I die. There's a reason why I'm planning on writing a will to specifically exclude them from any sort of inheritance if my husband and I died together.
Plus these were unmarried partners!! Unlike spouses, unmarried partners have no legal standing as next of kin in most of the world.
