Category Archives: Facebook

The New York Times and Facebook Appear to Be Arguing

On November 14, 2018, The New York Times posted a lengthy article titled: “Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis”. Facebook responded on November 15, 2018, with a post of its own, titled “New York Times Update.” Later that day, The New York Times posted an article titled: “Facebook Cuts Ties with Definers Public Affairs Following Outcry.”

One thing that seems consistent between the posts from The New York Times and the Facebook response post is that Facebook ended its contract with Definers Public Affairs the day after The New York Times article was published. Definers is a Washington-based consultant that Facebook started working with in October 2017.

Both The New York Times and Facebook posts indicate that Facebook feels that Tim Cook, Chief Executive Officer of Apple, Inc., has criticized Facebook. In its post, Facebook said it has encouraged its employees and executives to use Android. Personally, I don’t care what kind of phone Facebook workers use.

To me, it appears that Facebook and The New York Times are arguing with each other. I’m having difficulty finding reasons to care about this kerfuffle. It feels like a lot of drama about events that have already happened. The damage has already been done.

I’ve grown tired of the back-and-forth between news media and social media. It feels like both sides are doing little more than providing fuel for those who enjoy being outraged.

Facebook Removed Additional Coordinated Inauthentic Behavior

Facebook announced that it removed 82 Pages, Groups and accounts “for coordinated inauthentic behavior that originated in Iran and targeted people in the US and UK”. This follows Facebook’s previous removal of 559 Pages and 251 accounts “that have consistently broken our rules against spam and inauthentic behavior”.

To me, it sounds like Facebook is actually taking action to clean itself up by removing those who are there to cause trouble. In a post written by Facebook’s head of Cybersecurity Policy, Nathaniel Gleicher, said:

This morning we removed 82 Pages, Groups and accounts for coordinated inauthentic behavior that originated in Iran and targeted people in the US and UK. The Page administrators and account owners typically represented themselves as US citizens, or in a few cases UK citizens – and they posted about politically charged topics such as race relations, opposition to the President, and immigration. Despite attempts to hide their true identities, a manual review of these accounts linked their activity to Iran. We also identified some overlap with the Iranian accounts and Pages we removed in August.

Nathaniel Gleicher also stated that Facebook shared the information with US and UK government officials, US law enforcement, Congress, other technology companies and the Atlantic Council’s Digital Forensic Research Lab. In addition, Facebook has an Elections War Room with teams that identify, investigate, and evaluate a problem and then take action to stop it.

This sharing of information reminds me of the recent sharing between BuzzFeed and Google, after a BuzzFeed investigation about a fraud scheme that involved more than 125 Android apps and websites.

Perhaps the way to clean up the internet, and make it a more authentic place to visit, is for those who find nefarious activity to share it with everyone else. It would make it harder for bad actors to continually spread misinformation in an effort to promote divisiveness.

Image from Pexels

Facebook Fined For Cambridge Analytica Fiasco

The UK’s Information Commissioner’s Office (ICO) has fined Facebook GB£500,000 for data breaches relating to the Cambridge Analytica scandal. That’s about  US$650,000. The ICO’s investigation into the activities of Facebook is highly critical of Facebook’s laissez-faire approach to user’s data.

For seven years, Facebook failed to stop application developers taking users’ information without informed consent, and allowed capture of the information even when people were only friends with others who had downloaded particular apps. For example, person A would download a survey app to their phone or tablet which then needed Facebook credentials and permissions to proceed. Once he or she had given access, the survey app then collected data on all their Facebook friends without the agreement of the friends.

Using this loophole, one app developer gathered the Facebook data of up to 87 million people worldwide despite only a small fraction of these downloading the app. Part of this data was subsequently shared with other organisations, particulary SCL Group, the parent company of Cambridge Analytica.

The ICO was also scathing about Facebook’s response after the abuse of friend data was uncovered in late 2015, noting that it failed to ensure that data was deleted and didn’t kick SCL off Facebook until 2018.

Elizabeth Denham, Information Commissioner, said “Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better.”

The £500,000 fine is the maximum penalty under the previous regulations and had the offence occurred under the GDPR framework, the fine would have been much higher. The Commissioner went on, “We considered these contraventions to be so serious we imposed the maximum penalty under the previous legislation. The fine would inevitably have been significantly higher under the GDPR. One of our main motivations for taking enforcement action is to drive meaningful change in how organisations handle people’s personal data.”

In a week where Apple’s CEO called for GDPR-style regulations in the US, there’s a clear need for greater regulation of social media organisations and the world-wide protection of people’s information.

Camera image by Paweł Czerwiński on Unsplash

Facebook Portal Will Spy On You After All

As reported by Recode, and with a small dose of “Told you so“, Facebook has clarified that it will spy on you using its new Portal devices after all.

In an email sent to Recode, Facebook said, “Portal voice calling is built on the Messenger infrastructure, so when you make a video call on Portal, we collect the same types of information (i.e. usage data such as length of calls, frequency of calls) that we collect on other Messenger-enabled devices. We may use this information to inform the ads we show you across our platforms. Other general usage data, such as aggregate usage of apps, etc., may also feed into the information that we use to serve ads.

I don’t have to put up with this kind of privacy abuse when I use my landline or my smartphone to make a voice call. Why should it be acceptable at all just because it’s a video call?

Imagine I phoned a retailer using their toll-free number and then I was phoned a few days later by a competitor, perhaps offering a discount. The phone company had sold my phone number to the competitor on the basis of the original call. Now, I’m fairly sure that would be flat out illegal in most countries – I’m not a lawyer but I’m pretty sure in Europe the GDPR regulations would stop that – but here we are with Facebook potentially showing us ads on the basis of who we talk to. This is just wrong, wrong, wrong.

I am increasingly of the opinion that these social media giants need regulation to ensure our rights are maintained. Keeping private both conversations, and the data about conversations, would be a very good place to start.

Facebook Says Private Information was Stolen

Facebook revealed more information about the security issue that affected the privacy of many Facebook user’s information. The update provided by Facebook includes unsettling news.

Facebook now says that out of the 50 million people whose access tokens were affected by the security issue, they believe that about 30 million people actually had their tokens stolen. I’m not sure if Facebook thought this news would be reassuring – but it obviously isn’t. The additional details provided by Facebook aren’t good news, either.

For 15 million people, attackers accessed two sets of information – name and contact details (phone number, email, or both, depending on what people had in their profiles). For 14 million people, the attackers accessed the same two sets of information, as well as other details people had on their profiles.

The “other details” included information such as: username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.

Facebook also said for 1 million people who were affected by the data breach, “the attackers did not access any information”.

This is a very big deal! Some of the information that was stolen is used in security questions on things like bank accounts, credit cards, and to access a person’s health information. Facebook can’t fix this. Personally, I would not be surprised if this awful situation results in a massive number of people deleting their Facebook accounts.

Image from Pixabay

Facebook Removed Multiple Pages and Accounts for Political Spam

Facebook announced today that it removed 559 Pages and 251 accounts “that have consistently broken our rules against spam and coordinated inauthentic behavior”. The post was written by Facebook’s Head of Cybersecurity Policy Nathaniel Gleicher and Project Manager Oscar Rodriguez.

The behaviors that caused Facebook to remove 559 Pages and 251 accounts are not new. Facebook says that this type of spam is often used to “hawk fraudulent products like fake sunglasses or weight loss ‘remedies’.” It can also be celebrity gossip.

Today, Facebook says it is seeing these networks “increasingly use sensational political content – regardless of its political slant – to build an audience and drive traffic to their websites, earning money for every visitor to the site.” Facebook pointed out:

This is why it’s so important we look at these actors’ behavior – such as whether they’re using fake accounts or repeatedly posting spam – rather than their content when deciding which of these accounts, Pages, or Groups to remove.

Facebook has every right to remove Pages and accounts that violate their rules. Personally, I think Facebook could have made more of an impact if they removed the spammers earlier, instead of a few weeks before the United States midterm elections. The damage caused by spreading misinformation has already been done.

It’s good that Facebook attempted to clarify that the Pages and accounts were removed because of their behaviors. Even so, I believe there will be individuals who spend today filling their social media accounts with accusations that Facebook is biased against their preferred political party.

Facebook Opens the Door to your Home with Portal

Facebook today announced its entry into the video calling market with Portal.
Facebook today announced its entry into your home…

With two models in the range, the smaller Portal goes up against the Echo Show, and a larger Portal+ brings a new form factor to the market. The former has a landscape 10″ screen with the latter plus model rocking a 15.6″ screen that rotates between landscape and portrait orientations.

Facebook’s track record in hardware isn’t great. Remember the Facebook phone, aka HTC First? No, you probably don’t so it’s good to see that both devices are well-designed and look a whole pile better than the original Show.

Having said that, they don’t actually do much other than video chat and media, such as Spotify and displaying photos from Facebook. Amazingly, there’s no Facebook app itself. Amazon’s Alexa is built-in, so all her skills are available to make up for some of the deficit. Friends and family don’t need another Portal to chat and can use Facebook Messenger to take the call.

Facebook goes to great pains to emphasise “privacy by design” and that the camera and microphone can be turned off. Facebook assures us that “Facebook doesn’t listen to, view or keep the contents of your Portal video calls. Your conversations stay between you and the people you’re calling.” I still don’t trust Facebook and this device is in your home listening (“Hey Portal”) all the time.

Facebook goes on to say, “For added security, Smart Camera uses AI technology that runs locally on Portal, not on Facebook servers. Portal’s camera does not use facial recognition and does not identify who you are.” If you are reassured by this, good for you. If not, there is a button on the top of the unit which, when pressed, will physically disconnect the microphone and camera.

Let’s not forget Facebook has a very poor track record on security and the abuse of personal information. Where shall we start?
Cambridge Analytica
50 Million Accounts Breached
Using 2FA phone numbers for advertising

I think Facebook have made a mistake, pairing the Facebook brand with Portal. My advice would have been to do “Portal from WhatsApp” and majored on the security features of WhatsApp and end-to-end encryption. Facebook might own WhatsApp, but I would have had far fewer concerns if Portal had come from the WhatsApp team.

If you want buy one, pre-orders are open with the Portal is priced at US$199 and the Portal+ comes in at $349. There’s a special offer on buying two Portals with $100 off. Pre-order here with deliveries expected in November. US only at the moment.