Category Archives: Facebook

Officials Want Facebook to Halt End-to-End Encryption Plans

BuzzFeed News reported that officials from the United States, the United Kingdom, and Australia are set to publish an open letter to Facebook CEO Mark Zuckerberg. The officials do not want Facebook to enact end-to-end encryption across its messaging services. The text of the open letter is in the BuzzFeed News article.

The letter is signed by U.S. Attorney General Bill Barr, acting U.S. Homeland Security Secretary Kevin McAleenan, UK Home Secretary Priti Patel, and Australian Minister for Home Affairs Peter Dutton. The letter, as BuzzFeed News puts it, “raises concerns that Facebook’s plan to build end-to-end encryption into its messaging apps will prevent law enforcement agencies from finding illegal activity conducted through Facebook, including child sexual exploitation, terrorism, and election meddling.”

The officials want Facebook to “prioritize public safety” in designing its encryption by enabling law enforcement to gain access to illegal content in a manageable format and by consulting with local governments ahead of time to ensure the changes will allow this access.

In short, Facebook is being pressured to allow law enforcement to spy on the messages sent and received by users of Facebook Messenger, WhatsApp, and Instagram. Much of the wording of the letter indicates that the purpose of this is to enable law enforcement to catch people who are grooming or trafficking children. But, the letter doesn’t say anything about the limitations that various governments would have regarding what they can snoop on. Nothing is said about requiring a warrant before accessing the information.

Personally, I find this sketchy. If Facebook decides to succumb to the bidding of these world leaders, they will be opening a Pandora’s Box that they will not be able to reverse. Once a big social media site allows law enforcement to indiscriminately spy on users – there is nothing that will stop it from happening.

Facebook Removed Tens of Thousands of Apps

Facebook announced an update on their ongoing App Developer Investigation. It began in March of 2018, in response to the Cambridge Analytica scandal.

Our App Developer Investigation is by no means finished. But there is meaningful progress to report so far. To date, this investigation has addressed millions of apps. Of those, tens of thousands have been suspended for a variety of reasons while we continue to investigate.

Facebook points out that the apps that were suspended are associated with about 400 developers. Many were still in the testing phase when Facebook suspended them. In many cases, the developers of the apps that were suspended did not respond to Facebook’s request for information.

In addition, Facebook banned some apps. The reasons for doing so include inappropriately sharing data obtained from Facebook, “or something else that was in clear violation of” Facebook’s policies.

Facebook banned an app called myPersonality because it shared information with researchers and companies with only limited protections in place, and because it refused Facebook’s request to participate in an audit.

I’ve long been suspicious of personality apps that entice people to give up a lot information in order to supposedly learn more about themselves. What is the app developer doing with all that data? I also stay away from the things that go around on social media that ask people to answer questions about themselves. To me, it feels like whomever started it is hoping to harvest data for unknown purposes.

Facebook has also some lawsuits. One is against Rankwave, a South Korean data analytics company that failed to cooperate with Facebook’s investigation. Another is an action against LionMobi and JediMobi, whom Facebook says “used their apps to infect users’ phones with malware in a profit-generating scheme.” A third case is against two Ukrainian men who used quiz apps to scrape users’ data off of Facebook’s platform.

NY Attorney General Announced Facebook Antitrust Investigation

New York Attorney General Letitia James confirmed that she is leading the bipartisan coalition investigating Facebook for antitrust issues. Her statement said:

Even the largest social media platform in the world must follow the law and respect consumers. I am proud to be leading a bipartisan coalition of attorneys general in investigating whether Facebook has stifled competition and put users at risk. We will use every investigative tool at our disposal to determine whether Facebook’s actions may have endangered consumer data, reduced the quality of consumers’ choices, or increased the price of advertising.

The bipartisan coalition includes the attorneys general from Colorado, Florida, Iowa, Nebraska, North Carolina, Ohio, Tennessee, and the District of Columbia. The focus of the investigation is Facebook’s dominance in the industry and the potential anticompetitive conduct stemming from that dominance.

CNBC reported that Facebook is already facing a separate investigation by the Federal Trade Commission over antitrust concerns. Facebook confirmed that in its quarterly report in July. That announcement came on the same day the FTC announced its $5 billion settlement with Facebook over its privacy policies.

Personally, I think Facebook could have avoided being the subject of multiple investigations into its practices if it had, right from the start, put protecting the privacy of its users as its top priority. It may also have saved itself from some antitrust investigations if didn’t do things such as purchase Instagram and WhatsApp (and the user data that came with them).

Facebook Launched Facebook Dating in the U.S.

Facebook has launched Facebook Dating in the United States. This comes after the initial launch of Facebook Dating in Colombia in 2018. Do you really trust Facebook to keep your dating data private?

Today, we’re launching Facebook Dating in the US We’re also giving people the ability to integrate their Instagram posts directly into their Facebook Dating profile and giving people the ability to add Instagram followers to their Secret Crush lists, in addition to Facebook friends. By the end of the year, we’ll make it possible to add Facebook and Instagram Stories to your Dating profile too.

Those who are interested can choose to opt into Facebook Dating and create a Dating profile that is separate from their main Facebook profile. You must be 18 years of age or older, and have downloaded the most recent version of Facebook. It is possible to block or report anyone on Facebook Dating and prohibit people from sending photos, links, payments, or videos in messages.

If you are interested in someone, you can comment directly on their Facebook Dating profile or tap on the Like button to let them know. If you aren’t interested in someone, you can pass on them.

Some of the functionality of Facebook Dating sounds questionable to me. For example, Facebook says you will be suggested to others who also have opted in to Facebook Dating based on your preferences, interests, and other things you do on Facebook. That means Facebook is using the data they gather about you in order to suggest potential dates. I am hoping the data gathering algorithm is smart enough to not select relatives of the person using the dating app.

Facebook says that Facebook Dating allows you to match with friends of friends and/or people not in your friend circle. It reportedly won’t match you with friends unless you use the Secret Crush feature to add a friend to your list, and that friend also adds you to their Secret Crush list. In other words, if you don’t want to date any of your Facebook friends – don’t add them to Secret Crush.

Another claim Facebook makes is that all of your Facebook Dating activity will stay in Facebook Dating, and won’t be shared to the rest of your Facebook. But, that seems misleading because Facebook knows who your friends are, and knows when you add a friend to the Secret Crush feature. There is some background overlap going on there.

In addition, Facebook Dating lets you connect with people on Instagram, which means your Instagram data may be commingled with your Facebook data if you use Facebook Dating. Maybe it already is. The issue is that you will end up with all your Facebook friends, and Instagram friends, having the option to try and date you.

Personally, I think the biggest reason Facebook wants to connect Instagram to Facebook dating is to try and convince more people to make Instagram Stories. Those can be added to your dating profile.

Facebook Removed Coordinated Inauthentic Behavior from China

Facebook has removed seven Pages, three Groups, and five Facebook accounts involved in coordinated inauthentic behavior as part of a small network that originated in China and focused on Hong Kong.

Facebook took these actions based on a tip shared by Twitter about activity they found on their platform. This led to Facebook doing its own investigation into suspected coordinated inauthentic behavior in the region and to identify activity.

The individuals behind this campaign engaged in a number of deceptive tactics, including the use of fake accounts – some of which had already been disabled by our automated systems – to manage Pages posing as news organizations, posts in Groups, disseminate their content, and also drive people to off-platform news sites. They frequently posted about local political news and issues including topics like the ongoing protests in Hong Kong. Although the people behind this activity attempted to conceal their identities, our investigation found links to individuals associated with the Chinese government.

Facebook released the following details:

  • Presence on Facebook: 5 Facebook accounts, 7 Pages and 3 Groups
  • Followers: About 15,500 accounts followed one or more of these Pages and about 2,220 accounts joined at least one of these Groups.

Facebook points out that they work to detect and stop this type of activity because they don’t want their services to be used to manipulate people. Facebook also makes it clear they took down these Pages, Groups, and accounts “based on their behavior, not the content they posted”. Personally, I’m not sure how one would separate the content from the behavior. Perhaps this is a disclaimer, of sorts, from Facebook.

Facebook also said the people behind this activity “coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis of our action.”

It find it interesting that a tip from Twitter is what influenced Facebook to do their own investigation. I don’t think I’ve seen the big social media companies work together in this way before. It seems to me that the results were effective.

Facebook Wants to Keep Private Groups Safe

Facebook announced some changes that are designed to keep people safe within Facebook Groups. In part, Facebook will hold Group admins accountable for what is posted in their group.

Facebook says one way they keep people safe is by proactively identifying and removing posts and groups that break their rules. Facebook has been using AI and machine learning “to proactively detect bad content before anyone reports it, and sometimes before people even see it.”. It also uses human moderators.

Facebook has created new Group Privacy settings:

By default, a group that was formerly “secret” will now be “private” and “hidden”. A group that was formerly “closed” will now be “private” and “visible”. Groups that are “public” will remain “public” and “visible”.

Here are some factors Facebook considers when deciding if a Group should come down:

  • Does the name or description of the group include hate speech or other content Facebook doesn’t allow?
  • If group leaders often break Facebook’s rules, or if they commonly approve posts from other members who break Facebook’s rules, those are clear strikes against the overall group.
  • If a group member repeatedly violates Facebook’s standards, Facebook will start requiring admins to review their posts before anyone else can see them. Then, if an admin approves a post that breaks Facebook’s rules, it will count against the whole group.

It sounds like people who participate in Groups on Facebook really need to choose wisely when selecting admins. Facebook’s emphasis that their rules apply within Groups is likely going to deter those who have been de-platformed from other online spaces. I guess that’s one way to help keep people safe in Private Groups.

FTC Fines Facebook $5 Billion and Imposes New Privacy Policy

The Federal Trade Commission (FTC) announced that it has imposed a historic penalty $5 billion penalty and significant requirements on Facebook to boost accountability and transparency.

Facebook Inc. will pay a record-breaking $5 billion penalty, and submit to new restrictions and a modified corporate structure that will hold the company accountable for the decisions it makes about its user’s privacy to settle Federal Trade Commission charges that the company violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information.

The FTC states that the $5 billion penalty against Facebook is the largest ever imposed on any company for violating consumers’ privacy and almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide. It is one of the largest penalties ever assessed by the U.S. government for any violation.

The Department of Justice will file a complaint on behalf of the FTC alleging that Facebook repeatedly used deceptive disclosures and settings to undermine users’ privacy preferences in violation of its 2012 FTC order. These tactics allowed Facebook to share users’ personal information with third-party apps that were downloaded by Facebook “friends”. The FTC alleges that many were unaware that Facebook was sharing such information, and therefore did not take the steps needed to opt-out of sharing.

The FTC has also sued Cambridge Analytica, its former Chief Executive Officer Alexander Nix, and Aleksandr Kogan, an app developer who worked with the company, alleging they used false and deceptive tactics to harvest personal information from millions of Facebook users. Kogan and Nix have agreed to a settlement with the FTC that will restrict how they conduct any business in the future.

The FTC’s new 20-year settlement order with Facebook establishes an independent privacy committee of Facebook’s board of directors, “removing unfettered control by Facebook’s CEO Mark Zuckerberg over decisions affecting user privacy”. Members of the privacy committee will be independent and appointed by an independent nomination committee. Members can only be fired by a supermajority of the Facebook board of directors.

Facebook must designate compliance officers who will be responsible for Facebook’s privacy program. These officers are subject to the approval of the new board privacy committee and can only be removed by that committee. An independent third-party assessor will evaluate the effectiveness of Facebook’s privacy program and identify any gaps.

Facebook’s order-mandated privacy program also covers WhatsApp and Instagram. Facebook must conduct a privacy review of every new or modified product, service, or practice before it is implemented and document its decisions about user privacy. Facebook must share that with the CEO of the independent assessor and the FTC.

Other requirements include:

  • Facebook must exercise greater oversight over third-party apps, including by terminating app developers that fail to certify that they are in compliance with Facebook’s platform policies or fail to justify their need for specific user data
  • Facebook is prohibited from using telephone numbers obtained to enable a security feature (e.g. two-factor authentication) for advertising
  • Facebook must provide clear and conspicuous notice of its use of facial recognition technology, and obtain affirmative express user consent prior to any use that materially exceeds its prior disclosures to users
  • Facebook must establish, implement, and maintain a comprehensive data security program
  • Facebook must encrypt user passwords and regularly scan to detect whether any passwords are stored in plaintext
  • Facebook is prohibited from asking for email passwords to other services when consumers sign up for its services