Google

Who Has More of Your Personal Data Than Facebook? Try Google (wsj.com) 35

Facebook may be in the hot seat right now for its collection of personal data without our knowledge or explicit consent, but as The Wall Street Journal points out, "Google is a far bigger threat by many measures: the volume of information it gathers, the reach of its tracking and the time people spend on its sites and apps." From the report (alternative source): It's likely that Google has shadow profiles (data the company gathers on people without accounts) on as at least as many people as Facebook does, says Chandler Givens, CEO of TrackOff, which develops software to fight identity theft. Google allows everyone, whether they have a Google account or not, to opt out of its ad targeting, though, like Facebook, it continues to gather your data. Google Analytics is far and away the web's most dominant analytics platform. Used on the sites of about half of the biggest companies in the U.S., it has a total reach of 30 million to 50 million sites. Google Analytics tracks you whether or not you are logged in. Meanwhile, the billion-plus people who have Google accounts are tracked in even more ways. In 2016, Google changed its terms of service, allowing it to merge its massive trove of tracking and advertising data with the personally identifiable information from our Google accounts.

Google uses, among other things, our browsing and search history, apps we've installed, demographics like age and gender and, from its own analytics and other sources, where we've shopped in the real world. Google says it doesn't use information from "sensitive categories" such as race, religion, sexual orientation or health. Because it relies on cross-device tracking, it can spot logged-in users no matter which device they're on. Google fuels even more data harvesting through its dominant ad marketplaces. There are up to 4,000 data brokers in the U.S., and collectively they know everything about us we might otherwise prefer they didn't -- whether we're pregnant, divorced or trying to lose weight. Google works with some of these brokers directly but the company says it vets them to prevent targeting based on sensitive information. Google also is the biggest enabler of data harvesting, through the world's two billion active Android mobile devices.

Facebook

Silicon Valley Investors Wants to Fund a 'Good For Society' Facebook Replacement (calacanis.com) 196

Silicon Valley angel investor Jason Calacanis just announced the "Openbook Challenge," a competition to create a replacement for Facebook.

"Over the next three months, 20 finalists will compete for seven $100,000 incubator grants," explains long-time Slashdot reader reifman. "Their goal is to find startups with a sustainable business model e.g. subscriptions, reasonable advertising, cryptocurrency. etc. And they want it to be 'good for society.'"

Jason Calacanis writes: All community and social products on the internet have had their era, from AOL to MySpace, and typically they're not shut down by the government -- they're slowly replaced by better products. So, let's start the process of replacing Facebook... We already have two dozen quality teams cranking on projects and we hope to get to 100...

This is not an idea or business plan competition. We're looking for teams that can actually build a better social network, and we'll be judging teams primarily based upon their ability to execute... Keep in mind, that while ideas really matter, Zuckerberg has shown us, execution matters more.

Calacanis has even created a discussion group for the competition...on Facebook. And his announcement includes a famous quote from Mark Zuckerberg.

"Don't be too proud to copy."
Facebook

NYT: Lynchings Around the World are Linked To Facebook Posts (bostonglobe.com) 157

An anonymous reader quotes the New York Times: Riots and lynchings around the world have been linked to misinformation and hate speech on Facebook, which pushes whatever content keeps users on the site longest -- a potentially damaging practice in countries with weak institutions and histories of social instability. Time and again, communal hatreds overrun the newsfeed unchecked as local media are displaced by Facebook and governments find themselves with little leverage over the company. Some users, energized by hate speech and misinformation, plot real-world attacks.

A reconstruction of Sri Lanka's descent into violence, based on interviews with officials, victims and ordinary users caught up in online anger, found that Facebook's newsfeed played a central role in nearly every step from rumor to killing. Facebook officials, they say, ignored repeated warnings of the potential for violence, resisting pressure to hire moderators or establish emergency points of contact... Sri Lankans say they see little evidence of change. And in other countries, as Facebook expands, analysts and activists worry they, too, may see violence.

A Facebook spokeswoman countered that "we remove such content as soon as we're made aware of it," and said they're now trying to expand those teams and investing in "technology and local language expertise to help us swiftly remove hate content." But one anti-hate group told the Times that Facebook's reporting tools are too slow and ineffective.

"Though they and government officials had repeatedly asked Facebook to establish direct lines, the company had insisted this tool would be sufficient, they said. But nearly every report got the same response: the content did not violate Facebook's standards."
Facebook

Facebook Starts Its Facial Recognition Push To Europeans (techcrunch.com) 41

An anonymous reader quotes a report from TechCrunch: Jimmy Nsubuga, a journalist at Metro, is among several European Facebook users who have reported getting notifications asking if they want to turn on face recognition technology. Facebook has previously said an opt-in option would be pushed out to all European users, and also globally, as part of changes to its T&Cs and consent flow. In Europe, the company is hoping to convince users to voluntarily allow it to deploy the privacy-hostile tech -- which was turned off in the bloc after regulatory pressure, back in 2012, when Facebook began using facial recognition to offer features such as automatically tagging users in photo uploads. But under impending changes to its T&Cs -- ostensibly to comply with the EU's incoming GDPR data protection standard -- the company has crafted a manipulative consent flow that tries to sell people on giving it their data; including filling in its own facial recognition blanks by convincing Europeans to agree to it grabbing and using their biometric data after all. Users who choose not to switch on facial recognition still have to click through a "continue" screen before they get to the off switch. On this screen Facebook attempts to convince them to turn it on -- using manipulative examples of how the tech can "protect" them.
The Internet

The 'Terms and Conditions' Reckoning Is Coming (bloomberg.com) 128

Everyone from Uber to PayPal is facing a backlash against their impenetrable legalese. From a report: Personal finance forums online are brimming with complaints from hundreds of PayPal customers who say they've been suspended because they signed up before age 18. PayPal declined to comment on any specific cases, but says it's appropriate to close accounts created by underage people "to ensure our customers have full legal capacity to accept our user agreement." While that may seem "heavy-handed," says Sarah Kenshall, a technology attorney with law firm Burges Salmon, the company is within its rights because the users clicked to agree to the rules -- however difficult the language might be to understand.

Websites have long required users to plow through pages of dense legalese to use their services, knowing that few ever give the documents more than a cursory glance. In 2005 security-software provider PC Pitstop LLC promised a $1,000 prize to the first user to spot the offer deep in its terms and conditions; it took four months before the reward was claimed. The incomprehensibility of user agreements is poised to change as tech giants such as Uber Technologies and Facebook confront pushback for mishandling user information, and the European Union prepares to implement new privacy rules called the General Data Protection Regulation, or GDPR. The measure underscores "the requirement for clear and plain language when explaining consent," British Information Commissioner Elizabeth Denham wrote on her blog last year.

Facebook

Audit Approved of Facebook Policies, Even After Cambridge Analytica Leak (nytimes.com) 73

Nicholas Confessore reports via The New York Times: An auditing firm responsible for monitoring Facebook for federal regulators told them last year that the company had sufficient privacy protections in place, even after the social media giant lost control of a huge trove of user data that was improperly obtained by the political consulting firm Cambridge Analytica. The assertion, by PwC, came in a report submitted to the Federal Trade Commission in early 2017. The report, a redacted copy of which is available on the commission's website, is one of several periodic reviews of Facebook's compliance with a 2011 federal consent decree, which required Facebook to take wide-ranging steps to prevent the abuse of users' information and to inform them how it was being shared with other companies. The accounting firm, formerly known as PricewaterhouseCoopers, effectively gave Facebook a clean bill of health. "Facebook's privacy controls were operating with sufficient effectiveness to provide reasonable assurance to protect the privacy" of users, said the assessment, which stretched from February 2015 to February 2017. But during that period, Facebook was aware that a researcher based in Britain, Aleksandr Kogan, had provided Cambridge Analytica with private Facebook data from millions of users.
Technology

'Increasingly, People in Silicon Valley Are Losing Touch With Reality' (500ish.com) 455

Longtime commentator MG Siegler writes: You can see it in the tweets. You can hear it at tech conferences. Hell, you can hear it at most cafes in San Francisco on any given day. People -- really smart people -- saying some of the most vacuous things. Words that if they were able to take a step outside of their own heads and hear, they'd be embarrassed by. Or, at least, these are stances, thoughts, and ideas that these people should be embarrassed by. But they're clearly not because they keep saying them. This isn't only about Facebook -- far from it. That's just the most high profile and timely example of a company suffering from some of this. And in that case, it's really more in their responses to the Cambridge Analytica situation, rather than the situation itself (which is another matter, though undoubtedly related). They don't know the right things to say because they don't know what to say, period. Because they've slipped out of touch.

But again, I feel like this is increasingly everywhere I look around tech. It's an industry filled with some of the most brilliant people in the world, which makes it all the more disappointing. I won't name names but also because I don't have to. I'd wager everyone reading this will have clear and obvious examples of what I'm talking about in their own circles -- even if only in their own virtual circles. This is everywhere. I don't know the cause of this. Perhaps we can blame part of it on Trump, even if only indirectly (a man who has gotten ahead in life by saying asinine things). If I had to guess, I'd say the root is an increasing sense of entitlement as the tech industry has grown in stature to become the most important from a fiscal perspective and arguably from a cultural perspective as well.

EU

Facebook To Put 1.5 Billion Users Out of Reach of New EU Privacy Law (reuters.com) 95

An anonymous reader quotes a report from Facebook: If a new European law restricting what companies can do with people's online data went into effect tomorrow, almost 1.9 billion Facebook users around the world would be protected by it. The online social network is making changes that ensure the number will be much smaller. Facebook members outside the United States and Canada, whether they know it or not, are currently governed by terms of service agreed with the company's international headquarters in Ireland. Next month, Facebook is planning to make that the case for only European users, meaning 1.5 billion members in Africa, Asia, Australia and Latin America will not fall under the European Union's General Data Protection Regulation (GDPR), which takes effect on May 25. That removes a huge potential liability for Facebook, as the new EU law allows for fines of up to 4 percent of global annual revenue for infractions, which in Facebook's case could mean billions of dollars.
Facebook

'Login With Facebook' Data Hijacked By JavaScript Trackers (techcrunch.com) 91

An anonymous reader quotes a report from TechCrunch: Facebook confirms to TechCrunch that it's investigating a security research report that shows Facebook user data can be grabbed by third-party JavaScript trackers embedded on websites using Login With Facebook. The exploit lets these trackers gather a user's data including name, email address, age range, gender, locale, and profile photo depending on what users originally provided to the website. It's unclear what these trackers do with the data, but many of their parent companies including Tealium, AudienceStream, Lytics, and ProPS sell publisher monetization services based on collected user data. The abusive scripts were found on 434 of the top 1 million websites including freelancer site Fiverr.com, camera seller B&H Photo And Video, and cloud database provider MongoDB. That's according to Steven Englehardt and his colleagues at Freedom To Tinker, which is hosted by Princeton's Center For Information Technology Policy.
Facebook

Facebook To Design Its Own Processors For Hardware Devices, AI Software, and Servers (bloomberg.com) 55

Facebook is the latest technology company to design its own semiconductors, reports Bloomberg. "The social media company is seeking to hire a manager to build an 'end-to-end SoC/ASIC, firmware and driver development organization,' according to a job listing on its corporate website, indicating the effort is still in its early stages." From the report: Facebook could use such chips to power hardware devices, artificial intelligence software and servers in its data centers. Next month, the company will launch the Oculus Go, a $200 standalone virtual-reality headset that runs on a Qualcomm processor. Facebook is also working on a slew of smart speakers. Future generations of those devices could be improved by custom chipsets. By using its own processors, the company would have finer control over product development and would be able to better tune its software and hardware together. The postings didn't make it clear what kind of use Facebook wants to put the chips to other than the broad umbrella of artificial intelligence. A job listing references "expertise to build custom solutions targeted at multiple verticals including AI/ML," indicating that the chip work could focus on a processor for artificial intelligence tasks. Facebook AI researcher Yann LeCun tweeted about some of the job postings on Wednesday, asking for candidates interested in designing chips for AI.
Privacy

Richard Stallman On Facebook's Privacy Scandal: We Need a Law. There's No Reason We Should Let Them Exist if the Price is Knowing Everything About Us (nymag.com) 360

From a wide-ranging interview of Richard Stallman by New York Magazine: New York Magazine: Why do you think these companies feel justified in collecting that data?

Richard Stallman: Oh, well, I think you can trace it to the general plutocratic neoliberal ideology that has controlled the U.S. for more than two decades. A study established that since 1998 or so, the public opinion in general has no influence on political decisions. They're controlled by the desires of the rich and of special interests connected with whatever issue it is. So the companies that wanted to collect data about people could take advantage of this general misguided ideology to get away with whatever they might have wanted to do. Which happened to be collecting data about people. But I think they shouldn't be allowed to collect data about people.

We need a law. Fuck them -- there's no reason we should let them exist if the price is knowing everything about us. Let them disappear. They're not important -- our human rights are important. No company is so important that its existence justifies setting up a police state. And a police state is what we're heading toward. Most non-free software has malicious functionalities. And they include spying on people, restricting people -- that's called digital restrictions management, back doors, censorship.

Empirically, basically, if a program is not free software, it probably has one of these malicious functionalities. So imagine a driverless car, controlled of course by software, and it will probably be proprietary software, meaning not-free software, not controlled by the users but rather by the company that makes the car, or some other company. Well imagine if that has a back door, which enables somebody to send a command saying, "Ignore what the passenger said, and go there." Imagine what that would do. You can be quite sure that China will use that functionality to drive people toward the places they're going to be disappeared or punished. But can you be sure that the U.S. won't?

Security

Data Firm Leaks 48 Million User Profiles it Scraped From Facebook, LinkedIn, Others (zdnet.com) 56

Zack Whittaker, reporting for ZDNet: A little-known data firm was able to build 48 million personal profiles, combining data from sites and social networks like Facebook, LinkedIn, Twitter, and Zillow, among others -- without the users' knowledge or consent. Localblox, a Bellevue, Wash.-based firm, says it "automatically crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks." Since its founding in 2010, the company has focused its collection on publicly accessible data sources, like social networks Facebook, Twitter, and LinkedIn, and real estate site Zillow to name a few, to produce profiles.

But earlier this year, the company left a massive store of profile data on a public but unlisted Amazon S3 storage bucket without a password, allowing anyone to download its contents. The bucket, labeled "lbdumps," contained a file that unpacked to a single file over 1.2 terabytes in size. The file listed 48 million individual records, scraped from public profiles, consolidated, then stitched together.

Bitcoin

Cambridge Analytica Planned To Launch Its Own Cryptocurrency (theverge.com) 60

Cambridge Analytica, the data analytics firm that harvested millions of Facebook profiles of U.S. voters, attempted to develop its own cryptocurrency this past year and intended to raise funds through an initial coin offering. The digital coin would have helped people store online personal data and even sell it, former Cambridge Analytica employee Brittany Kaiser told The New York Times. The Verge reports: Cambridge Analytica, which obtained the data of 87 million Facebook users, was hoping to raise as much as $30 million through the venture, anonymous sources told Reuters. Cambridge Analytica confirmed to Reuters that it had previously explored blockchain technology, but did not confirm the coin offering and didn't say whether efforts are still underway. The company also reportedly attempted to promote another digital currency behind the scenes. It arranged for potential investors to take a vacation trip to Macau in support of Dragon Coin, a cryptocurrency aimed at casino players. Dragon Coin has been supported by a Macau gangster Wan Kuok-koi, nicknamed Broken Tooth, according to documents obtained by the Times. Cambridge Analytica started working on its own initial coin offering mid-2017 and the initiative was overseen in part by CEO Alexander Nix and former employee Brittany Kaiser. The company's plans to launch an ICO were still in the early stages when Nix was suspended last month and the Facebook data leak started to gain public attention.
Facebook

Facebook Admits To Tracking Users, Non-Users Off-Site (theguardian.com) 147

Facebook said in a blog post yesterday that they tracked users and non-users across websites and apps for three main reasons: providing services directly, securing the company's own site, and "improving our products and services." The statement comes as the company faces a U.S. lawsuit over a controversial facial recognition feature launched in 2011. The Guardian reports: "When you visit a site or app that uses our services, we receive information even if you're logged out or don't have a Facebook account. This is because other apps and sites don't know who is using Facebook," Facebook's product management director, David Baser, wrote. "Whether it's information from apps and websites, or information you share with other people on Facebook, we want to put you in control -- and be transparent about what information Facebook has and how it is used."

But the company's transparency has still not extended to telling non-users what it knows about them -- an issue Zuckerberg also faced questions over from Congress. Asked by Texas representative Gene Green whether all information Facebook holds about a user is in the file the company offers as part of its "download your data" feature, Zuckerberg had responded he believed that to be the case. Privacy campaigner Paul-Olivier Dehaye disagreed, noting that, even as a Facebook user, he had been unable to access personal data collected through the company's off-site tracking systems. Following an official subject access request under EU law, he told MPs last month, Facebook had responded that it was unable to provide the information.

Facebook

Former Cambridge Analytica Employee Says Facebook Users Affected Could Be 'Much Greater Than 87 million' (theverge.com) 45

Cambridge Analytica and its partners used data from previously unknown "Facebook-connected questionnaires" to obtain user data from the social media service, according to testimony from a former Cambridge Analytica employee. From a report: Brittany Kaiser provided evidence to the British Parliament today as part of a hearing on fake news. Kaiser, who worked on the business team at Cambridge Analytica's parent company until January of this year, wrote in a statement that she was "aware in a general sense of a wide range of surveys" used by Cambridge Analytica or its partners, and she said she believes the number of people whose Facebook data may have been compromised is likely higher than the widely reported 87 million.
Businesses

Cybersecurity Tech Accord: More Than 30 Tech Firms Pledge Not to Assist Governments in Cyberattacks (cybertechaccord.org) 67

Over 30 major technology companies, led by Microsoft and Facebook, on Tuesday announced what they are calling the Cybersecurity Tech Accord, a set of principles that include a declaration that they will not help any government -- including that of the United States -- mount cyberattacks against "innocent civilians and enterprises from anywhere."

The companies that are participating in the initiative are: ABB, Arm, Avast, Bitdefender, BT, CA Technologies, Cisco, Cloudflare, DataStax, Dell, DocuSign, Facebook, Fastly, FireEye, F-Secure, GitHub, Guardtime, HP Inc., HPE, Intuit, Juniper Networks, LinkedIn, Microsoft, Nielsen, Nokia, Oracle, RSA, SAP, Stripe, Symantec, Telefonica, Tenable, Trend Micro, and VMware.

The announcement comes at the backdrop of a growing momentum in political and industry circles to create a sort of Digital Geneva Convention that commits the entire tech industry and governments to supporting a free and secure internet. The effort comes after attacks such as WannaCry and NotPetya hobbled businesses around the world last year, and just a day after the U.S. and U.K. issued an unprecedented joint alert citing the threat of cyberattacks from Russian state-sponsored actors. The Pentagon has said Russian "trolling" activity increased 2,000 percent after missile strikes in Syria.

Interestingly, Amazon, Apple, Google, and Twitter are not participating in the program, though the Tech Accord says it "remains open to consideration of new private sector signatories, large or small and regardless of sector."
United States

Facebook Must Face Class-Action Lawsuit Over Facial Recognition, Says Judge (kfgo.com) 79

U.S. District Judge James Donato ruled on Monday that Facebook must face a class-action lawsuit alleging that the social network unlawfully used a facial recognition process on photos without user permission. Donato ruled that a class-action was the most efficient way to resolve the dispute over facial templates. KFGO reports: Facebook said it was reviewing the ruling. "We continue to believe the case has no merit and will defend ourselves vigorously," the company said in a statement. Lawyers for the plaintiffs could not immediately be reached for comment. Facebook users sued in 2015, alleging violations of an Illinois state law about the privacy of biometric information. The class will consist of Facebook users in Illinois for whom Facebook created and stored facial recognition algorithms after June 7, 2011, Donato ruled. That is the date when Facebook launched "Tag Suggestions," a feature that suggests people to tag after a Facebook user uploads a photo. In the U.S. court system, certification of a class is typically a major hurdle that plaintiffs in proposed class actions need to overcome before reaching a possible settlement or trial.
Communications

France is Building Its Own Encrypted Messaging Service To Ease Fears That Foreign Entities Could Spy on Private Conversations (reuters.com) 87

The French government is building its own encrypted messenger service to ease fears that foreign entities could spy on private conversations between top officials, the digital ministry said on Monday. From a report: None of the world's major encrypted messaging apps, including Facebook's WhatsApp and Telegram -- a favorite of President Emmanuel Macron -- are based in France, raising the risk of data breaches at servers outside the country.

About 20 officials and top civil servants are testing the new app which a state-employed developer has designed, a ministry spokeswoman said, with the aim that its use will become mandatory for the whole government by the summer. "We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia," the spokeswoman said. "You start thinking about the potential breaches that could happen, as we saw with Facebook, so we should take the lead."

Social Networks

Is It Time To Stop Using Social Media? (counterpunch.org) 291

Slashdot reader Nicola Hahn writes: Bulk data collection isn't the work of a couple of bad apples. Corporate social media is largely predicated on stockpiling and mining user information. As Zuckerberg explained to lawmakers, it's their business model...

While Zuckerberg has offered public apologias, spurring genuine regulation will probably be left to the public. Having said that, confronting an economic sector which makes up one of the country's largest political lobbying blocks might not be a tenable path in the short term.

The best immediate option for netizens may be to opt out of social media entirely.

The original submission links to this call-to-action from Counterpunch: Take personal responsibility for your own social life. Go back to engaging flesh and blood people without tech companies serving as an intermediary. Eschew the narcissistic impulse to broadcast the excruciating minutiae of your life to the world. Refuse to accept the mandate that you must participate in social media in order to participate in society. Reclaim your autonomy.
Facebook

Facebook Competitor Orkut Relaunches as 'Hello' (bloombergquint.com) 103

An anonymous reader quotes Bloomberg: In 2004, one of the world's most popular social networks, Orkut, was founded by a former Google employee named Orkut Buyukkokten... Orkut was shut down by Google in 2014, but in its heyday, the network had hit 300 million users around the world... "Hello.com is a spiritual successor of Orkut.com," Buyukkokten told BloombergQuint... "People have lost trust in social networks and the main reason is social media services today don't put the users first. They put advertisers, brands, third parties, shareholders before the users," Buyukkokten said. "They are also not transparent about practices. The privacy policy and terms of services are more like black boxes. How many users actually read them?"

Buyukkokten said users need to be educated about these things and user consent is imperative in such situations when data is shared by such platforms. "On Hello, we do not share data with third parties. We have our own registration and login and so the data doesn't follow you anywhere," he said. "You don't need to sell user data in order to be profitable or make money."

Slashdot Top Deals