You needed to be his FB friend, which at the time was limited to 500 (if I remember right).
But if you were, the Graph API gave the same access as it did to others.
Honestly, it would be almost better if that wasn't true. That would mean they knew something was wrong. The problem is they think "I'm fine with this, so everyone else must be too."
The question is how to solve this problem. I don't think governmental regulations will do it, through they may help. That's because data collection and sharing is Facebook's whole business model, and ditto thousands of other companies, large and small. So they will all just figure out ways of skirting around the law and continuing what they have been doing.
The only solution that could work is a new financial model that combines decentralization with some way of paying content producers and other expenses. Fortunately there is a lot of tech for that in development, though I don't know if anything is fully ready yet.
How about something like HIPPA (in the US)? There are strict penalties for violations, but it hasn't prevented small companies from thriving, provided they comply with the act..
Companies comply because they are in the health care business, that is how they make money, and HIPPA doesn't stop them from doing that. But Facebook is in the data collection business. If it complied with a strong data privacy law, it would go out of business, so it wouldn't.
My first guess was that it was meant to be "ass-covering". A "sphincter" is a generic type of "circular muscle that normally maintains constriction of a natural body passage or orifice", of which there are "over 60 types in the human body" (Wiki), but there's only one sphincter people usually talk about (outside scientific literature). Looking more closely at the definition of the "per-" prefix, I get "through"[1], in which case a "persphinctery" statement is most directly defined as one that "came out of someone's ass".
Right next door to a company where I was recently working was a successful startup whose entire business model consisted of using Facebook's commercial API for the analysis of the psychological profiles of its base product (the users), to detect potential terrorists. This outfit's only real customer is Australian law enforcement, and everyone who uses Facebook is attributed some non-zero terrorist score. I have told this to people who have continued to use Facebook. It's just crap and it can't die fast enough.
I don't think this is a good idea — changing the title completely from what the author of the content put up, without retaining even a part of it. The current title for this article is horrendously long and quite frankly, boring.
While we're on the topic of Facebook, misinformation, etc., this title change could also be classified as misinformation by HN, though the claimed purpose is for good instead of for evil. Why? Because most people decide to read articles based on the titles, and many people also derive conclusions on what the article is about from the title. It doesn't matter much if some sentence was lifted off the article and used. This should be as the author of the post intended.
But HN is a private site, and can do whatever it wants on content shared here. I'll just voice my strong disagreement on this title change, especially on the topic of Facebook and recent revelations. I don't need more justifications.
Arguably, yes. It's written to elicit a strong emotional response that can affect the direction and quality of discussion. After all, one of the primary goals of HN is quality discussion.
The mods have written about this when commenting on title changes:
To be honest, about this issue of privacy and security, most of the world really doesn't care. The people who do care are not a majority and not even a significant statistic. Providing an apology is enough for most people, since they don't understand the depth and scope of the problem at hand.
Shareholders know this. Mark will receive a slap on the wrist, and business will continue as usual as this fades out over the next 1-2 months.
The public doesn't care about appropriate capital ratios for "too big to fail" banks either, and yet Dodd-Frank passed.
The internet industry may be banking on this blowing over, but I wouldn't be so sure. Especially if the tech industry can't provide a unified front (see Tim Cook calling for privacy regulation).
GDPR has already arrived in the EU, and it will serve as a model for anyone campaigning for privacy legislation in the US. Politicians will respond to the outrage with Facebook/Google's behavior around data privacy, it doesn't matter that the public can't articulate what the response should be at a policy-making level.
And it doesn't matter that these internet companies' Terms of Service allowed everything that was done or not. This isn't a legal issue, this is a political issue. What people think they're agreeing to is more important than what they actually agreed to when it comes to legislative responses.
What GDPR is really going to kill is the third party data sharing - cookie syncing across ad networks that the end user has never heard of and has no reason to know about. They are going to have a nightmare getting user consent and a lot of those firms have already completely exited the EU market.
The timing of this blowing up is not great for Facebook GDPR wise, but the user has a 1:1 relationship with Facebook and getting consent in exchange for continued use of the site is probably not going to be a major issue for them.
I think that the parallel is Snowden. Before then, people largely shrugged at the tech community’s assertions about government dragnets. Now the assumption of a dragnet is taken as a granted.
This moment for Facebook, I think, is that same moment for the private sector.
Yes. This is all over HN and Reddit, but when I try to introduce my friends to Signal (or encryption in general), they shrug and say they have nothing to hide.
Hate to say it, but the general public needs Kim Kardashian or some tastemaker to make privacy and security "cool".
But privacy and security are not "cool", and never will be.
People like transparency, people are drawn to dangerous things. Hiding shit behind closed doors or being super paranoid is not cool, and will not get you fans.
The only security most people need is herd security. As long as your data can blend into a mass of other people's data to the point where you're just an anonymous face in the crowd, there's no harm. Sure, if you're some important individual who can be compromised by someone motivated enough you might have something to be afraid of, but most people never rise to that level of importance.
> The only security most people need is herd security. As long as your data can blend into a mass of other people's data to the point where you're just an anonymous face in the crowd, there's no harm. Sure, if you're some important individual who can be compromised by someone motivated enough you might have something to be afraid of, but most people never rise to that level of importance.
Well, yeah, maybe, but the Kardashians certainly fall into that group, and there is a cult of narcissism that would find the idea fashionable if given direction from actually famous individuals.
That said, I think you're right that very few will ever give a shit about privacy and I'm not terribly convinced they are wrong, since very few have anything interesting or meaningfully criminal/subversive going on.
I explained to a friend that since WhatsApp demanded full access to all contact details it, and by extension Facebook now knew his full postal address, which bank he used, where he worked, the identity of his boss, his therapist and his parent's address and possibly birthdays. He looked a bit thoughtful, at least. Its not the encryption, its the meta data.
Absolutely, will public mistrust stay around, or is Facebook just the demon of the day to be hated at by the talking heads on tv? From everything I've seen, the greater public won't remember or care a week after the media moves on.
It just might hang around for as long as Trump is president in the US, considering how this started as an offshoot of the ”Russian interference” investigation.
But I’ll bet usage statistics are right in line with their norms. It’s true that the deluge of headlines from liberal media sites this week has hurt their public image, and it at least cracks open the door to a competitor possibly having some success in attracting users. I’m not sure what that competitor would look like, but it would have to be vastly different than today’s concept of a social network.
But the point is that if usage stays normal, this hasn’t affected anything at all other than the fact that people don’t feel as warm and fuzzy toward Facebook as they once did.
> This is about buying a cheap alarm clock and finding out it's recording videos of you and your girlfriend and selling them online.
Not really, no. It's more like buying an alarm clock with an integrated video calling feature which will also optionally integrate with your home's existing audio/visual systems, if the user explicitly agrees to the very clear, plain-english description of the feature.
> To be honest, about this issue of privacy and security, most of the world really doesn't care. The people who do care are not a majority and not even a significant statistic. Providing an apology is enough for most people, since they don't understand the depth and scope of the problem at hand.
This is what worries me most of the time. Another commenter under this thread pointed to some kind of poll about Facebook. But polls don't matter much. People may have negative sentiments about Facebook, but what really matters is if this sentiment is reflected in almost the same proportion by an exodus of users from the platform or a significant drop in usage of the platform, while showing an increasing trend (even if it is for a short time). I believe most people will be angry, but will keep expressing that anger only on Facebook while their "friends" like and react and comment, creating exactly the fuel that Facebook needs — engagement and attention-minutes on its platform!
> Shareholders know this. Mark will receive a slap on the wrist, and business will continue as usual as this fades out over the next 1-2 months.
I believe the same too. Based on all the goofs from Facebook over the years, this one is just a bit more serious but would not be the reason why millions of people would boycott it. That requires a "disaster" on a larger scale, which I'm sure will come in the future because of Facebook being Facebook.
I used to think that, although I'm surprised how many of my family members have already deleted their accounts or are now seriously considering it since the news has broken about the breach.
I know very few people who now aren't actually suspect of the company now.Maybe their not willing to give up their accounts yet; However I truly think there is more public awareness of the situation than you think.
Neither case was illegal, but Obama’s was far more invasive. What makes it so much worse is that Obama accessed 4x as many profiles as Kogan did, and they did it with Facebook’s blessings. This enabled them to keep the data current, while Trump’s dataset was both far smaller and years older than Obama’s by the time it was used.
Sadly, there are still no apologies for the gross invasion of privacy that Zuckerberg authorized Obama to commit against ~200 million people, ~199 million of whom never authorized Obama to take their information. I hope one is forthcoming, but I won’t hold my breath.
No finding has been made that they violated anything, nor is there anything suggesting that they "probably" violated anything. The article you linked to says that a radical left-wing group called Common Cause filed a complaint with the FEC saying that in their opinion, a violation has been committed. It means absolutely nothing at this point.
This wasn't an action instigated by the FEC because a professional decided that there is probable cause to believe that something happened. This is more akin to a neighbor who was angry at not being invited to a party weeks earlier calling the police and filing a false noise complaint.
Finally, the equivalence is that Obama used the data outside of the Facebook developer TOS at the time, which stated that the data acquired through the API was supposed to only be used for the operation of their apps. By all accounts, including celebratory news articles sourced directly from campaign staffers, they used that data in violation of the developer TOS for campaign strategy and ad targeting purposes - with great effect. ~199 million people that did not authorize Obama to have their data had it handed to him anyway, for the express purpose of defeating a candidate that about half of them wanted to be President. I'm not sure how that's not far worse than the CA situation.
The liberal media refers to them as "Left Center," [1] however I think by most reasonable individuals' definition, they'd be considered "left wing". Regardless, they are on the left side, as in, biased against the right.
Or he's referring to them according to the relative position of them compared to other political ideologies in the place of relevance to his statement.
No, this is a common thing by hard-right factions to phrase the center-rightists as a bunch of commies. There is no genuine left left, we have had a massive rightward shift over decades, and this only becomes more true over time.
Witness that the "socialized" Obamacare is actually a repackaged version of a republican proposal from 1994.
So "left center", as viewed by the liberal media, translated into "radical left wing" when viewed by, presumably, someone in the center? Sorry, I don't buy it. (And yes, I know full well that much of the media leans left, some rather strongly.)
For what it's worth, Wikipedia says they have been identified as "liberal-leaning", but also as "nonpartisan". It also notes that they were founded by a Republican.
The illegality I'm referring to was that CA falsely certified destruction of the data. My understanding is that was illegal, and people are mad at why Facebook made it that easy to lie and get away with it.
> My understanding is that was illegal, and people are mad at why Facebook made it that easy to lie and get away with it.
Can you explain how you know specifically why people are mad, that it's not the ability for people to get their hands on this data at all, and not what was done with it, but actually at a nuanced difference in one step (between obtaining the data, and using it for election analytics)? I've read numerous people on HN stating with extreme certainty that they know precisely why people are mad (and why they are not), and how this difference in step 2 makes a comparison between the two situations completely invalid, but I don't follow the logic of either claim at all.
It wasn’t “illegal” for them to not destroy the data. Kogan had a contractual duty to not sell it to CA, and Facebook can sue him for breach of that duty (and possibly CA for using it). But, at least under US law, nothing that occurred was “illegal”. What happened was a breach of a civil contract between two private parties - nothing more.
OK, I think I figured it out (I think I'd seen this but forgotten about it). It seems they say it was illegal because they believe campaign finance laws were violated. [1] Which, again, I understand was not the case for Obama, meaning equating the two would be incorrect.
I assumed they meant it was fraud/perjury/something along those lines, not merely breach of contract. Otherwise, if not, then then what do news sources keep saying the obtaining and/or keeping of this data was illegal? (e.g. [1] [2])
These articles again throw around and conflate the words “illegal” and “violation of TOS” which are two vastly different things. I’m not an expert in EU privacy law, but under US law, nothing that has occurred here (that has been publicly disclosed) was “illegal”. There are certainly potential civil lawsuits here, but nothing “illegal”.
Thanks for the response. You make good points; I guess we'll have to wait and see what gets uncovered. The most I know that has been uncovered so far is the admission by CA heads that they bribe officials [1], but given that it wasn't exactly a sworn testimony (or even a statement about a concrete case) I could see them getting away with it legally.
Well a decent part of the most recent furor is that it affects people the do care. The Cambridge Analytica data was scraped from customers that had enabled it, but extended into their own friend networks, including those that had not chosen to make their data accessible.
I am sorta of the opinion that nothing on FB should be considered private, but even with that noted, and the fact that I don't particularly care what personal FB info on me is scraped, I'm a bit annoyed that any random friend could expose data that I have marked as private by allowing some random BS app to access to their own account. According to FB, this was solved years ago (but the data already scraped from the previous state was never successfully recalled), but I hardly trust them to give a shit about this or other issues popping up in the future, barring another mass outrage.
Your question brings to mind the (possibly apocryphal) story about (IIRC) Target, who through the use of a customer's purchase history deduced that she was pregnant before she had informed her family. They sent targeted mailers to her house, leaving her father wondering why she was getting advertising for diapers and the like.
I think the general public would care more if they got a better sense of what having a large volume of their seemingly innocuous data lets companies figure out about them.
That this was possible and happening was well known in Silicon Valley. What has changed is (a) Cambridge Analytica and the 2016 election made the issue relatable and (b) Zuckerberg et al are dissembling and attempting what appears to be an incompetently-executed public cover-up.
> Zuckerberg et al are dissembling and attempting what appears to be an incompetently-executed public cover-up
I agree that execs probably took too long to make a statement, but out of curiosity, do you have any thoughts on what execs should've done instead, or are you of the opinion that there's really nothing they could've done differently?
Facebook did not lack sound advice from competent executives, they just didn't have the spine to do the right thing, because money.
One central tension at Facebook has been that of the legal and policy teams versus the security team. The security team generally pushed for more disclosure about how nation states had misused the site, but the legal and policy teams have prioritized business imperatives, said the people briefed on the matter.
“The people whose job is to protect the user always are fighting an uphill battle against the people whose job is to make money for the company,” said Sandy Parakilas, who worked at Facebook enforcing privacy and other rules until 2012 and now advises a nonprofit organization called the Center for Humane Technology, which is looking at the effect of technology on people.
Alex Stamos, CSO is the one who led the internal tension for better disclosures and the need for Facebook to be more transparent. Of course, it is part of why he was forced to leave, as reported by the NYT [0].
Really? It is not so much what they should have done but what they should not have done: they should not have made the decisions which led to their companies ending up in this quagmire. They should have behaved ethically, something which is sure to have been mentioned - even if only in passing - at the Ivy League schools they attended.
>They should have behaved ethically, something which is sure to have been mentioned - even if only in passing - at the Ivy League schools they attended
Would they even get to a 100B, let alone a half trillion, market cap by always doing the right thing?
(Because this is ripe to be picked by the "wow, look at the HN dudebros" crowd: this is not an apology of their practices, it's a real question about corporations and powerful institutions.)
They could have made a genuine effort to ensure the data was actually deleted. The idea that a legal certification would be enough from a company that conducted itself in such a manner is laughable.
