Rich people are different to regular people, I like talking to my neighbours and having BBQs every so often with people in my street. That’s quite dark and Black Mirrory to want to ignore everyone around you and just interact digitally with a select few friends that are probably just like you, good bye diversity.
To me the only question that hasn’t been asked and answered is how data that is not intentionally shared by users (cookies correlation, GPS coordinates, …) is being stored (and kept even after deleting your account) and sold to consulting companies?
Each time a question landed’ near this, he smartly shifted his answer to the « two category » of data and that the user has control over the 2 categories. Nonetheless, we still have no answer about it.
Storing user data is a liability as you are “On the hook” if it gets out to hackers. Unfortunately “on the hook” currently just means your reputation is damaged slightly until uber does a bigger stuff up later that week stealing your limelight. I’d like governments to get to the point where the law puts the fear of God into companies and their lawyers forbid them to hold onto creepy tracking data at least. Even required user data such as name, age, address is still a liability. Apparently companies don’t think like me though.
Well yes a lot of their issues are caused by having APIs that are too open. To be fair, back in those days, the tech ecosystem was definitely pushing for this openness. It was considered a good thing. Now, not so much..
I got kind of bored at one point so maybe they cover this way down in this overly long article but I couldn’t really figure out what point they were making. Is Facebook reducing access to third-parties but I still get access to all of my own data? The quotes they give from Facebook sound like they are restricting what app writers can do, that doesn’t seem bad to me as long as I can still download all of my data. But then they bring up this “what is my data” question. They say:
You wouldn’t want to find that you could take your own photographs, but not pictures of you with your family and colleagues. You’d like all that data as takeout. That’s what data portability means.
But I don’t know…I don’t really have a choice in the end but someone taking pictures of me to a new service without my consent is not really something I want either. Maybe there needs to be some consent model, “user X would like to export this picture of you, is that OK?” similarly there should probably be a consent model of “user Y has uploaded a picture of you to FB, is that OK?”
But in the end, FB doesn’t say they are doing any of this so I don’t know what EFF is trying to do other than drum up hostility towards something that doesn’t exist yet?
If you want some specifics about what is happening right now, it’s the trend to lock down APIs, which Facebook has and will I’m sure continue to do.
If you look at the links in the piece, you’ll see Zuckerberg saying that an early idealism for “data portability” led them to make mistakes, and they’re correcting those mistakes now. Mike Masnick has a somewhat pithier summary of these quotes here.
I’d also point you to the paragraph talking about the current ACLU case attempting to establish that scraping without authorisation is not a criminal act, per se; and the counter-arguments being made that without locking down data in this way, companies like Facebook cannot adequately protect your data.
But I don’t know…I don’t really have a choice in the end but someone taking pictures of
me to a new service without my consent is not really something I want either. Maybe there
needs to be some consent model, “user X would like to export this picture of you, is that
OK?” similarly there should probably be a consent model of “user Y has
uploaded a picture of you to FB, is that OK?”
I actually wanted to include exactly this suggestion as a hypothetical, but realised that the piece was already too long, so took it out, and replaced it with the “we should all have a longer conversation about this” ending, because there are so many cases like this to consider.
I understand if you think this is smoke without fire at this point, but our previous experiences in this space, we worry about this a lot at EFF, and do fear this kind of lock-down as being one of the unintended consequences of the current debate. Even if the article was imperfect, I’m happy that you’re thinking about these questions!
You can also read a bit more on this topic with this EFF article, written earlier in the Facebook/Cambridge Analytica story, by Cory Doctorow.
I understand if you think this is smoke without fire at this point, but our previous experiences in this space, we worry about this a lot at EFF, and do fear this kind of lock-down as being one of the unintended consequences of the current debate.
I think many of the points you bring up are important to discuss and consider, I mostly just really dislike how you do it. You are basically just say “OMG, FB could do this thing and that would be bad, everyone freak out”, and I don’t think that facilitates an informed discussion. I would much rather have read an article that took what’s happened and discussed options without trying to imply things. For example:
You’d like all that data as takeout. That’s what data portability means.
The way that reads to me is you’ve set it up such that Facebook does not agree on that definition of data portability. And I can’t tell if they do or don’t, but you’re certainly biasing me against Facebook.
The thinking goes: There are bad people out there, and our customers may not understand privacy options well enough to prevent this huge morass of information being misused. So we need to be the sole keepers of it. We’re too big to let others fail.
Is it? I can’t read the minds of exec at Facebook and I know you can’t either. Instead I wish you said something like “Facebook changed things like X, that means you cannot do Y, if Y is important to you, then you, dear reader, should help do something about bringing Y back”. Trying to make a narrative with good guys and bad guys is just off-putting to me, people are more complicated than that.
The risk of the introduction of a bad regulation of people’s data: to protect users (even from themselves and from their friends) the USA Government might “force” Facebook to “keep their data safe” in their “secure” (USA located) servers, minimizing the amount of data that they will be able to get back or access.
Also the author notices how Facebook API changes just limit observable data leaks, but Facebook could keep selling data behind the scenes…
Facebook hasn’t actually done anything
As far as I understood the issue is exactly that they didn’t do anything to prevent the manipulation of a few million people, through the use of precise profiles built from their data.
Or maybe Zuckerberg at the Congress is just a brillant late April prank! :-D
Zuck: People just submitted it. Zuck: I don’t know why. Zuck: They “trust me” Zuck: Dumb fucks.
And if anyone think he changed, just watch him buy lots of houses around his for privacy as he convinces everyone else to give up theirs. ;)
Rich people are different to regular people, I like talking to my neighbours and having BBQs every so often with people in my street. That’s quite dark and Black Mirrory to want to ignore everyone around you and just interact digitally with a select few friends that are probably just like you, good bye diversity.
To me the only question that hasn’t been asked and answered is how data that is not intentionally shared by users (cookies correlation, GPS coordinates, …) is being stored (and kept even after deleting your account) and sold to consulting companies?
Each time a question landed’ near this, he smartly shifted his answer to the « two category » of data and that the user has control over the 2 categories. Nonetheless, we still have no answer about it.
Storing user data is a liability as you are “On the hook” if it gets out to hackers. Unfortunately “on the hook” currently just means your reputation is damaged slightly until uber does a bigger stuff up later that week stealing your limelight. I’d like governments to get to the point where the law puts the fear of God into companies and their lawyers forbid them to hold onto creepy tracking data at least. Even required user data such as name, age, address is still a liability. Apparently companies don’t think like me though.
Lesson 1 of the Internet: read only. Lesson 2 of the Internet: everything on it is false, including this post.
Well yes a lot of their issues are caused by having APIs that are too open. To be fair, back in those days, the tech ecosystem was definitely pushing for this openness. It was considered a good thing. Now, not so much..
In our buzzwords-driven field?
Probably people considered API access “a good thing” just because “Facebook/Google is doing this too!”
But the problem was not the technology back then, just like AI is not the solution right now.
It’s the business model.
I remember a younger Zuckerberg explaining the world how privacy had no value for modern people.
He meant it!
I would hardly call 2015 “those days”.
Back in my day…
I got kind of bored at one point so maybe they cover this way down in this overly long article but I couldn’t really figure out what point they were making. Is Facebook reducing access to third-parties but I still get access to all of my own data? The quotes they give from Facebook sound like they are restricting what app writers can do, that doesn’t seem bad to me as long as I can still download all of my data. But then they bring up this “what is my data” question. They say:
But I don’t know…I don’t really have a choice in the end but someone taking pictures of me to a new service without my consent is not really something I want either. Maybe there needs to be some consent model, “user X would like to export this picture of you, is that OK?” similarly there should probably be a consent model of “user Y has uploaded a picture of you to FB, is that OK?”
But in the end, FB doesn’t say they are doing any of this so I don’t know what EFF is trying to do other than drum up hostility towards something that doesn’t exist yet?
read: warn and inform people of risks
Inform them of what risks? Facebook hasn’t actually done anything, this whole post is fantasy.
(author of the original piece here)
If you want some specifics about what is happening right now, it’s the trend to lock down APIs, which Facebook has and will I’m sure continue to do.
If you look at the links in the piece, you’ll see Zuckerberg saying that an early idealism for “data portability” led them to make mistakes, and they’re correcting those mistakes now. Mike Masnick has a somewhat pithier summary of these quotes here.
I’d also point you to the paragraph talking about the current ACLU case attempting to establish that scraping without authorisation is not a criminal act, per se; and the counter-arguments being made that without locking down data in this way, companies like Facebook cannot adequately protect your data.
I actually wanted to include exactly this suggestion as a hypothetical, but realised that the piece was already too long, so took it out, and replaced it with the “we should all have a longer conversation about this” ending, because there are so many cases like this to consider.
I understand if you think this is smoke without fire at this point, but our previous experiences in this space, we worry about this a lot at EFF, and do fear this kind of lock-down as being one of the unintended consequences of the current debate. Even if the article was imperfect, I’m happy that you’re thinking about these questions!
You can also read a bit more on this topic with this EFF article, written earlier in the Facebook/Cambridge Analytica story, by Cory Doctorow.
Thanks for your response
I think many of the points you bring up are important to discuss and consider, I mostly just really dislike how you do it. You are basically just say “OMG, FB could do this thing and that would be bad, everyone freak out”, and I don’t think that facilitates an informed discussion. I would much rather have read an article that took what’s happened and discussed options without trying to imply things. For example:
The way that reads to me is you’ve set it up such that Facebook does not agree on that definition of data portability. And I can’t tell if they do or don’t, but you’re certainly biasing me against Facebook.
Is it? I can’t read the minds of exec at Facebook and I know you can’t either. Instead I wish you said something like “Facebook changed things like X, that means you cannot do Y, if Y is important to you, then you, dear reader, should help do something about bringing Y back”. Trying to make a narrative with good guys and bad guys is just off-putting to me, people are more complicated than that.
The risk of the introduction of a bad regulation of people’s data: to protect users (even from themselves and from their friends) the USA Government might “force” Facebook to “keep their data safe” in their “secure” (USA located) servers, minimizing the amount of data that they will be able to get back or access.
Also the author notices how Facebook API changes just limit observable data leaks, but Facebook could keep selling data behind the scenes…
As far as I understood the issue is exactly that they didn’t do anything to prevent the manipulation of a few million people, through the use of precise profiles built from their data.
Or maybe Zuckerberg at the Congress is just a brillant late April prank! :-D