Skeptics will say "just don't do anything wrong and you'll be fine." But what about civil disobedience, like the Occupy movement? What about when the definition of "wrong" changes? What about when the information is used not to implicate you in something, but just learn more about your activities?
I think eventually this will become a big enough issue with some event (maybe a popular crime case in which the defendant is perceived to be innocent but FB data is used to implicate him/her) that the general public is appalled and will try to delete their data. But by then it'll be too late.
Just out of interest, as I've never come across many examples, can anyone give me some rock solid examples of what scary stuff facebook / a 3rd party could do with my data?
I'm in the UK. I post an update roughly once ever 3 months, usually a photo from my phone. I have around 100 friends. I'm tagged in a handful of photos, some geotagged. None of any particular interest. My about me section has some basic information on my home city. I do however have chat history with a few people.
My privacy settings are all on the maximum, so no one public can see anything without being my friend, nor am I in search results. I block facebook outside of facebook.com.
I always feel like if a corrupt entity (lets say the government) wanted to 'take my freedom' then my email, skype, public paperwork (property ownership records etc) and bank statements etc would be of much greater benefit? Most of the 'facebook data is bad' stories at the moment seem to revolve around people with poor privacy settings and job interviews etc.
If your of the mindset that if the current government collapses and you end up with an extremist regiem in place, then a list of people you met over the last few years might be useful. But I'm not really in that camp, and my email address book or skype logs would be more accurate anyway.
I'm not saying facebook data isn't a bad thing; I'm just wondering what concrete things could happen?
It's just that the arguments generally presented seem to be able to be applied to skype, forums, blogs, email... pretty much having an IP address, or even a mobile phone. I'm just generally interested in what makes facebook specifically so bad to me personally - beyond it's obvious size and centralisation.
The riots one is an interesting example. Do you have any links to examples of people arrested as a result of just having a facebook account? Not just as a result of posting pictures of themselves doing something illegal or organising illegal activity publicly; in which case the medium is unimportant.
Facebook is way more powerful for surveillance because it's a centralized network of people you are connected to and information about yourself. Connections are explicit and easier to track and store and once it's in Facebook it's in forever. While similar surveillance is possible with the other technologies, they aren't in an easily accessible database that can allow extraction of data by interested parties. And it doesn't help that the very company holding all of the data has had a lot of privacy issues in the past.
Plus just because surveillance is possible by other means does not make Facebook ok, it's just the scariest for some people at this point.
The social graph is the holy grail of intelligence analysts and law enforcement. I believe for many years they've been trying to do this themselves, but it requires a massive collection system, along with an equally massive backend database to house all of this information. And it is tough to normalize a person when they have multiple shards of identity.
Now, we just give it to them wholesale. In this way, the tech that empowers us may eventually be used against us. It is terrifying enough that I would prefer a more analog future.
(Apologies for the throwaway account, but I'm not naive.)
"... Just out of interest, as I've never come across many examples, can anyone give me some rock solid examples of what scary stuff facebook / a 3rd party could do with my data? ..."
The biggest problem isn't just finding one piece of evidence a user has revealed, it's inference of collective data. Because access can be made at so many levels on Fb via the API you can infer information from the data alone. [0], [1] Data mining of server logs and inference poses the biggest potential threat.
Well, besides your data being sold to advertisers (which may give you a creepy feeling but not much more), the friend list for most (all? I'm not that familiar with Facebook) Facebook users is public, and a lot could be learned from that alone.
By canvassing you friends list, and your friends' lists and the way different lists intersect, it's often very easy to know who are your, say, school friends, and who are your work friends. It is also quite easy to find out who your close friends are, and whom you only know in passing or have fallen out of touch with.
Using that information, I could introduce myself (online or offline) as a friend of one of your not-so-close friends. Then, it would be quite easy to gain your confidence. I could use you trust to get something directly out of you, or I could gain your trust just enough to friend you on Facebook (under a false identity) and pass your information (which is no longer so private) to a third party that has hired me to follow you.
Facebook doesn't sell any data to advertisers. It allows advertisers to display an advert to a group of users based on broad demographic and interest information, without divulging information about the user. In some ways, this is similar to deciding to show a particular advert in "Time" rather than "People" in the more physical world.
I realise some people (possibly including you) say "your data is being sold to advertisers" when they know how it works, but it is surprising how many people say the same thing and don't.
That sounds like a lot of work. If I really am set on going after you, I can mug you in front of your house, or burn your house, or do another number of things. Setting your Facebook privacy to maximum won't protect against that.
I'd like to hear an example where you don't have to assume an aggressor with supernatural motivation to go after me, the random stranger.
I have read about people doing such things as 'proof of concept' type attacks indeed. However it requires that you have your privacy settings to public.
No information on my profile is public. You must set your friends to public, mine are set to 'me only', so even my friends can not see them (always wondered why anyone would set it to anything else!). Were you to friend me I would not accept as I don't know you. So this attack would not work.
It highlights the point about 'public' facebook data though, which many users are very lax with, but provided you take the steps to contain your data is not a concern. This is more about social engineering than facebook doing any scary with your data on a 3rd party / government level. The same 'job interview' situation can arrise from a blog, a forum or any service with public URLs.
Keeping your friend list private even from your friends is indeed the first necessary step to reduce the risks Facebook poses. On any other setting, whatever other data you keep "private" on Facebook is pretty much public.
Note, however, that this information may leak if you let other services access this information to build their own friend lists.
I wonder, if there are any known cases, where people did not get a particular job (or experienced any other disadvantage), because they had NO facebook account.
Personally I don't own a facebook account and any request to facebook from my computer is blocked, since they introduced their like button. In my world it's very much like facebook doesn't exist at all. The only disadvantage I experience is, that I'm locked out of some websites, which require a facebook account for log-on (stupid, if you ask me).
Oh those poor, poor sheep. It's funny how eagerly people are willing to give up their privacy and freedom for some marginal benefit. And Facebook's dangers will always vastly outweigh its meager benefits. A relative of mine was just denied residency at a prestigious hospital when the admissions committee found out through Facebook that she has children, and there are numerous other examples. And the root of the problem is more than Facebook's monopoly or terrifying business model; these will be somewhat mitigated when its services, which have proven so far to be essential, will be commoditized (just like e-mail) by the wonderful Diaspora* and others like it. The root of the problem is people's willingness to expose themselves. And maybe I'm wrong, and it's not a problem at all but a cultural shift, or maybe even a necessary outlet for a human desire that's always been there.
What I am certain of is that Facebook's IPO comes at a time of peak-Facebook. The ridiculous valuations Facebook and other web companies, and the outlandish profit multipliers analysts bestow on them never cease to amaze me. When companies grow so quickly it's hard to know when something really mirrors a true market shift or is just a fad. And even if it's not a fad, competitors can disrupt the market just as easily. After all, if investors expect upcommers to succeed so quickly, it must surely mean that they expect "established" companies to fail just as quickly; you can't have it both ways. Who could have predicted five years ago that Facebook will pose such a threat to Google (search)? Search seemed like it will forever be the preferred method of finding things online. And so will Facebook be displaced (or squeezed) by something new that comes along, or its product commoditized and Facebook turned into AOL circa 1994. The whole web economy is built on black swans (http://en.wikipedia.org/wiki/Black_swan_theory).
But whenever Facebook's inevitable market decline arrives (and it will happen quite soon), the question remains whether people's extroversion or naivete will continue to be fodder for web corporations. I would like to hope that with time and with the proper lessons learned, this behavior, too, will decline.
"A relative of mine was just denied residency at a prestigious hospital when the admissions committee found out through Facebook that she has children..."
Well, I don't want to give too much information because that's a very well known hospital in a major US city, but after the interview, a contact of hers on "the inside" told her that he'd heard the interview had not gone that well because the panel didn't like that she was too concerned with the work hours. She, of course, never mentioned or asked anything about the hours (she's too smart for that), but then remembered that one of the interviewers told her that he'd looked her up online. She appears in her Facebook profile picture with her two small children. And it's a well known fact among young doctors that that particular hospital, an many other like it, does not care to hire residents with young children, esp. female residents.
I thought employers weren't allowed to ask about age, religion and family situations. I realize that finding it on Facebook is not the same as asking, but it strikes me as pretty shady if not a little overreaching. I could be wrong, though.
You're right, it's illegal to ask any of those personal questions. Although if she did make a big deal about the hours during the interview then it would be okay to reject over concern about "failing to meet required schedule" or something like that.
This is incorrect - they are allowed to ask whatever they want... they just can't use the information as part of their decision making process if it reveals membership in a protected class. So, there's no point in asking, but it isn't illegal for them to ask it.
In the Second Circuit (CT, NY, VT)[13] and Eighth Circuit (ND, SD, NE, MN, IA, MO, AR)[14], courts have found that an employer violates Title VII when they ask questions about childbearing plans, pregnancy, child care, and/or whether their husband approves of the job and its requirements. Courts in these circuits have found that those types of interview questions are discriminatory and directly affect the hiring decision in violation of Title VII.
However, courts are not as friendly in the Seventh Circuit (IL, IN, WS). There, a woman applied for a paramedic position and was asked during the interview, she was asked about the number of children she would have, her child care arrangements, and how her husband would feel about the job. The interviewer admitted that he did not ask male applicants the same questions. However, her claim failed because the court found that the evidence did not support the finding that her sex was a determining factor in the decision to hire a man. She failed to show substantial evidence that the interviewer relied on the gender stereotyping questions when making its decision not to hire her.[15]
So, check the court circuit you're in before you ask the questions which a large number people and online-resources assert is "illegal." Even if it isn't illegal in your state, you're going to run across candidates who think it's at least immoral and prima facie indication of discrimination.
Disclaimer: I dont work/like Facebook, I dont use Facebook other than for some API testing projects. I use fake name, have one blurry photo and have only hand of real life friends mixed with strangers 20/80 ratio.
> What I am certain of is that Facebook's IPO comes at a time of peak-Facebook.
you may be certain of that if you assume that Facebook monetary mission was to connect all humanbeings, or at least most of it. You cant make enough money off of it. But I think you wrong if you think that Facebook customers are users -- they are advertisers. Zuck said it himself years ago that stage 1 is to sign up everyone and thats only beginning of his idea. Now since he got everyone signed up its time to treat billion people like a test rabbits and see how to maximize revenues per user without pissing off too many of them at the same time. In this case, possibilities are almost endless and I think you will see five years of strong monetary grow until, of course, everyone will jump ship for something new, more exciting.
Further, Facebook IPO comes in a perfect time. Zuck proved to investors that his idea is sustainable. Now its time to reward those who worked hard to achieve it and use stockpile of cash to accelerate and execute "milking cows" ideas. Brilliant!
> The ridiculous valuations Facebook and other web companies,
Facebook numbers came out. $1B profit. I think trading them 23x is reasonable.
> When companies grow so quickly it's hard to know when something really mirrors a true market shift or is just a fad.
2004-2012 thats 8 years of a grow. I fail to recognize it as "fad" since all FB numbers grow users and revenue wise. Is Google a "fad" ? they grew similarly fast, and what? Still in business...
> And even if it's not a fad, competitors can disrupt the market just as easily.
Well, so far we dont have "another" Facebook, because Facebook based its success on a fact that humans, in general, are lazy. Nobody will be willing to switch unless you can benefit something out of it that outweigh reason to drop all your friends and start rebuilding your network all over again, somewhere else. Until then, Facebook is safe.
> by the wonderful Diaspora*
where is the asterix leading? you work at Diaspora?
> Who could have predicted five years ago that Facebook will pose such a threat to Google (search)?
I think majority still search with Google and socialize with friends over Facebook. If you want to point threat to Google, point at Pinterest. Instead of Googling "cool bathroom ideas" and clicking "images", I go to Pinterest and have more pictures of beautiful inspirations for bathroom than I could ever analyze. This is a serious threat to Google.
> But whenever Facebook's inevitable market decline arrives (and it will happen quite soon),
can you shed some light? What do you see that we dont?
> I would like to hope that with time and with the proper lessons learned, this behavior, too, will decline.
So basically you claim that everything related to Facebook is evil. I disagree and billion naive sheep can back me up. Look, I know most hackers here are programmers. Most of us could write Facebook overnite today, and as a weekend project in 2004. This didnt happen. Facebook happened and one guy is worth $25 billion. I get it. Money-wise it hurts me sometime too. But the bottom line is, that you are trying to go against trend and your bitching is not different when 80years old librarian claimed that internet is evil and will kill libraries. Would you like internet to never happen because eventually libraries would be closed? If you go even more back in history, think about horse versus cars. I am pretty sure when cars came out, people riding horses were saying something: "oh, look at that piece of metal! it uses oil, produces deadly fumes and look how fast it goes! But everyone loves them! What a clueless sheep! I am sure it will take some time until enough people will kill themselves for everyone to realize horse-riding is more safe and secure and eventually everyone will switch back from cars to horses". Well, as we know history, this never happened and cars are here to stay. You see my point?
> Facebook numbers came out. $1B profit. I think trading them 23x is reasonable.
Facebook's IPO valuation was $75-100B, not $23B. That's a 75x-100x multiplier.
> In this case, possibilities are almost endless and I think you will see five years of strong monetary grow until, of course, everyone will jump ship for something new, more exciting.
I'm not saying Facebook will not be able to squeeze a healthy profit in the next 5 years or or so, but I don't think they'll justify the multiplier - maybe their stock will rise in the short term, but not enough in the long run.
What I'm "seeing" is that for Facebook's future plans to work their market penetration has to maintain itself at the current levels. If Google+ or Diaspora* and whatever other competitors that join the game take even a 25% market share, then plans that require "almost everyone" to have a Facebook account (like other services that use a Facebook-only sign-on) will no longer be viable). And, of course, the next big thing will inevitably arrive. Like I said, this is a "black swan" market, and the point is that you can't exactly see what it is that will cause the decline, but investors assuming super-fast growth must also expect a decline among the successful. And, again, the question is not whether or not a company will do well, but how it will perform relative to expectations.
> Is Google a "fad" ? they grew similarly fast, and what? Still in business...
Yes, they are in business and doing well, but have already begun to disappoint the analysts. Also, Google has many products (many of them unsuccessful), and there were very few successful companies in history that continued to show good growth with only one product (oil companies, perhaps). By this time, Facebook should have had at least one more product that's showing a promise. They have none - all of their offerings are strongly tied to their social network, while Google's products (like Google Docs or GMail) are not directly tied to the success of search.
> where is the asterix leading? you work at Diaspora?
Diaspora* (with the asterisk) is the name of the project.
> So basically you claim that everything related to Facebook is evil. I disagree and billion naive sheep can back me up... Well, as we know history, this never happened and cars are here to stay. You see my point?
While I indeed think that Facebook and its business model do a lot of harm to people, I'm not saying the same about the idea of virtual social networks in general. I believe that Facebook has shown that the social network to be an essential service in the internet age, so, just like e-mail, it will be commoditized, with many different vendors with different offerings and different business model, will provide social network services all compatible with one another.
The article is appealing. I think it can become better by using several arguments in case privacy does not resonate with a reader (e.g. financially exploiting personal information, building stronger social relations, how other countries use facebook alternatively), and listing viable middle-ground solutions (using aliases on facebook).
Example Solutions
1.Dont use your real name
In Mexico, many people do not use their real names on Facebook partially because names (Jorge, Paula, Arturo, Pancho, Gomez, Ramirez, Rodriguez) are so common and using an alias makes it easier to find people.
2.Dont use your real information
I dont use my real info on facebook. My real friends should know my birthday and where I live.
3.Use privacy settings so strangers can not view your personal life.
I say this because, I quit facebook, then realized how popular it is as a form of communication these days for some demographic groups. I like letters and postcards, but I realize that's my preference
If you follow all 3 of those things, it would make it almost impossible for someone you just met to find you on FB. Unless you explain in person what your FB strategy is. Basically if you did all those things, at that point you might as well not use it at all. (I no longer have an account)
I follow a similar strategy; but for me, 98% of Facebook usage is keeping in touch with people I've known for years, but are geographically distant. They know my nickname, they know how to find me, and FB does in fact help us keep abreast of each others' lives pretty well. (Photos, life events, amusing anecdotes...)
On the very rare occasion I add someone new to Facebook (1/month max) it is not difficult to say "I'm on Facebook as Nickname. My work e-mail address is not connected, use specialized-address." It requires about a minute's out-of-band explanation, but so what? I have no interest in being friended by random strangers.
Yeah, well I always tell people I know how FB use their data etc., and they reply "but how does FB actually affect me??!?! I'm not a public person, I'm nobody! So what if I share all my family pictures?! FU! don't tell me about privacy, you paranoid!"
Four hundred thousand people have died in the Darfur genocide over the past nine years(1). It's not exactly something that shows up on cable news every night.
i think you wrong. it wasnt about "noticing" and besides if you notice what you are going to do? you can notice Wall street movement but did you and EVERYONE else joined?
during WW2 most countries were busy fighting or preparing to fight with aggressors.
on the other note, if you dont live in US but in one of country where abortion is illegal and assumed a human killing, you can notice 50,000 abortion done in China every day. Thats 15 million abortions a year, more than holocaust claimed. Do you see everyone "noticing" and doing something about it?
You have valid points with your abortion point in that it's very often about perception of right and wrong. But it looks like the U.S. at least didn't "know" until a year after they entered the war[1], but even when they did, it appears that they had reservations about acting on it[2] (ie, do you bomb Auschwitz and kill the current prisoners to prevent future prisoners from being gassed there?)
What about the opposite: I need to use Facebook for my job, but I would prefer to not even have an account. I hate Facebook, but am forced to use it, or switch jobs :(
I found it interesting Appelbaum was so concerned about the government intrusion and collecting of personal data, yet spends several paragraphs about all the regulating the government should do to keep people safe.
Unfortunately, you can't have it both ways. Either government is a part of it and you take your chances with the possibly they over-regulate and use the data for harmful purposes. Or, you just let free market economics handle it and keep the government out of it entirely.
No, you can, and often do have it both ways. I know Americans often treat their government as some kind of foreign entity, but in Europe and other places as well, people see the government as truly representing them. What you said sounds to me like, you can give parents control over their children and hope they don't abuse them, or you can let children retain control, but you can't have it both ways. Well, no. You can trust and demand the government to have the best interest of its citizens in mind, just like you can demand and trust that of parents. I realize that in some parts of the American political spectrum this sort of thing is hard to grasp, and I don't want to get into what is a peculiarly American political argument, but you should know that in most democratic countries people often view their own government very differently from Americans. They demand certain things of their government and can trust it to behave a certain way, and if it doesn't - they punish it.
In short: there is such a thing as good government (which, sadly, the American democratic party doesn't stress enough).
(As a European) I think it's an exaggeration to say it's a common view that the government truly represents them. However, there also isn't a shared faith that corporations will do the right thing automatically, or there is more cynicism about the 'free market'.
Me too, but I noticed the other day that you can only save your progress at Khan Academy if you sign it with either Google or Facebook. That stung. I don't want to sign up for a social network, just to save my progress on a math course.
I agree. I have always steered away from sites that require "facebook connect." I'm worried one day many more sites that I use daily require Facebook, which I don't use.
Um.. is this guy aware that the spec for PDF has been open for a long time? Using PDF isn't endorsing Adobe any more than using MP4 is endorsing the motion picture experts group.
If you really want to mess with those who choose to violate privacy and other laws whether its corporate idiot or your government..you will figure out that you can fake profiles and data attached to them..
You know how easy it is to fake meta data in a camera image?
The possibilities to make the FBI or CIA or some corporate private investigator look very stupid are endless..
Shall we play a game or two with them and expose their own stupidity? Why not?
It would be the perfect hack and best part non-one gets hurt but we do a great public service..
How about future credit checks based on your network of debt-ridden college friends? http://www.pcworld.com/article/246511/how_facebook_can_hurt_...
How about health insurance claims? http://www.cbc.ca/news/canada/montreal/story/2009/11/19/queb...
How about investigations? http://en.wikipedia.org/wiki/Use_of_social_network_websites_...
Skeptics will say "just don't do anything wrong and you'll be fine." But what about civil disobedience, like the Occupy movement? What about when the definition of "wrong" changes? What about when the information is used not to implicate you in something, but just learn more about your activities?
I think eventually this will become a big enough issue with some event (maybe a popular crime case in which the defendant is perceived to be innocent but FB data is used to implicate him/her) that the general public is appalled and will try to delete their data. But by then it'll be too late.