Facebook Privacy Report from The New York Times

As Facebook is upending the journalism industry, the New York Times is continues their campaign of exposing Facebook’s questionable data use.

Summary from The Download via the MIT Technology Review

https://www.technologyreview.com/the-download/612642/facebook-gave-more-than-150-companies-special-access-to-your-data/

NYT’s tl;dr of their report

https://www.nytimes.com/2018/12/18/us/politics/facebook-data-sharing-deals.html

While it is true that Facebook hasn’t sold users’ data, for years it has struck deals to share the information with dozens of Silicon Valley companies. These partners were given more intrusive access to user data than Facebook has ever disclosed. In turn, the deals helped Facebook bring in new users, encourage them to use the social network more often, and drive up advertising revenue.

Facebook Data Sharing Details

NY Times on Facebook and their partners

https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html

Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages.
The social network permitted Amazon to obtain users’ names and contact information through their friends, and it let Yahoo view streams of friends’ posts as recently as this summer, despite public statements that it had stopped that type of sharing years earlier.

. . .

Facebook, in turn, used contact lists from the partners, including Amazon, Yahoo and the Chinese company Huawei — which has been flagged as a security threat by American intelligence officials — to gain deeper insight into people’s relationships and suggest more connections, the records show.

. . .

Facebook also allowed Spotify, Netflix and the Royal Bank of Canada to read, write and delete users’ private messages, and to see all participants on a thread — privileges that appeared to go beyond what the companies needed to integrate Facebook into their systems, the records show… A spokesman for Netflix said Wednesday that it had used the access only to enable customers to recommend TV shows and movies to their friends.

Facebook Privacy

So by signing in to Spotify with your Facebook account, Spotify has the ability to read all your private Facebook messages.

Facebook empowered Apple to hide from Facebook users all indicators that its devices were asking for data. Apple devices also had access to the contact numbers and calendar entries of people who had changed their account settings to disable all sharing, the records show.

Facebook Privacy

This confusing two sentences reiterates, facebook does not sell user data. Instead, it uses a loophole to sell access to Facebook owned data:

Facebook has never sold its user data, fearful of user backlash and wary of handing would-be competitors a way to duplicate its most prized asset. Instead, internal documents show, it did the next best thing: granting other companies access to parts of the social network in ways that advanced its own interests.

Facebook Privacy

This is not the first time Facebook’s data sharing practices have drawn scrutiny:

In late 2009, it changed the privacy settings of the 400 million people then using the service, making some of their information accessible to all of the internet. Then it shared that information, including users’ locations and religious and political leanings, with Microsoft and other partners.

Facebook called this “instant personalization” and promoted it as a step toward a better internet, where other companies would use the information to customize what people saw on sites like Bing. But the feature drew complaints from privacy advocates and many Facebook users that the social network had shared the information without permission.

. . .

In 2014, Facebook ended instant personalization and walled off access to friends’ information. But in a previously unreported agreement, the social network’s engineers continued allowing Bing; Pandora, the music streaming service; and Rotten Tomatoes, the movie and television review site, access to much of the data they had gotten for the discontinued feature. Bing had access to the information through last year, the records show, and the two other companies did as of late summer, according to tests by The Times.

. . .

Microsoft officials said that Bing was using the data to build profiles of Facebook users on Microsoft servers. They declined to provide details, other than to say the information was used in “feature development” and not for advertising. Microsoft has since deleted the data, the officials said.

Facebook Privacy

More examples of how Facebook shared your data, from NY Times

https://www.nytimes.com/2018/12/19/technology/facebook-data-sharing.html

Facebook’s response

https://newsroom.fb.com/news/2018/12/facebooks-partners/

We’ve been public about these features and partnerships over the years because we wanted people to actually use them – and many people did. They were discussed, reviewed, and scrutinized by a wide variety of journalists and privacy advocates.

But most of these features are now gone. We shut down instant personalization, which powered Bing’s features, in 2014 and we wound down our partnerships with device and platform companies months ago, following an announcement in April. Still, we recognize that we’ve needed tighter management over how partners and developers can access information using our APIs. We’re already in the process of reviewing all our APIs and the partners who can access them.

. . .

We’ve shut down nearly all of these partnerships over the past several months, except with Amazon and Apple, which people continue to find useful and which are covered by active contracts; Tobii, an integration that enables people with ALS to access Facebook; and browser notifications for people who use Alibaba, Mozilla and Opera.

Facebook’s Partners

Facts About Facebook’s Messaging Partnerships

https://newsroom.fb.com/news/2018/12/facebooks-messaging-partnerships/

People could message their friends about what they were listening to on Spotify or watching on Netflix, share folders on Dropbox, or get receipts from money transfers through the Royal Bank of Canada app. These experiences were publicly discussed. And they were clear to users and only available when people logged into these services with Facebook. However, they were experimental and have now been shut down for nearly three years.

. . .

No third party was reading your private messages, or writing messages to your friends without your permission. Many news stories imply we were shipping over private messages to partners, which is not correct.

Facebook’s Messaging Partnerships

Op Ed from the New Yorker

https://www.newyorker.com/news/daily-comment/how-much-trust-can-facebook-afford-to-lose

But the case reflects a fundamental problem: Facebook was so determined to grow, and to cement the commercial partnerships that would help it grow, that it didn’t pause to build tools that could parcel out narrow slices of information.
. . .
‘Trust is the willingness to accept vulnerability. In a personal relationship, it is the willingness to self-disclose and be honest. For Facebook, it is the very willingness of the informed to participate in their platform.’

How Much Trust Can Facebook Afford to Lose

Google transferred ownership of Duck.com to DuckDuckGo

This made quite the ruffle today when Google transferred the domain duck.com to the privacy focused search engine DuckDuckGo.

Google’s ownership of Duck.com was previously a source of frustration for DuckDuckGo, when it would redirect users to Google’s rival homepage instead of DuckDuckGo. Google kindly tried to clear up this confusion in July by adding a DuckDuckGo link to the page. Visiting Duck.com now redirects users straight to DuckDuckGo.

via The Verge

The best part is the previous page for duck.com

Please note that On2 was previously called the Duck Corporation. So if you typed Duck.com, you are redirected to On2.com:

  • If you meant to visit ducks.com, click here. Note that it redirects to Bass Pro Shops.
  • If you meant to visit the search engine DuckDuckGo, click here.
  • If you want to learn more about ducks on Wikipedia, click here.

Also on Hacker News and Twitter:

Search away

🦆

Location Data Privacy in Apps

The New York Times released a report (with some fancy graphics) detailing location data use by apps for advertising, outside the main purpose of the app. Only 10 apps were covered in depth, but the findings reveal how some advertising companies aggregate location data from apps.

At least 75 companies receive anonymous, precise location data from apps whose users enable location services to get local news and weather or other information, The Times found. Several of those businesses claim to track up to 200 million mobile devices in the United States — about half those in use last year. The database reviewed by The Times — a sample of information gathered in 2017 and held by one company — reveals people’s travels in startling detail, accurate to within a few yards and in some cases updated more than 14,000 times a day.

[Learn how to stop apps from tracking your location.]

An app may tell users that granting access to their location will help them get traffic information, but not mention that the data will be shared and sold. That disclosure is often buried in a vague privacy policy.

via NY Times

Remember, even with location services disabled, apps and websites and still track your approximate location.

The Times app did not request precise location data and did not send it. It sent location data to several companies based on an IP address that placed the device elsewhere within the city.

via NY Times

IP based location tracking came up during the Facebook Congressional hearings and is a way Google can personalize search results when logged out or in private browsing windows. And don’t forget Google’s “Location History” and “Web and App Activity both cover location services.

The most unnerving finding of the report is how apps hide code that exports your location to advertisers behind opaque privacy policies.

Frequently, location data companies make packages of code that collect phones’ whereabouts. Developers who add this code to their apps can get paid for location-targeted ads, or earn money for providing the location data, or get free mapping or other services for their apps.

via NY Times

If we can’t communicate use of location with transparency, what will happen when biometric and facial recognition technologies are embedded in every camera and device:

“people deserve to know when [facial recognition] technology is being used, so they can ask questions and exercise some choice in the matter if they wish. Indeed, we believe this type of transparency is vital for building public knowledge and confidence in this technology. New legislation can provide for this in a straightforward approach:

  • Ensuring notice. The law should require that entities that use facial recognition to identify consumers place conspicuous notice that clearly conveys that these services are being used.
    Clarifying consent.The law should specify that consumers consent to the use of facial recognition services when they enter premises or proceed to use online services that have this type of clear notice.”
  • via Facial recognition: It’s time for action
  • What the Marriott Breach Says About Security

    Your personal data is already stolen. Here’s what you need to be doing:

    via Krebs on Security

     

    Twitter’s Important Updates

    I opened Twitter today and was welcomed with a message about their updated Terms of Service and Privacy policy in time for GDPR.

    Twitter is updating its Terms of Service and Privacy Policy to provide you with even more transparency into the data Twitter collects about you, how it’s used, and the controls you have over your personal data. These updates will take effect on May 25, 2018

    Anyway, here’s the update and additional policy information for Twitter and Facebook.

    What we learned from Facebook this week

    A puppy. This is why people use Facebook, right?
    For all the talk with Facebook CEO Mark Zuckerberg in the US Senate and House this week, there was very little surprising content. We give consent to use the Facebook service, we upload images, write posts, and like articles. We have control at every step of our interaction to decide how much to share with Facebook and what we give the company is exactly what is given back to us in the data archive download tool. It’s shocking to see every interaction you’ve ever made on Facebook in one place, but there is nothing here we don’t expect. There is no post we didn’t make or image we didn’t take. Facebook remembers what we do on the service as long as we have an account.

    But that doesn’t mean everything from the last week was old information.

    What was clarified?

    An important point Zuckerberg reiterated is that Facebook does not sell user data. This would be a silly business move because Facebook’s value to advertisers is in the uniqueness of its data. It is in Facebook’s best interests to keep it’s trove of data secure, as it requires advertisers to keep coming back. There’s no other place advertisers can go to get the same level of targeting.

    Instead of selling data, Facebook actually collects all the details from every person “in the community” and compiles the best advertising opportunity for a given ad. Facebook assures advertisers their ad placement will reach the intended audience with the greatest possibility of interaction. It is this assurance that gives Facebook it’s gazillion dollar market cap.

    The Cambridge Analytica case was different, but still Facebook never sold data. Instead, Cambridge Analytica got raw Facebook user data from an app developer who used a survey app to harvest data. In 2014, it was within Facebook terms for a 3rd party app developer to use the Facebook developer platform to collect just about all the information about you and all your friends ever entered onto the site.

    Listen to Exponent episode 146 “Facebooks Real Mistake” (link at the end) for background on how Facebook’s past push to be a platform landed the company in this situation. The takeaway? Had Facebook realized it’s value as an ad network, the company would never have given the same level of data access in the first place.

    This is why the current Facebook fiasco is not a data security breach, but a data privacy leak. Hackers did not break into Facebook systems to obtain user data, but a developer (which could have been anyone) used Facebook sanctioned tools to collect your information. Facebook has since locked down it’s platform to prevent such unrestricted access to user data, but it does not change the fact that massive amounts of user data left the platform seemingly without consent of its users. And yes, it’s true that by signing up you agreed to the terms that allowed developers to leverage the wide open API to gather profile information, but did you really know that was part of the agreement?

    What was surprising and novel?

    Did you check if your info was collected by Cambridge Analytica? Go ahead, I’ll wait ⌚😊

    After you’ve read through your activity log and exported your data, take a minute and think about what stands out from the content (I think this tinfoil hat scandal is all a ploy to get us to go on Facebook even more. Feel free to finish reading in the meantime, the export takes a while). Once you get to the details, you can see the majority of the information came from you, but there is a small subset which reveals the inner working of the Facebook machine.

    To put things in perspective, focus on your ad preferences and take a look at your ad demographics information. This is a window to the 9698 categories from the Senate hearing. Advertiser demographic is the result of running all our interactions on Facebook through a proprietary algorithm. Of all the information in the data archive, this piece is novel. We didn’t explicitly tell Facebook this information, but they determined it based on what we’ve done on the site.

    This is why the Facebook hearing this week is only the tip of the iceberg. If we are concerned that Cambridge Analytica could sway an election with a slice of our data, what kind of power does Facebook have? Sure we didn’t entrust Cambridge Analytica with our data, but why does opting into a puppy video sharing service change our perception of possible psychological manipulation?

    What does Facebook do with all our data? And what can they do?

    We need greater transparency on how our data is used. I can control and know what I upload, but what happens with the data “I own” once it’s handed over?

    When I upload a photo to Facebook, what algorithms are tuned as a result? How does the content of the photo affect ads I see?

    WhatsApp communication is encrypted, so it’s private between those in the conversation, but in what way does Facebook link my WhatsApp, Instagram, Facebook accounts? I’ve logged into all three on the same device so they must know it’s the same person (even though I signed up for all three as separate users).

    And what about activity coming from the same IP address or GPS location? Does Facebook correlate data of those physically closest to me, outside of our connections on it’s services? What about when I’m on Facebook but signed out?

    The consumer facing fun part seems like a front for the stingy advertising business on the back end. What is the difference between the two? It’s telling that Zuckerberg doesn’t fully understand the difference (from questioning by Brian Schatz). From Facebook’s perspective, the “fun part” is the user feature set that drives advertising revenue. It’s the top of the funnel for all of Facebook’s algorithms and drives the companies valuation.

    For a platform that relies on its users to generate value, the company doesn’t provide much information to said users on how the internal cogs work. Perhaps it’s best to be blissfully unaware, or maybe it’s not a requirement, but when 2 billion people feel like the product and not the customer, it’s reasonable for them to want a little more information on how they’re being used.

    And if this is Facebook, what about Google? (You can also export Google data)

    What can you do to stay in control?

    1. Adjust log-in behavior to prevent future data leaks
    2. Check permissions when using Facebook (or Google or any over service) to sign up for a new site. To keep the same convenience, sign up for a password manager like Dashlane or LastPass which can generate and remember a new login for each site you visit. This adds a layer of security to your accounts and removes the possibility of another Cambridge Analytica style data leak.
    3. Prevent cross site tracking
    4. Use a separate browser just for Facebook. Only log in to Facebook on that browser and do all your other web stuff in another. Or use extensions like Ghostery (which also tracks your trackers, so maybe just turn off the internet for the day…) or the Facebook Container for Firefox.
    5. Limit sharing data
    6. Just use Facebook less? Deactivate for a week and see how you feel. You can always reactivate.
      Go old school and use an rss reader.
      Stick with iMessage/FaceTime.
      This is always an option.

    All sorts of links

    Video of Zuckerberg’s Senate hearing (transcript) and appearance before House committee (transcript)
    Day 2 from MIT Technology Review
    What was Facebook Thinking by James Allworth
    The Facebook Current and The Facebook Brand from Stratechery
    Facebook and Cambridge Analytica Explained from NYTimes
    Facebook’s Real Mistake and Facebook Fatigue from Exponent Podcast
    Mark Zuckerberg is Either Ignorant or Deliberately Misleading Congress from The Intercept
    Mark Zuckerberg on Facebook’s hardest year, and what comes next from Vox
    What is GDPR?
    General Data Protection Regulation
    Coachella streams 1, 2, and 3