Facebook Finally Joins Google, Twitter & Microsoft With A Transparency Report; But Locks It Behind A Registration Wall

from the not-so-transparent dept

Over the years, we've been happy to see Google launch and then continue to expand its "Transparency Report," highlighting both government and private attempts to censor content or get information on users. Given how successful that's been, Twitter and Microsoft have joined in as well, with similar transparency reports.

In fact, there's been an ongoing argument between these tech companies and the DOJ, seeking permission to be able to include more data concerning FISA court orders to their transparency reports in order to be more transparent and complete -- something we'd hope the government should want, but so far, has been fighting.

The latest entrant is Facebook, who has finally released a transparency report covering government requests for data (so, no info on other types of requests, such as copyright takedowns). The report shows that Facebook is certainly rejecting a decent number of requests that it feels are inappropriate. It also shows the data on the US using "ranges" (unlike every other country). So, for the US, they note that there were between 11,000 and 12,000 requests, impacting 20,000 to 21,000 accounts (and they complied with 79% of the requests). The use of ranges is consistent with Google, Twitter and Microsoft's reports, where the government has only allowed such reports to include data on national security letters if there was a range given. This is stupid and petty by the DOJ. Having the exact aggregate number of requests -- which might include other kinds of warrants/subpoenas as well as NSLs or FISC orders -- isn't going to reveal anything dangerous.

What's interesting is that the included FAQ insists that this report "contains every request for user data we received for the first six months of 2013." If that's true then that suggests that Facebook is including FISC orders as well as NSLs. However, other companies, like Google and Microsoft have indicated that they haven't been allowed to include FISC orders, which are often under gag orders.

Oddly, and for no clear reason, Facebook put the "transparency" report behind its registration wall -- meaning that you can't see it if you're not a Facebook member or if you're not logged in. That doesn't seem very transparent, frankly. Perhaps Facebook's legal team is similarly confused about Facebook's own privacy settings, and forgot to set this page to be shareable with "the public." Thankfully, there is a screenshot of the page so you can check it out:
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: government data, requests for information, transparency report
Companies: facebook, google, microsoft, twitter


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Atul Arora, 27 Aug 2013 @ 8:33pm

    link to this | view in chronology ]

  • icon
    Arthur Moore (profile), 27 Aug 2013 @ 8:56pm

    Facebook Privacy

    Facebook constantly updates their UI, so how the privacy settings are set changes every couple of months. What's worse, they had a nasty habit of resetting the privacy stuff to the default.

    I share things with friends that at worst might be mildly embarrassing if an employer could see them, but that's it. If I don't need a security clearance, then there's no reason for anyone not on my allow list to have access to the data. Sadly, I can't trust that the settings won't get changed without me knowing it.

    This is Facebook's big hurdle. People are realizing that Facebook is not inherently private, so they're self censoring. That decreases the value of the website, and turns people to things like snapchat.

    Given the importance of user trust to a site like Facebook, I'm surprised by them walling this report off. Then again, it is Facebook....

    link to this | view in chronology ]

  • icon
    Wally (profile), 27 Aug 2013 @ 10:38pm

    Bugmenot....

    ....is a website I use to keep my anonymity when a simple registration is required to do a download or see an image. Porn sites and ROM sites are typically blocked but it is quite functional and all you have to do is provide a user name and password to a website you registered to to allow others to log in on so they don't have to register.


    So for this transparency report that requires registration for use, just register once and then provide the user name and password to Bugmenot.

    link to this | view in chronology ]

    • icon
      PaulT (profile), 28 Aug 2013 @ 1:31am

      Re: Bugmenot....

      A reasonable suggestion but sadly not one that will work in this case. Searching for Facebook on bugmenot gets you the following message:

      "SITE BLOCKED
      This site has been barred from the bugmenot system."

      One workaround is to create a fake account yourself. Use a disposable email account to reply to the automated email, and you can set up a Facebook (or any other) account with fake details without compromising your privacy.

      Either way, this doesn't excuse Facebook from locking up a supposed transparency report, especially since their own privacy settings would allow it to be visible by non-users of their site. It's either an oversight, or an attempt to keep track of who's looking at this data.

      link to this | view in chronology ]

      • icon
        Wally (profile), 28 Aug 2013 @ 5:30am

        Re: Re: Bugmenot....

        "One workaround is to create a fake account yourself. Use a disposable email account to reply to the automated email, and you can set up a Facebook (or any other) account with fake details without compromising your privacy."

        Ah I hadn't known that. Thing is that even as a FaceBook user, I hadn't quite found where to get it. I assumed that the report had to with just registering for getting to the report. One thing is for sure, if the reports are individualized, then I really cannot complain about the idea of logging into FaceBook to get it.

        link to this | view in chronology ]

  • identicon
    horse with no name, 27 Aug 2013 @ 11:22pm

    Seems normal

    If anything, I would say that the number of requests here are pretty low. Remember, 12,000 requests (where more than 100 million people are members) seems like a low ratio, and appears to be in keeping with normal policing levels. I can imagine that those requests are for everything including missing teens, the obviously stupid drug dealers that post pics on facebook, and so on.

    It doesn't seem to be a very big issue. That the transparency is behind a basic login doesn't seem to be a big issue either, considering that the people impacted by these actions would be able to see the report without issue. Your comment on it seems to be whining for the sake of whining, not an actual complaint that means anything.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Aug 2013 @ 12:23pm

      Re: Seems normal

      There is something to be said about transparency and what it entails. Also, since non-members could be seen as potential customers it would stand to reason that wider transparency would have a positive effect given Facebooks past of excruciatingly bad privacy policies (to the point of non-existent) and lack of cooperation with, well, users, policy makers and companies. Since a review-process at least points to some cooperation with users and policy makers it would go a long way to improve reputation.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 12:13am

    Never been part of Facebook, sure not been encouraged over the years to join. I promise you that this little tidbit is not going to make me suddenly change my mind. I've heard enough of the privacy nightmares involving Facebook to ensure I will never sign up.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 1:50am

    A facebook employee posted this reply on HN:
    I'm a software engineer at Facebook. Requiring login for this page was a simple oversight and should be fixed sometime this evening California time. Sorry for the confusion.
    In the meantime, here's a screenshot so you can see it without logging in: http://i.imgur.com/025M2E6.png
    The webpage does not require any login now.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Aug 2013 @ 5:28am

      Re:

      In other words, Facebook couldn't figure out their own privacy settings.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 2:50am

    like all good little megalomaniacs, this gives Facebook the upper hand, the control, that it has wanted and got from people. it's also a damn good reason to never use it!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 4:31am

    This "report" is a farce, a lie, and a fabrication

    Facebook has absolutely no idea where its victims' information has gone. It's simply pretending here that it actually can keep track and that it actually has produced a document which accurately reflects reality.

    That's not just wrong, it's insanely wrong. Facebook has gone through one massive security breach after another in an unbroken succession that reaches back to its inception. (And those are simply the ones we know about. Every competent security professional knows that for every public-known incident, there are many more that will never surface.) Facebook has also self-inflicted security issues due to its relentless pursuit of its only goal: selling users' privacy for profit. And given Facebook's blindingly obvious lack of internal controls, there is no doubt whatsoever that numerous Facebook employees have helped themselves to as much data as they can exfiltrate.

    A few -- and I emphasize, a few examples:

    http://blog.washingtonpost.com/securityfix/2008/02/hackers_exploiting_facebook_my.html
    http://www.yvoschaap.com/index.php/weblog/facebook_myspace_accounts_hijacked/
    http://www.abc.net.a u/news/stories/2010/04/30/2886463.htm
    http://www.itworld.com/security/211289/facebooks-url-scanner- vulnerable-cloaking-attacks
    http://www.nirgoldshlager.com/2013/02/how-i-hacked-facebook-oauth-to-ge t-full.html
    http://www.pcworld.com/article/id,140182-c,onlineprivacy/article.html
    http://mattmckeo n.com/facebook-privacy/
    http://online.wsj.com/article/SB10001424052748704513104575256701215465596.h tml
    http://www.skullsecurity.org/blog/?p=887
    http://www.theregister.co.uk/2011/05/10/facebook_user _credentials_leaked/
    http://www.itworld.com/it-managementstrategy/198069/facebooks-new-privacy-cont rols-still-broken
    http://gizmodo.com/5922836/is-the-facebook-email-fiasco-worse-than-we-all-thought
    http://yro.slashdot.org/story/12/05/08/154221/facebook-spammers-make-20m-get-100k-fine
    http://www .net-security.org/malware_news.php?id=898
    http://www.firstpost.com/tech/facebook-finally-admits-to- tracking-non-users-133684.html
    http://www.theregister.co.uk/2013/02/15/facebook_hacked/

    The pathological liars at Facebook are simply hoping that the clueless, naive and stupid will accept this "report" at face value. It's a cynical stunt calculated to assuage the concerns of anyone dumb enough to fall for it, and it has ABSOLUTELY no connection to reality whatsoever.

    So what is "reality" in this case? It appears obvious on inspection that Facebook is knowingly providing a complete feed of all data to the USG, and probably unknowingly providing a significant subset of that to anyone who can exploit the Facebook gaping-security-hole-of-the-month.

    After all, why not? Zuckerberg has long since proven that he's willing to sell to anybody with cash-in-hand: why wouldn't he provide a feed to the USG in exchange for money? What possible reason could he have to say "no"?

    link to this | view in chronology ]

  • identicon
    Shon Gale, 28 Aug 2013 @ 6:35am

    I mean really, are you guys still using Facebook? I love it! A rich guy from Harvard who has never related to a normal person one day in his life knows what the world wants? Cool! and I believe in the tooth fairy too.
    When is a real person from a real garage that has real people hanging out in it going to write a decent program to let me do it socially?
    Facebook sucks and after October 1st Google is going to suck. You will locked into your timeline with tons of targeted ads that have been culled from every other site you ever went to. Yuccccchhhhh.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 8:04am

    "and they complied with 79% of the requests"

    If they can get away with not replying to 21% of request why can't they get away with not replying to any of them.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Aug 2013 @ 1:58pm

    what?

    link to this | view in chronology ]

  • identicon
    wasim, 10 Nov 2013 @ 9:46am

    2345678

    my name wasim i live bwp

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.