Facebook Derangement Syndrome: Don't Blame Facebook For Company Scraping Public Info
from the it's-public-info dept
Earlier this month I talked a little bit about "Facebook Derangement Syndrome" in which the company, which has real and serious issues, is getting blamed for other stuff. It's fun to take potshots at Facebook, and we can talk all we want about the actual problems Facebook has (specifically its half-hearted attempts at transparency and user control), but accusing the company of all sorts of things that are not actually a problem doesn't help. It actually makes it that much harder to fix things.
The latest case in point. Zack Whittaker, who is one of the absolute best cybersecurity reporters out there, had a story up recently on ZDNet about a data mining firm called Localblox, that was pulling all sorts of info to create profiles on people... leaking 48 million profiles by failing to secure an Amazon S3 instance (like so many such Amazon AWS leaks, this one was spotted by Chris Vickery at Upgard, who seems to spot leaks from open S3 instances on weekly basis).
There is a story here and Whittaker's coverage of it is good and thorough. But the story is in Localblox's crap security (though the company has tried to claim that most of those profiles were fake and just for testing). However, many people are using the story... to attack Facebook. Digital Trends claims that this story is "the latest nightmare for Facebook." Twitter users were out in force blaming Facebook.
But, if you look at the details, this is just Facebook Derangement Syndrome all over again. Localblox built up its data via a variety of means, but the Facebook data was apparently scraped. That is, it used its computers to scrape public information from Facebook accounts (and Twitter, LinkedIn, Zillow, elsewhere) and then combined that with other data, including voter rolls (public!) and other data brokers, to build more complete profiles. Now, it's perfectly reasonable to point out that combining all of this data can raise some privacy issues -- but, again, that's a Localblox issue if there's a real issue there, rather than a Facebook one.
And, this is clearly the kind of thing that Facebook actively tries to prevent. Remember, as we've covered, the company went on a legal crusade against another scraper company, Power.com, using the CFAA to effectively kill that company's useful service.
Here's why this kind of thing matters: if you blame Facebook for this kind of thing, then you actively encourage Facebook to go out of its way to block scraping or other efforts to free up user data. That means, it ends up giving Facebook more control over user data. Allowing scrapers of public info (again, the fact that this is public info is important) could actually limit Facebook's powers, and enable other companies to pop up and make use of the data inside Facebook to build other (competing) services. The ability to scrape Facebook would allow third parties to build tools to give users more control over their Facebook accounts.
But when we look on scraping of public info as somehow a "breach" of Facebook (which, again, is separate from the messed up nature of Localblox leaking data itself), we're pushing everyone towards a world where Facebook has more control, more dominance and less competition. And that should be the last thing that anyone (outside of Facebook) wants.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: chris vickery, data collectors, facebook derangement syndrome, public info, scraping
Companies: facebook, localblox, upgard
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Also,being all in one, Facebook makes it hard to keep public postings and stuff that should be limited to friends or family separate.
[ link to this | view in chronology ]
Re:
The problem with that argument is that Facebook has a history of widening their view of what is considered private. Data that was marked as private got automatically moved to public without any user interaction or consent. Or when they mechanically converted natural-language profile descriptions to advertiser friendly page likes. Through deception and psychological manipulation and UI/UX dark patterns, Facebook has made a mockery of informed consent, which is what user control depends on. With the personal information of over 2 billion Facebook's responsibility can't be written off so easily.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Facebook DEFENSE Syndrome! -- It already has TOTAL control!
How could ANY measures that it takes against scraping result in MORE?
And since FOR SCRAPING, then tell me how MORE companies having your info is good?
By the way, NO, I won't be surprised if all this flap does is actually give Facebook and Google MORE control! Like the Snowden revelations, it's just getting people accustomed to HOW MUCH these supra-national surveillance corporation ALREADY HAVE.
[ link to this | view in chronology ]
Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
monopolies! MPAA! RIAA! Copyright! Patents!
Just to give you kids more reasons to censor my comments. Have at it! -- You're welcome!
[ link to this | view in chronology ]
Re: Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
[ link to this | view in chronology ]
Re: Re: Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
[ link to this | view in chronology ]
Re: Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
[ link to this | view in chronology ]
Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
There's a real horse and barn problem: once the data is public, it's forever public, and there's no real in-between. Once it goes on the internet for my "friends" to read, well, can I really expect them all not to go blabbing about my latest whatever??? Can I honestly expect *any* company not to be hacked?
Can I really expect my employer not to search those public records with my mortgage and all my traffic tickets and even more lurid details like my credit reports?
It's not the way my current friends or employer operate, but now it easily could be.
Secrets are getting very hard to keep secret!
Scraping public data is, well, google and every search engine I can think of, and I just can't see banning search engines! And once Facebook has the data, yes, I'd rather let Switter or something I have more trust in pull it off so I can easily go down the street.
[ link to this | view in chronology ]
Re: Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
Wanna keep a secret?
Do not put it on the web
[ link to this | view in chronology ]
Re: Re: Re: Facebook DEFENSE Syndrome! -- It already has TOTAL control!
[ link to this | view in chronology ]
a critic turned apologist
Probably the only time I've ever gotten a rebuke from Mike Masnick in the comment section was when I criticised Zuckerberg (and I've said much worse things about most everyone else under the sun) so it's always made me wonder why Mike Masnick has such a soft spot for Zuckerberg that practically no one else in his position ever gets blessed with.
-- just an impression, and I hope I'm wrong.
[ link to this | view in chronology ]
Re: a critic turned apologist
If you could, point to the part of the article that's defending FB beyond 'this is something some other party is doing, so blaming FB is going after the wrong party'.
It's not defending FB to argue that there are plenty of things they do engage in that are worthy of blame, so blaming them for things that they aren't doing is a waste of time and even has the potential to give them even more power if they respond a certain way.
[ link to this | view in chronology ]
Re: a critic turned apologist
All this time I was lead to believe that Mike liked Google, and now I find out it is actually Facebook???????
Always outta tha loop
[ link to this | view in chronology ]
That is some seriously tortured logic. Making user data publicly available without explicit authorization is not a feature, it's a data breach.
[ link to this | view in chronology ]
Re:
If you consider that a facebook customer might be a corporation HR dept looking for dirt on employees then maybe making everything available for a fee is actually a feature of their product - no?
And guess what ... you have a FB account filled with data even if you did not create one.
[ link to this | view in chronology ]
Re:
But that's not what the quoted sentence is saying.
You're talking about making private data public, which is obviously and unquestionably bad.
Mike is talking about scraping public data, in other words, stuff that people have already allowed the world to see (or have been tricked by FB into allowing, but that's a different discussion). This can be argued as both bad and good, depending on where on the USA-Europe scale of privacy you stand on, but it is not a data breach.
[ link to this | view in chronology ]
Wouldn't their risk department have flagged that this data can be used for election rigging years ago - and yet they are still running the program.
Facebook is an intolerable threat and needs to be hobbled ASAP. The "deranged" attacks are hardly suprising.
https://www.theguardian.com/technology/2018/apr/15/facebook-says-it-voter-button-is-good-f or-turn-but-should-the-tech-giant-be-nudging-us-at-all
[ link to this | view in chronology ]
[ link to this | view in chronology ]
BTW I find it amusing to note that on a thread about data and facebook there are 4 Google scripts that are blocked by No Script.
[ link to this | view in chronology ]
Re:
Well, that would be fine and dandy if they did not scrap together a profile for you even though you have not created an account.
Can't blame someone for things they did not actually do ... but many still try.
[ link to this | view in chronology ]