Facebook's Privacy Problems Are Piling Up Too Quickly To Chronicle
from the own-worst-enemy dept
Another day, another Facebook privacy mess. Actually, this one is a few different privacy messes that we'll roll up into a single post because, honestly, who can keep track of them all these days? While we've noted that the media is frequently guilty of exaggerating or misunderstanding certain claims about Facebook and privacy, Facebook does continue to do a really, really awful job concerning how it handles privacy and its transparency about these things with its users. And that's a problem that comes from the executive team, who still doesn't seem to fully comprehend what a mess they have on their hands.
The latest flaps both involve questionable behavior targeted at younger Facebook users. First there's a followup on a story we wrote about a few weeks ago, involving internal Facebook documents showing staffers gleefully refusing to refund money spent unwittingly by kids on games on the Facebook platform. Reveal, from the Center for Investigative Reporting, who broke that story, also had a much more detailed and much more damning followup, about how Facebook was clearly knowingly duping young children out of their parents' money.
Facebook encouraged game developers to let children spend money without their parents’ permission – something the social media giant called “friendly fraud” – in an effort to maximize revenues, according to a document detailing the company’s game strategy.
Sometimes the children did not even know they were spending money, according to another internal Facebook report. Facebook employees knew this. Their own reports showed underage users did not realize their parents’ credit cards were connected to their Facebook accounts and they were spending real money in the games, according to the unsealed documents.
For years, the company ignored warnings from its own employees that it was bamboozling children.
A team of Facebook employees even developed a method that would have reduced the problem of children being hoodwinked into spending money, but the company did not implement it, and instead told game developers that the social media giant was focused on maximizing revenues.
Yes, they not only called it "friendly fraud," but in an internal memo, they explained "why you shouldn't try to block it" (i.e., why you should let game developers scam kids out of their parents' money).
This reminds me so much of the early days of adware scammers, who pulled similar kinds of stunts -- and it's incredible to think that Facebook, which presented itself as a squeaky clean alternative to the open web where those kinds of scams piled up, was basically doing the same thing on a much larger scale. The Reveal article has much more on this, and is worth reading in full to see how the focus on revenue had the company deliberately look the other way as it scooped up cash from kids.
But rather than focus on that, we already need to move on to the more recent Facebook privacy scandal, which also (partially) involves kids. Last summer, we wrote about how Apple had booted Facebook's Onavo app from its app store. Facebook had marketed it as a privacy protecting "VPN," but it was really pretty blatant spyware. Indeed, late last year when yet another Facebook privacy scandal broke, it was revealed that Facebook had been using Onavo data to determine what competitive apps were most popular -- including giving it ideas on what apps to buy or (much more damning) what apps to hinder or block from Facebook.
Apparently, even having Apple boot the app didn't give Facebook the idea that maybe this spyware was going a bit too far. Instead, it now appears that Facebook "pivoted" into paying teens to install Onavo on iPhones in a way that routed around Apple's App Store blocks, by saying it was a part of "Facebook Research." And they hid this from Apple by using third party "beta testing" services:
The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.
Facebook appears to have desperately wanted all of this data, if it was willing to go these lengths even after Apple had booted Onavo. After TechCrunch broke this story, Facebook claimed that it would stop that program on iPhones, while Apple claims it banned the app before Facebook itself could pull it.
For years, people like Jaron Lanier have argued that Facebook should pay its users for all the data they get -- but I think even people who wanted payment would balk a bit at how much access people were giving in exchange for $20/month in gift cards.
“By installing the software, you’re giving our client permission to collect data from your phone that will help them understand how you browse the internet, and how you use the features in the apps you’ve installed . . . This means you’re letting our client collect information such as which apps are on your phone, how and when you use them, data about your activities and content within those apps, as well as how other people interact with you or your content within those apps. You are also letting our client collect information about your internet browsing activity (including the websites you visit and data that is exchanged between your device and those websites) and your use of other online services. There are some instances when our client will collect this information even where the app uses encryption, or from within secure browser sessions.”
And, of course, the setup required you to keep the app running and spying on everything if you wanted to keep getting paid.
Facebook, in response to the TechCrunch story, did its standard PR tap dance, insisting that they weren't hiding anything (Apple's response suggests otherwise, as does the fact that Facebook specifically used these 3rd party services). But, once again, like with so many other Facebook privacy scandals, the reason why so many people get upset about this is because they were not open and transparent about what was going on, and that's why it's so surprising to everyone.
The only "good" news is that on the same day all of this came out, it was announced that Facebook has just hired two of its biggest privacy critics to work on privacy issues at the company: EFF's Nate Cardozo and Open Technology Institute's Robyn Greene (*Disclosure: I know both Nate and Robyn, and Nate did, very helpfully, represent us on one issue while he was at EFF.) I know some may cynically see this as Facebook trying to co-opt some of its critics, but both Nate and Robyn have incredibly strong track records on privacy, including being vocally critical of Facebook and its policies. Hopefully this is a sign that the company is actually taking these issues seriously (better a decade too late than never).
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: apps, friendly fraud, kids, onavo, privacy, research, vpn
Companies: facebook
Reader Comments
Subscribe: RSS
View by: Time | Thread
Oh, do TRY! -- "better a decade too late than never"!
You too have been remiss for last decade on criticizing this globalist data mining front, and even here haven't gotten anywhere near Facebook's real invasions / selling of privacy. You only bring it up after has been okayed in "mainstream" press.
And of course your main position is that it's "voluntarily" in exchange for "service", while claiming that like other "platforms" it can arbitrarily control users -- let me quote and link you:
"And, I think it's fairly important to state that these platforms have their own First Amendment rights, which allow them to deny service to anyone."
https://www.techdirt.com/articles/20170825/01300738081/nazis-internet-policing-content -free-speech.shtml
Clearly, as this story shows, if those "platforms" are left unaccountable and operating in secret, besides such huge scale, then they're not going to stop at ANY point. So long as they can come up with ideas to invade and control "natural" persons, WILL.
And ALL you do is end on a happy note: "better a decade too late than never"! SHEESH. With protectors and "free speech" advocates like you, it's a wonder the enslavement isn't further along.
[ link to this | view in chronology ]
Re: Oh, do TRY! -- "better a decade too late than never&quo
Just noticed your Freudian slip that implies you think it's ALREADY TOO LATE.
[ link to this | view in chronology ]
Re: Re: Oh, do TRY! better to quit a decade too late than never
[ link to this | view in chronology ]
Why you still here, bruh?
[ link to this | view in chronology ]
Re: Oh, do TRY! -- "better a decade too late than never"!
1. They will deny and fight that you are wrong the the n'th degree.
2. They will trash you just as hard as they fight the facts. In fact it will get to the point you are socially unacceptable in any manor if you persist.
I do have one question though for you.
What kind of people do you think inhabits a place where they debate how many forms of LGBT hate the usage of the word "home" shows? How did they manage to do this at work? Why were the not working?
[ link to this | view in chronology ]
Re: Oh, do Troll!
By "Globalist" do you mean "Zionist Threat" or something else? Please define?
Please explain how you love copyright so much, but can't abide by corporations?
Also, where is your hard-hitting news site that will explain all the things Mike won't cover?
And... How is the Wiki definition of Common Law not meet up with your high standards?
[ link to this | view in chronology ]
Re: Oh, do TRY! -- "better a decade too late than never"!
Aw dude, don't you know the entire point of this post was to suck up to you about how evil globalist FB really was, and you still attack me.
Sigh
I can never do anything right apparently.
[ link to this | view in chronology ]
Re: Re: Oh, do TRY! -- "better a decade too late than never
Now you're getting it :)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
fb is on its way to obscurity.
[ link to this | view in chronology ]
Re: Re:
Ffb!
[ link to this | view in chronology ]
Re: Re:
Fadebook!
[ link to this | view in chronology ]
Re: Re: Re:
Or.. fecebook?
[ link to this | view in chronology ]
What does fraud have to do with privacy?
First you say this post will cover "a few" privacy messes, then "two". I only see two problems described, with the first having no relation to privacy that I can see—how is blatent fraud a "privacy problem"?
Where's the enforcement from the credit card companies? Is it really OK with them for a site to secretly store card details to let kids make future unauthorized purchases?
[ link to this | view in chronology ]
not just Nate and Robyn
[ link to this | view in chronology ]
Not privacy problems, publicity problems
[ link to this | view in chronology ]
I wonder how much $$$$$$ it took to make Nate and Robyn so terrible at logic as to expect the difference they can make will be worth the long term hit to their (and EFF's) reputation. (seriously- I'm reconsidering EFF as a benefactor due to this...making sociopathic corporate malfeasence less controversial is NOT an admirable goal.)
Facebook is cancer. You can't fix it- the entire idea (public commons as private enterprise) is antithetical to freedom/democracy- stop feeding this treachery for fuck sake.
Cutesy soft bash articles like this are the equivalent of style-shaming Hitlers mustache.
[ link to this | view in chronology ]
Re:
What's the alternative, a government run service which will be even worse at privacy and free speech?
[ link to this | view in chronology ]
Re: Re:
It's erroneous to assume there needs to be an alternative; much less one run by the government.
Consolidated power is very much at the heart of many modern issues. We've been conned into thinking this is how it HAS to be, but that's not at all true.
The solution is distribution of power/control.
The solution to problems most don't yet even understand we have- is bringing technology back in line with every other type of property. As in something that can be 'bought' 'sold' and 'owned' in a traditional sense- not this 'lease' 'license' 'lie' crap we have now; where we can't buy products anymore- we can only sell ourselves as products for the privilege of using someone else's property.
[ link to this | view in chronology ]
Re: Re: Re:
The distributed alternatives already exist in the likes of Mastodon and PeerTube. They all suffer from one disadvantage, and that is discovery. Podcasting suffers from this problem, as it can be quite hard to discover podcasts on particular subjects, or with a particular type of content. It is that problem that allowed the search engines to take over from Gopher. Unless you have a good starting point, finding people or content becomes very hit or miss, depending on which parts of the system you are aware of.
The other problem with distributed system is the number of people capable of running servers, and how do the deal with scaling issues. CDN services cost money, and become necessary if there is audio or video content to be distributed. If a system gains users faster than new servers join in, it becomes overloaded, or a financial drag on the people able to set up servers in data centres. This is strongly influenced by the cost of a commercial connection to obtain a fixed IP address in most countries. How re the server and CDN bills paid is an issue with distributed systems.
[ link to this | view in chronology ]
Re: Re: Re: Re:
P2P is quite nice for distributed content delivery. I myself dedicate about 300 kbps during the day and about 900 kbps during the night of my bandwidth to distribute content that YouTube, etc has seen fit to ban.
Storage is cheap and getting cheaper.. 2 TB harddrives for as little at $55. And even with ISPs instituting minuscule monthly bandwidth usage allowances I rarely use more than 60% of the allowance each month.
BTW.. don't forget BitChute.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Distributed system exist, and require people set up for their use. That is often step too far for most people. But the biggest problem with most of them is discovery, none make it as easy as the centralised system to find what you are looking for, or related content.
The Newspaper want to remain in Google, not because people do not know of their existence, but rather because Google and Google news make their articles visible to people searching for information on stories, and just browsing to see what is going on in the world.
[ link to this | view in chronology ]
Re:
seriously- I'm reconsidering EFF as a benefactor due to this
Wait. You're reconsidering supporting EFF because Nate is leaving EFF to go work for Facebook? How is that a comment on EFF?
[ link to this | view in chronology ]
Re: Re:
As facebook is a nonredeemable cancer...joining them is selling out...and using EFF's good name to do it.
EFF as branding for FB's good nature/intent? There's a special place in hell for that I expect.
EFF should sue for disparagement/defamation.
Reminds me of 'simple ricks wafers' on rick and morty. Good Will- commoditized, packaged, and removed from all contextual relevance.
Yeah- they can fuck right off with that. I'll leave my legacy to more deserving people...not about to fund a springboard for sociopath sell outs.
They've got as much chance of fixing FB as a drop of bleach in a cesspool. Lets face it- they didn't go there to fix things...They sold their name and good-will; and some of EFF's good will along with it.
[ link to this | view in chronology ]
Re: Re: Re:
The only thing I understood in your reply was "Rick and Morty."
[ link to this | view in chronology ]
Re: Re: Re: Re:
Sorry I triggered you, but it's rather pathetic it was so easy...
The 'so obvious I don't have say it' thing you're alluding to, is that some one who would reference R&M is obviously not worthy of any consideration.
It sounds pretty fucking stupid when you say it outright like that, doesn't it? But somehow you think insinuation makes this hunky-dory.
It's a shame the lowbrow elements of the fan base have come to define the show for you.
I'd recommend you check out 'wisecrack' on youtube- they break down some of the episodes in a way that makes it easier to see the real scope of the shows ambitions.
Rick and Morty is deeply rooted in philosophy, it's not a simple show for idiots (despite how it may appear)- They are trying to get people to examine big ideas in a new way- the way they do this is deep satire/borderline trollish- as some the the terrible fanbase exemplifies- but that doesn't take away from the brilliance of what they're doing.
Nihilism is a fucking tarpit- but there's an enormous amount to learn about human nature by studying it.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Yeah, some Rick and Morty fans are real assholes.
Some of them even say stupid shit like "Sorry I triggered you."
[ link to this | view in chronology ]
Re: Re: Re:
The EFF...should sue for defamation...for Facebook...hiring someone from the EFF.
You seem smart.
[ link to this | view in chronology ]
That was the red flag.
[ link to this | view in chronology ]
Re:
Maybe, someone should just take fb from zuck. Then maybe fb could be salvaged.
[ link to this | view in chronology ]
Re: Re:
He owns a controlling share in the company. Nobody can take it from him; best they can do is convince him to step down voluntarily. I don't see that happening right now, although I suppose if the company continues to get bad news there may be a point where he sees ceding control as the most beneficial move.
[ link to this | view in chronology ]
I want to sell you a bridge
I you really and truly believe that Facebook gives a BLEEP about privacy then I have this really old iron bridge to sell you.
Hint: Selling information about the users of Facebook is how they pay their bills and Zuck sucks in lots of money. So.. collect more data, more data to sell, more money is made by Facebook and Zuck.
Zucker's bank balnaces keep getting larger and larger. He really really love all the suckers who use Facebook.
New meme: Zucker's suckers.
[ link to this | view in chronology ]
Juul gets raided regularly in the Bay Area for internal documentation whether their marketing practices targeted children.
I'm beginning to think those raids should instead be visited on Facebook offices just across town. Sure looks like the activities targeting children are every bit as harmful, and far more widespread.
[ link to this | view in chronology ]
Give them the treatment a smaller company would get
I think its time for Google and Mozilla to add facebook.com to their malware site blacklists.
[ link to this | view in chronology ]