TJ Hooker :
It's pretty clear that the data was collected using methods that were allowed by Facebook. Articles may refer to the ability to collect data on a user's friends as a loophole, but that is speculation and doesn't guarantee it wasn't allowed by design. Furthermore, it's pretty clear we may never get the truth of internal company intentions in this regard from Facebook. It's been pointed out that there is disparity between the employees at FB tasked with monetizing the service and those tasked with securing it. As FB is made of many people of varied ideas, there is no simple answer to just what the truth is.
Whether or not FB knew the extent of how data was being used and abused is irrelevant to what I said. The fact is that what FB says about how data is collected/managed/used does reflect what was actually happening. E.g.
But what you said was:
TJ Hooker :
Did you not read the article, or follow any of the news about Facebook following the Cambridge analytica scandal? Facebook was doing a half assed job protecting people's data to the extent that data was being harvested without permission and in manners which violated FB's own stated policies. So yes, FB absolutely has a share of the blame.
I think I may have a bit of a grasp of what happened. Maybe that's why I disagree with you and assert what you wrote in the above paragraph is factually incorrect.
Let's clarify.
The researcher who wrote the FB app and was using it to gather data, had FB's permission to perform his research, and had even given talks about the very data collected and of what uses it could be, on the FB campus.
The data was harvested by an app, which first requested and was granted permission to mine data from the account of the person accessing the app. You said that the data was harvested without permission. I say the data was harvested with permission, both from the user, and from FB. The user granted permission in order to use the app and FB granted permission for the app to exist on their site at all.
This goes beyond any agreement the user may or may not have with FB regarding privacy. Can anyone point out when or where FB contractually obligated itself to protect users from their own stupidity or ignorance when it comes to allowances those users make for apps? What do people actually think happens when you grant permission to an app to access all, or even limited portions of your profile?
Finally, using information that the user consented in giving the app, a script then scraped the publicly available information from the profiles, of the friends of, those users who allowed their friends list data to be used by the app. By allowing the information to remain in view of the public, that amounts to tacit consent for the information to be viewed.
I'm more than open to listening if you can show that private friends' data was also scraped. The only possibly compromised private friend data I can find are in the cases where users also granted permission to access their mailbox. FB says only 1,500 users gave the app this specific permission, and both Cambridge Analytica and the researcher have said no data was taken in that regard. Hmm, who to believe?
As I've alluded to before, maybe more users should learn how to best make use of the privacy controls that are at their disposal? Maybe not FB's fault?
At this point FB has said they closed the "loophole." So, it looks like FB is holding themselves accountable already, and making at least some effort in regards privacy.
Cambridge Analytica never acquired it's data from FB.
Cambridge Analytica acquired it's data from the researcher, and the terms of service for his app that mined the data which he sold, were up on the FB site for over a year without FB taking issue.
If FB had a real issue with their terms of use being violated, they waited a long time to do anything about it. In fact, FB only seems to have done anything after the media coverage began to affect their bottom line.
I will listen if you can explain how Cambridge Analytica is subject to any terms of use that FB might have for it's service, since CA didn't contact or contract with FB for the data. FB has severed ties with the researcher and banned him from the site, although ironically, FB employs his coworker, who was working with him during his research and data gathering.
I've heard a lot of bloviated emotional diatribes to this point, concerning how this use of data is abusive, but I've yet to see an actual argument or case made against either the legality or immorality of it. I'm certainly not convinced we need a bunch of nanny organizations trying to push their own agenda here.
It's been said before, if you are really that concerned about data privacy, contact your legislators.
TJ Hooker :
Once the data leaves Facebook and what other companies do with that data is outside of Facebook's ability to control. If Facebook needs to enforce their rule of, "you can't resell the data," which I suspect may border on illegal, they need to retain full ownership of the data, which isn't going to happen currently. If companies could generate self-destroying data, they would. Give them time. It will be like Gmail's self-destructing emails.
Umm, what? Why would that be illegal? You can absolutely implement a policy that dictates how data is used after you sell it. It's called terms of use/service. You're right that Facebook can't prevent the buyer from breaking the ToU, but it can at least take steps to check if the data was being misused and take some sort of action if it finds that to be the case. But FB didn't, and allegedly deliberately avoided looking into whether the data they sold was being used in a manner compliant to the ToS, so as to maintain plausible deniability.
Umm, what, what? The only clear way you can protect the data is through contract law. FB lost control of the data when it left their hands. They may seek damages from the party who broke their terms of service, but I see little recourse against Cambridge Analytica.
If you want to try for copyright law and say that FB's user database was copied, you may run into problems.
While databases can be subject to copyright protection, not all databases trigger this protection. The database must employ a creative enough construction to construe something other than the ordinary organization of that data. Even if the database does qualify for copyright protection, the data in the database has to individually qualify for protection as well, otherwise, you can freely take the data out of the database without permission.
In the case of the app, it created it's own database.
Even if contracted to FB via terms and conditions, it may be a stretch to say no derivative works may be sold resulting from collected data. I wouldn't bet on the outcome of any court case challenging this.
TJ Hooker :
The same goes for other companies. It's been known for years that even department and grocery stores mine every ounce of value from customer's data. They even mine and sell their own internal data. Have you been living under a rock? Is this is the first you've heard of it? Have you been thinking that somehow companies giving away free online accounts are doing it out of the goodness of their hearts? Where was your outrage the last time Facebook data was mined for political purposes, or perhaps you didn't hear about it when it was bragged about, or is this all politically motivated and it's only a problem because it was one party rather than another?
Massive red herring. Whether or not every other company under the sun is doing it does not affect whether or not it is right for Facebook to do it. All those other companies should be abiding by their own stated privacy policies as well. Whether or not something similar was done it the past also doesn't dictate whether it's right or wrong to do it now.
I didn't hear about the previous case of massive FB mining for political purposes at the time, and I wouldn't say I'm "outraged" about this time. Just pointing out that there are valid reasons to be holding FB at least somewhat accountable for stuff like this.
Not really. It's neither big nor a fish.
🙂
If other companies are doing it (data mining and such,) and you're not upset at them, it makes this look a bit more like an unevenly applied standard.
Do you know whether those other companies are abiding by their own stated privacy policies or not? I suspect you only know about the controversy surrounding FB now because the media made a big deal out of it, and a lot of that fuss appears to be politically motivated. Not all of it, but there's been enough bias in the main US broadcast networks and some of the major print media over the last year it's pretty unmistakable.
In the end, what do you want to hold FB accountable for? Has FB actually contractually obligated itself to safeguard your personal data, and never ever share it with it's affiliates? It isn't as though they allowed credit card information to be gathered or stolen. Also, wouldn't FB be allowed to overlook it's own privacy policy for one of it's consultants? Again, the app didn't do anything that FB didn't actually allow at the time, so they weren't even overlooking any privacy policies there. The biggest no no seems to be that the researcher sold the data.
If you want to speculate, another issue may very well be the party affiliation of the purchaser of that data.
TJ Hooker :
If it's such a big deal to you, or others, vote with your usage of the service. Anybody that can't stop using the Facebook service because it's a monopoly, needs to seriously evaluate their life.
FB has been caught multiple times tracking people who aren't logged in or who don't even have an account (see my first link).
This is silly.
Of course Facebook is tracking people, but do you think they get their little web tracker widgets on sites surreptitiously, without the consent of the site it's being hosted on?
Is the FB app installing on your phone or computer without your permission?
Maybe it's a conspiracy, between FB and all the other sites out there allowing you to be tracked through them.
I'll say it again, even though you quoted me there... If it's such a big deal to you, or others, vote with your usage of the service. I'll add, vote with your usage of Facebook's affiliates as well, as it would seem they are complicit in FB's tracking. Good luck!
TJ Hooker :
If I refer to "the article" in the comments section of an article, it should be obvious which article I'm referring to. Both links I provided in this post came from said article.
Shame on me. I should have used an exclamation point, because my question was meant more rhetorically than actual. But alas, digital communication can be that way sometimes.