Morning Canary – Facebook…Here We Go Again

Canary. Photo by 4028mdk09.

When we sign up and agree to play on the private social media playgrounds, we agree to their rules, their terms of agreement. Those are the rules. Agree, don’t agree. Our choice.

Buyer beware, and if we fail to read the small print of any contract, well, that too is our choice. If we sign a contract whose term we fail to understand, that is on us. Do not sign what you cannot define or understand, or if you do, whose fault is that?

For those ones that are free, we, as users, have to instinctively understand that nothing, ever, or very rarely ever, is “free.” However, when we click that “I agree to the terms of use” box we are still effectively agreeing to a contract in which we know, or should know, inherently, there will be some data mining for them to make a profit, whether we read it all or not.

After all, businesses are not in the business of not making money. And make no mistake, these are businesses. It all revolves around targeted marketing, i.e., ad revenues. Whether they “sell” their customers private information to third party vendors, or not, is a matter of the contract. Agree to the terms, or don’t. Our choice.

But can we really agree to something if that something is not disclosed? What about those places we do business with that are not free, like Amazon Prime?

On December 18, when the Morning Canary ran ICYMI Tech News, the New York Times ran this story, “As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants – Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed.”

For years, Facebook gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed, effectively exempting those business partners from its usual privacy rules, according to internal records and interviews.

The special arrangements are detailed in hundreds of pages of Facebook documents obtained by The New York Times. The records, generated in 2017 by the company’s internal system for tracking partnerships, provide the most complete picture yet of the social network’s data-sharing practices. They also underscore how personal data has become the most prized commodity of the digital age, traded on a vast scale by some of the most powerful companies in Silicon Valley and beyond.

New York Times

In TNB ICYMI Tech News post, “After the fallout (TNB) [“In Rare Parliamentary Mechanism” UK Seizes Facebook Internal Docs] of being mixed up with the Cambridge Analytica scandal, followed by the announcement in late September (NYT) about an “attack on its computer network had exposed the personal information of nearly 50 million users” which allowed “a feature in Facebook’s code to gain access to user accounts and potentially take control of them” to be exploited, Facebook is once again facing more Troubles.”

The ICYMI Tech News story covered a TechCrunch report “Facebook bug exposed up to 6.8M users’ unposted photos to apps” for readers to catch up on. It was time, TechCrunch quipped, to “reset the “days since the last Facebook privacy scandal” counter.”

A Facebook “bug.” Hold this thought.

On December 19, Gizmodo’s Ksahmir Hill posted this story, Amazon and Facebook Reportedly Had a Secret Data-Sharing Agreement, and It Explains So Much.

It’s a story about the New York Times piece.

But Hill was a bit ahead of the curve, because she’s been writing about Facebook’s PYMK for well over a year now. The NYT’s piece linked her story, How Facebook Figures Out Everyone You’ve Met. She started piecing together the algorithms of Facebook’s People You My Know (PYMK) may not be operating not only on the up and up, but well without of the bounds of their own privacy policies.

Hill writes, “I’ve heard more than a hundred bewildering anecdotes:”

A man who years ago donated sperm to a couple, secretly, so they could have a child—only to have Facebook recommend the child as a person he should know. He still knows the couple but is not friends with them on Facebook.

A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.

A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.

An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

Gizmodo; Nov 7 2017

Last month, Hill wrote, in 2015 “a woman named Imy Santiago wrote an Amazon review of a novel that she had read and like. Amazon took the review down and told Santiago she had “violated its polices.””

After another attempt and being told by Amazon, “You’re not eligible to review this product,” Santiago gained the attention of Hill when she wrote a blog post about “Amazon’s “big brother” surveillance,” which prompted Hill to reach out to her and Amazon in an effort “to try to figure out what the hell happened here.”

At the time, Hill was not able to garner much information. Amazon’s spokesperson Julie Law told Hill in an email that the company “didn’t comment on individual accounts, but said, “when we detect that elements of a reviewer’s Amazon account match elements of an author’s Amazon account, we conclude that there is too much risk of review bias.”

Santiago had liked the author and “followed” her Facebook page. Law had said, “We have built mechanisms, both manual and automated over the years that detect, remove, or prevent reviews which violate guidelines.”

Now that Hill has read the NYT’s piece, she writes, “about Facebook’s surprising level of data-sharing with other technology companies may shed light on those mechanisms. Via the NYTs:

Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages.

The social network permitted Amazon to obtain users’ names and contact information through their friends, and it let Yahoo view streams of friends’ posts as recently as this summer, despite public statements that it had stopped that type of sharing years earlier.

New York Times

As for all of Facebook’s “bugs?”

Facebook doesn’t like, and doesn’t use, the term “shadow profiles.” It doesn’t like the term because it sounds like Facebook creates hidden profiles for people who haven’t joined the network, which Facebook says it doesn’t do. The existence of shadow contact information came to light in 2013 after Facebook admitted it had discovered and fixed “a bug.” The bug was that when a user downloaded their Facebook file, it included not just their friends’ visible contact information, but also their friends’ shadow contact information.

The problem with the bug, for Facebook, was not that all the information was lumped together—it was that it had mistakenly shown users the lump existed. The extent of the connections Facebook builds around its users is supposed to be visible only to the company itself.

Gizmodo; Nov 7 2017

At what point will Facebook’s “bug” excuse be seen for the feature it is, and not the lame ass excuse for getting caught that it really may just be all about?

The Times reviewed more than 270 pages of reports generated by the system — records that reflect just a portion of Facebook’s wide-ranging deals. Among the revelations was that Facebook obtained data from multiple partners for a controversial friend-suggestion tool called “People You May Know.”

The feature, introduced in 2008, continues even though some Facebook users have objected to it, unsettled by its knowledge of their real-world relationships. Gizmodo and other news outlets have reported cases of the tool’s recommending friend connections between patients of the same psychiatrist, estranged family members, and a harasser and his victim.

Facebook, in turn, used contact lists from the partners, including Amazon, Yahoo and the Chinese company Huawei — which has been flagged as a security threat by American intelligence officials — to gain deeper insight into people’s relationships and suggest more connections, the records show.

Zuckerberg’s Facebook “began forming data partnerships when it was still a relatively young company. Mr. Zuckerberg was determined to weave Facebook’s services into other sites and platforms, believing it would stave off obsolescence and insulate Facebook from competition.” Partnerships “were so important that decisions about forming them were vetted at high levels, sometimes by Mr. Zuckerberg and Sheryl Sandberg.” While many of these partnerships were announced, “the details of the sharing arrangements typically were confidential.”

When the NYT’s ran a story in 2017 about Facebook’s “partnerships with device makers, Facebook used the term “integration partners” … that pulled Facebook data to provide social-media-style features on smartphones.” Along with Yahoo, Netflix, a bank in Canada, Spotify, and many others, it also included the Chinese company Huawei, a “Russian search giant Yandex,” and in 2014, Cambridge Analytica and a professor’s app whistleblower Christopher Wylie told about, [TNB] who all qualified in Facebook’s high levels as “integrated partners.”

Stay tuned. There is sure to be more on this as it appears there may have been FTC violations.

There is an update to this Morning Canary story, “In Rare Parliamentary Mechanism” UK Seizes Facebook Internal Docs

In case you missed it, at the end of November the Guardian’s Observer reported, “Documents alleged to contain revelations on data and privacy controls that led to Cambridge Analytica scandal… [UK] Parliament has used its legal powers to seize internal Facebook documents in an extraordinary attempt to hold the US social media giant to account after chief executive Mark Zuckerberg repeatedly refused to answer MPs’ questions.”

The internal documents seized by the UK Parliament’s member Damian Collins were part of an on-going law suit by US software company Six4Three and the legal discovery process in the case and were under seal by the San Mateo Superior California court. The documents were purported to contain “confidential emails between senior [Facebook] executives,” including Zuckerberg.

In an interview with CNN, Six4Three’s owner Ted Kramer reportedly said, “We allege that Facebook itself is the biggest violator of data misuse in the history of the software industry.”

Both Ted Kramer and Facebook have notified the California Superior court. While the files are subject of California’s court seal and protective order, meaning they cannot be shared or made public or risk being in contempt of court, Kramer was in London where the summons was issued and the UK Parliament has jurisdiction. Kramer had no choice but to comply or face fines and or possible jail.

Facebook issued a statement saying they “have asked the DCMS committee to refrain from reviewing them and to return them to counsel or to Facebook.”

According to CNN, Collins said he “was in the process of reviewing the documents, “which are clearly highly significant to the committee’s inquiry and we will be making a statement next week on how we intend to proceed.””

MP Ian Lucas who is on the same committee as Damian Collins, tweeted Saturday, “This week Facebook will learn that all are subject to the rule of law. Yes, even them.”

Damian Collins on Sunday added, under UK law they “can publish papers if we chose to.”

The News Blender; Nov 26 2018

They so choose. [pdf;]

In what appears to be a pay to play scheme to be compensated for letting others mine their data banks of their user’s personal information, the New York Times reported, Facebook Used People’s Data to Favor Certain Partners and Punish Rivals, Documents Show.

Facebook said in a statement that the “documents had been selectively chosen to be embarrassing and misleading as part of a “baseless” lawsuit,” and explained that like any company they were only having internal discussions of “various ways” they “could build a sustainable business model” for their platform, adding, “But the facts are clear: We’ve never sold people’s data.”

While the fact seems clear, they seem to point in the exact opposite direction.

The 250 pages of documents cover a period when Facebook was shifting its business from a focus on desktop computers to mobile devices. After years of being largely open in sharing data with partners, Facebook was beginning to debate how to be compensated for the data it was sharing.

For companies it liked, including Airbnb, Lyft and Netflix, Facebook made special “white list” agreements. The deals gave the partners preferred access to data that other companies had been restricted from receiving after a Facebook policy change.

New York Times; Dec 5 2018

Or maybe it was just a “bug.”

Stay tuned. There will definitely be more to this story.

On A Side Note (Opinion)

For understanding and knowing the whole story, join me down the rabbit hole. Recommending reading.

Amazon and Facebook Reportedly Had a Secret Data-Sharing Agreement, and It Explains So Much; By Kashmir Hill; Dec 19 2018; Gizmodo

As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants – Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed; By Gabriel J.X. Dance, Michael LaForgia and Nicholas Confessore; Dec 18 2018; NYT

How Facebook Figures Out Everyone You’ve Ever Met; By Kashmir Hill; Nov 7 2017; Gizmodo

For a deep dive – Kashmir Hill’s People You May Know series; Gizmodo

For the update story – Facebook Used People’s Data to Favor Certain Partners and Punish Rivals, Documents Show; By Adam Satariano and Mike Isaac; Dec 5 2018; NYT

For ICYMI – “In Rare Parliamentary Mechanism” UK Seizes Facebook Internal Docs; Nov 26 2018; The News Blender

About the opinions in this article…

Any opinions expressed in this article are the opinions of the author and do not necessarily reflect the opinions of this website or of the other authors/contributors who write for it.