Storm Clouds Gathering
Dec. 9. 2015
“We refer to ourselves as the privacy sherpas,” says Kwon. Instead of helping Facebook employees scale Everest safely, Kwon’s team tries to guide them safely past the potential peril of pissing off users.The face of the new, privacy-conscious Facebook is Yul Kwon, a Yale Law grad who heads the team responsible for ensuring that every new product, feature, proposed study and code change gets scrutinized for privacy problems. His job is to try to make sure that Facebook’s 9,199 employees and the people they partner with don’t set off any privacy dynamite. Facebook employees refer to his group as the XFN team, which stands for “cross-functional,” because its job is to ensure that anyone at Facebook who might spot a problem with a new app — from the PR team to the lawyers to the security guys — has a chance to raise their concerns before that app gets on your phone.
Kwon, 39, has a million-dollar testament to his ability to orchestrate group dynamics. He was the winner of the 13th season of Survivor, the season in which the CBS reality show controversially divided contestants by race (Kwon is of South Korean descent). His competitors said his gift of diplomacy helped him win — though some called him a “puppetmaster.” “I learned how to navigate difficult environments,” Kwon now says.
Kwon has been bouncing back and forth between Silicon Valley and D.C. for most of his career, with a few stops in front of T.V. cameras. His roller coaster of a resume includes business consulting at Google, crafting Joe Lieberman’s security legislation (in the emotionally-charged but bipartisan period after September 11th), working on net neutrality at the FCC (the first time it came around), acting as a TV host for CNN and PBS (for shows on Asian-American issues and American infrastructure), and making People Magazine’s Sexiest Men Alive and Hottest Bachelors lists (he’s married with kids now).
The privacy sherpas seem to be effective. James Grimmelmann, a University of Maryland professor with a long history of analyzing Facebook’s privacy mistakes, says the company has turned a new page. “Facebook is not my go-to suspect when I open up the news and look for privacy problems. In 2008 and 2009, they did something wrong like clockwork every few months. It was a nasty cycle,” he says. “Facebook moves carefully now. It doesn’t want to move fast and break things anymore.”
“Oh yeah, I’ve been meaning to ask you why you’re getting off Facebook,” is the guilty and reluctant question I’m hearing a lot these days. Like we kinda know Facebook is bad, but don’t really want to know.
I’ve been a big Facebook supporter – one of the first users in my social group who championed what a great way it was to stay in touch, way back in 2006. I got my mum and brothers on it, and around 20 other people. I’ve even taught Facebook marketing in one of the UK’s biggest tech education projects, Digital Business Academy. I’m a techie and a marketer — so I can see the implications — and until now, they hadn’t worried me. I’ve been pretty dismissive towards people who hesitate with privacy concerns.
With this latest privacy change on January 30th, I’m scared.
Facebook has always been slightly worse than all the other tech companies with dodgy privacy records, but now, it’s in it’s own league. Getting off isn’t just necessary to protect yourself, it’s necessary to protect your friends and family too. This could be the point of no return — but it’s not too late to take back control.
It’s not just what Facebook is saying it’ll take from you and do with your information, it’s all the things it’s not saying, and doing anyway because of the loopholes they create for themselves in their Terms of Service and how simply they go back on their word. We don’t even need to click “I agree” anymore.
They just change the privacy policy and by staying on Facebook, you agree. Oopsy!
Facebook doesn’t keep any of your data safe or anonymous, no matter how much you lock down your privacy settings. Those are all a decoy. There are very serious privacy breaches, like selling your product endorsement to advertisers and politicians, tracking everything you read on the internet, or using data from your friends to learn private things about you – they have no off switch.
Facebooks gives your data to “third-parties” through your use of apps, and then say that’s you doing it, not them. Everytime you use an app, you’re allowing Facebook to escape it’s own privacy policy with you and with your friends. It’s like when my brother used to make me punch myself and ask, “why are you punching yourself?” Then he’d tell my mum it wasn’t his fault.
There’s no need to talk hypothetically about government surveillance here.
One of the first Facebook investors called Greylock has board connections to a CIA investment firm called In-Q-Tel. According to their website, it “identifies cutting-edge technologies to help the Central Intelligence Agency and the broader US Intelligence Community to further their missions”.
And if you haven’t heard – it was revealed that Facebook data is delivered directly to the PRISM programme.
That’s why they slowly changed the default privacy settings to public, made privacy settings harder and harder to use, and now are pretending that their privacy helper will change this.
In reality, there a loads of privacy breaches you can’t turn off, like allowing advertisers to use your endorsement to your friends, turning off how Facebook tracks what you read on the internet, or disallowing Facebook from collecting other information about you. You can’t turn them off!
Even if you have nothing to hide, you have to worry about the opposite, what Facebook chooses to hide that you want to be shared.
They filter you.
“I’ve been meaning to ask you why you’re getting off” usually comes after something like, “didn’t you see my post last week?”
If you’ve ever had that conversation, you’ve noticed that there’s a big disconnect between your expectations when you communicate on Facebook and what really happens. Basically, Facebook filters out your posts based on whether or not people will use Facebook more if they don’t see it.
In reality, lots of your posts are never seen by anyone!
And you miss out on their stuff too. Even if your friends’ stuff gets to you fine, it doesn’t mean your stuff gets to them.
Facebook’s blocks posts based on political content it doesn’t like. They blocked posts about Fergusson and other political protests. When Zuckerberg alledgedly went a bit nuts and banned the word “privacy” from meetings at Facebook, it was also blocked from any Facebook post. You just got an error message about “inappropriate content”. Yeah, uh huh.
Inappropriate for who?
Facebook goes so far as to let political organisations block your communication. It just takes a few people to mark the same news article as offensive, and it drops from everyone’s feed. This is often abused. I can block any article from Facebook by getting a few friends to mark it as offensive. Cheap and easy censorship.
If you’ve ever used Facebook contact sync, or used Facebook on your mobile phone, Facebook took your complete contact list. Real names, phone numbers, addresses, emails, everything.
They then use that to create “shadow profiles” of the people you know who aren’t on Facebook. Non Facebook users often see this in action, in the form of emails to them from Facebook, containing their personal information. Facebook users can see this when they upload a picture of a non-Facebook user, and they’re automatically tagged. My friend’s not on Facebook, but since me and a few friends used Facebook on our phones, Facebook has his name and contact information, plus knows who his friends are because it sees him in their address book and calling records.
In Europe, Facebook is legally oblidged to share exactly what information it has about you – but they refuse. So there’s yet another class action lawsuit against them.
Through it’s labyrinth of re-definitions of words like “information”, “content” and “data”, you’re allowing Facebook to collect all kinds of information about you and expose that to advertisers. With your permission only they say, but the definition of “permission” includes using apps and who knows what else.
On top of this, they allow all the Facebook apps full access to your information – with your name and everything. And even if you never use any apps on Facebook, your friends do. When they use apps, your friends share all your information for you. There’s a whole industry behind this.
Some things DO have off buttons, but keep in mind they are temporary, and as Facebook has done in the past, it will switch them back on without letting you know. When Facebook started (and probably when you joined) it was clearly a safe place to share with your friends only.
That was their big promise. Over time, they switched the default privacy setting to public so that if you still wanted to keep Facebook for friends only, you had to manually find over 100 settings on multiple hidden settings pages. Then, they started dropping those settings and forced information to be public anyway.
That’s even scarier because Facebook is used heavily for political advertising, and product endorsements. People know I raised money for kids with cancer before, so they might not be surprised if they see an ad where I’m endorsing a Christian outreach programme poor kids in Africa. But I categorically only support programmes that don’t have religious allegiances, since they’re known to bias their support to people who convert. Worse, a lot of people might assume things about my religious beliefs based on these false endorsements. Don’t even get me started on all the hypey startup stuff I don’t condone!
We can have no idea if our endorsement has been used to sell flakey crap in our name. I don’t want to think about my mom wasting her money on something she thought I was endorsing, or my startup founder clients seeing adverts for useless products with my face under them.
Using Facebook means this happens all the time. Advertisers can buy your endorsement on Facebook and your information from third-party data brokers. You never get to know about it, and you can’t turn it off.
Facebook is also insisting to track your location via your phone’s GPS, everywhere and all the time. It’ll know extactly who you spend your time with. They’ll know your habits, they’ll know when you call in sick at work, but are really out bowling. “Sal likes 2pm Bowling at Secret Lanes.” They’ll know if you join an addict support group, or go to a psychiatrist, or a psychic, or a mistress. They’ll know how many times you’ve been to the doctor or hospital, and be able to share that with prospective insurers or employers. They’ll know when you’re secretly job hunting, and will sell your endorsement for job sites to your friends and colleagues — you’ll be revealed.
This is simply a consequence of their business model. Facebook sells you out, because that’s exactly how they make money. And they’re under heavy pressure from their investors to make more.
According to the FTC settlement from a few years ago, after Facebook was sued by the US goverment for its privacy practices, Facebook is “required to prevent anyone from accessing a user’s material more than 30 days after the user has deleted his or her account;”
There are different interpretations of this. Some say you need to delete each post separately, others say delete your account, and some say they’ll still keep your data anyway — that all you can do is stop giving them more data.
I’m going to do both as a precaution. There are a few helpful browser add-ons that will delete your posts individually, which I’m running now but needs some baby-sitting to keep running.
And some great instructions on actually deleting your account while Facebook tries to trick you into deactivating it instead.
To stop Facebook from tracking what I read on the web, (they do this even if you don’t have a Facebook account) I’ve installedGhostery.It’s been pointed out to me that Ghostery provides information to advertising networks if you enable GhostRank, and have been recommended Privacy Badger or disconnect.meinstead. (And while you’re at it, the EFF made this great plugin that automatically chooses the most secure web connection, making it more difficult for governements and ISPs to snoop your web activity.)
I considered a bunch of Facebook alternatives, and might end up on Diaspora butemail and phone have actually been much better! After a month off Facebook, I don’t feel the need for a direct replacement. The phone – go figure. Everyone already has one, and we forget how super easy and convenient they are to use. I see fewer pictures, but I actually talk to people.
Remember, this isn’t just about the technical stuff. By staying on Facebook, you’re granting them permission to collect and use information about you, regardless of you even using the Internet. And by staying on, the data they collect on you gets used to create models about your closest friends and family, even the ones who opted out.
Lastly, the world is full of people who say “it’ll never happen”, and when it does, they switch to “there’s nothing we can do.” There is. The Internet was decentralised for 50 years, and is full of options, by design, that allow us to maintain privacy. We have a say in the world we want to live in — if we take action ourselves. Plus, we can help everyone understand, and help them make their own choices more informed.
This post has been read by 300,000 people now. It’s a positive sign that we can inform and educate ourselves!
I’ve said it before, I’ll say it again. We’ll know America is growing up once Facebook starts to bleed users.
— Michael Krieger (@LibertyBlitz) January 28, 2015