Quote of the day: Amplifying the addiction

When I started working in technology, my hope was to build products that brought people together in new and productive ways. I wanted to improve the world we all lived in.

Instead, the social media services that I and others have built over the past 15 years have served to tear people apart with alarming speed and intensity. At the very least, we have eroded our collective understanding—at worst, I fear we are pushing ourselves to the brink of a civil war.

— Tim Kendall, Facebook’s former director of monetization in a testimony (PDF) to the US House of Representatives.

Via The Register.

Facebook threatens to stop spreading conspiracy theories if they can’t spy on their users

Back in July, the court of justice of the European Union ruled that companies like Facebook could be prevented from sending data back to the US because they don’t have enough protections against snooping by US intelligence agencies.

The ruling didn’t immediately end all transfers, but does place a requirement on national data protection authorities to vet the sending of any new data to ensure that any personal data complies EU’s GDPR data protection rules.

And so to Ireland, where Facebook’s European operation is located and, therefore, responsible for enforcing this rule.

On Tuesday Facebook tried to strong-arm the Irish data protection commissioner by threatening to pull out of Europe if forced to comply with the law.

We live in hope.

I was going to go on a rant here, but then I noticed that the satirists at NewsThump have already been there: Facebook threatens Europe with fair elections decided by well-informed voters. What a prospect.

Of course, they’re bluffing and, by Wednesday Nick Clegg, Facebook’s vice president for justifying Zuckerberg’s tantrums, and former UK deputy prime minister1 was frantically backpedalling.

I find his arguments (as reported) more than a little disingenuous. He’s eliding personal data (which is covered by the GDPR) and data in general (which isn’t) and claiming that having to keep up with ever changing rules (they aren’t) is impossible (it isn’t).

Realistically, Facebook isn’t going to go anywhere. They might thrash around for a bit but, ultimately, there is too much money in spreading hate speach and algorithmically promoting conspiracy theories and the Zuckerborg will comply with whatever rules are imposed.

But imagine being able to go online without being endlessly monitored, and not having ever more extreme content pushed at you.

The technology exists. It’s called RSS and Daniel Miessler thinks that it’s time to get back into RSS. Personally, I never stopped using RSS — my reader of choice is Newsblur — and I can’t imagine not having a single place to find pretty much everything I have chosen to read or watch online.

Footnote

  1. Of course Liberal politicians end up working for surveillance capitalists. It’s 2020.

Five Things #41

The Ransom of Miss Coraline Connelly by Alix E. Harrow is a fun short story about parenting.

The best (but still imperfect) way of preventing Facebook from tracking everything you do online is to delete Facebook. If you can’t do that, then check out Matt Burgess’ advice on how to stop Facebook from tracking everything you do (sort of).

“Western stars who have managed to break China and Hong Kong successfully are a rare breed. In fact there’s probably only one person who has found success as a major action star in China, as well as in the west.” Tom Jolliffe takes a look at the career of Cynthia Rothrock: The First Lady of International Action.

A quarter of a century ago today, the MP3 was born. Eamonn Forde argues that this, not the invention of vinyl, was the most revolutionary format in musical history. The MP3 at 25: How a digital file dynamited the music industry.

Steve Peers reminds us that at least some of those advocating the hardest of Brexits have the lowest amount of integrity. Tory Brexiters turn against the deal they helped secure.

Facepalmbook

What could possibly go wrong?

Facebook has begun conducting a pilot where it solicits intimate photographs of women – and it will soon offer the service in the United Kingdom. Anxious exes who fear their former partner is set on revenge porn will be urged to upload photographs of themselves nude.

There are already plenty of candidates for worst idea of 2017. It’s nice to see that the Zuck doesn’t want to be left out.

Stay out of the silo

Dave Winer won’t link to Facebook posts. I agree:

1. It’s impractical. I don’t know what your privacy settings are. So if I point to your post, it’s possible a lot of people might not be able to read it, and thus will bring the grief to me, not you, because they have no idea who you are or what you wrote.

Obviously, not having a Facebook account, I won’t be able to even see a post if it isn’t made public. But even if it is public, about a third of the page is covered by an annoying white box nagging me to either sign in or sign up for a Facebook account.

Even when posts are public, Facebook makes it both unpleasant and annoying to attempt to read them. In the vast majority of cases I don’t read them, I close the tab and move on. Whatever you have to say is not important enough for me want to leap through Facebook’s hoops, and it certainly isn’t significant enough for me to want to encourage anyone else to waste their time jumping through the same hoops.

2. It’s supporting their downgrading and killing the web. Your post sucks because it doesn’t contain links, styling, and you can’t enclose a podcast if you want. The more people post there, the more the web dies. I’m sorry no matter how good your idea is fuck you I won’t help you and Facebook kill the open web.

Facebook is building a silo. Data goes in and nothing comes out. This is anathema to the free flow of information that underpins the open web.

This is not accidental. Facebook forbids search engines from indexing posts on Facebook. This means that if you write something on Facebook, that post is not going to appear on Google, DuckDuckGo, Bing or any other search engine. Facebook — and only Facebook — gets to decide who will see your posts on Facebook.

3. Facebook might go out of business. I like to point to things that last. Facebook seems solid now, but they could go away or retire the service you posted on. Deprecate the links. Who knows. You might not even mind, but I do. I like my archives to last as long as possible.

Nothing lasts for ever. Facebook may look unassailable now, but so did MySpace back when MySpace was the big thing.

I don’t think Facebook is going to go bust any time soon, but there is nothing to stop them from deciding that parts of their service are either inconvenient or unprofitable and axing them. And if they do that, all of your content is gone because Facebook — and only Facebook — gets to decide how much of your data is retained.

There are plenty of open and publicly accessible platforms out there. You should use them.

Facebook: Spying with impunity again

Back in November, a Belgian court ruled that Facebook should stop tracking Belgians who are not signed up to the site or pay a daily penalty of €250,000. This ruling, unfortunately, was overruled on appeal at the start of this month. Not, it should be noted, because Facebook is justified in tracking people who are not logged in or have never sighed up to their site, but because:

Belgian courts don’t have international jurisdiction over Facebook Ireland, where the data concerning Europe is processed.

The issue here is one of jurisdiction, not principle. The data protection and privacy laws invoked in this case exist at the EU level, they have not been challenged and the only question is who gets to enforce them. Since Facebook’s European operations are based in Dublin, that would be the Irish.

A little poking around online led me to europe-v-facebook.org:

Are EU Data Protection Laws enforceable in Practice? This may be the main question that europe-v-facebook.org is now about. The right to data protection is a fundamental right in the European Union, but at the same time very little companies respect it. Facebook is just one of many that have a bad reputation when it comes to the handling of users’ data.

So the question arises if users are just too lazy to do something about it, or if the laws are in practice unenforceable?

We unintentionally landed in the middle of a big experiment after filing 22 complaints against Facebook in Ireland, because of breaches of the most basic privacy rules. We happened to look at Facebook for a number of reasons, but the results are very likely exemplary for a whole industry.

You can follow our journey and the under “Legal Procedure“.

While it is clear by now, that no normal citizen is able to follow through with such a proceeding, we are still working to get our final decision today. We want to know if our fundamental rights are respected and enforced against tech giants like Facebook, or if our rights are only existing on the paper.

You can support them at crowd4privacy.org.

Bad Facebook. No Cookie.

Facebook’s ongoing attempt to get around EU privacy legislation in Belgium has taken a turn for the semantic:

Facebook has appealed a ruling from the Court of First Instance that supported the Belgian data authority’s demand that the social media network stop tracking users.

The court’s ruling contained some English words — like cookie, homepage and browser — which could violate a Belgian law that says all rulings must be in the official languages of the country: French, Dutch and German. Facebook has said this means the whole ruling must be annulled.

Facebook’s lawyers need to get out more. They’re not fooling anyone with this.

Privacy lawyers not associated with the case told POLITICO this is a “desperate, petty and last-ditch” attempt to avoid Belgian justice.

And that’s putting it mildly.

Facebook and the droppings of a male cow

A couple of weeks ago, I mentioned that Facebook had reacted to a Belgian privacy ruling by blocking access to any Facebook page to anyone in Belgium who isn’t signed in to their Facebook account. And now I have actually been affected by this.

We decided, for various reasons, that a takeaway would be a good idea and agreed on which takeaway to go to. Not being particularly familliar with the restaurant in question, I looked them up on Resto and clicked through to their website to see if I could find a menu.

Their “website” turned out to be a Facebook page, so what I was presented with was this.

Sorry, this content isn’t available right now. We have implemented additional security features that require you to log in to Facebook to view this page from Belgium. Learn why.

Being curious, I clicked on the Learn Why link. And here’s what I learned:

Keeping your account secure is extremely important to us.

But I don’t have a Facebook account. And the reason my access is blocked is because I don’t have a Facebook account. So to claim that this is to keep my account secure seems disingenuous at best.

Because of demands made by the Belgian Privacy Commission, we recently had to limit our use of one important security tool, the datr cookie. Please read on to learn how this tool works and why we’re no longer showing public Facebook pages and other content in Belgium to people who don’t have Facebook accounts.

I’m reading…

This cookie is a security tool we’ve used for more than 5 years around the world to help us tell the difference between legitimate visits to Facebook by real people and illegitimate ones (by spammers, hackers trying to access other people’s accounts, or other bad actors).

This cookie can help us secure Facebook by providing statistical information about a web browser’s activities, such as the volume and frequency of requests. Our security systems analyze this browser data to help us tell the difference between regular people logging into their accounts and potential attackers.

So what Facebook appears to be telling me is that they need to suck up my browser history in order to work out whether or not I’m a legitimate visitor.

And, it turns out that this is exactly what they are saying.

The Belgian Privacy Commission, however, has required that we stop using the datr cookie when people without Facebook accounts in Belgium interact with Facebook. In the absence of this tool, we have to treat any visit to our service from an unrecognized browser in Belgium as potentially dangerous and take additional steps to help keep you and other people secure on Facebook.

Really? You can’t just serve up a static page?

I believe that Facebook is written in PHP, in which case the pages are generated on the server and served as HTML. If I’m not logged in, I can’t — and wouldn’t expect to be able to — access any dynamic content and a plain old HTML file is about as secure as you can get.

We recognize that these measures unfortunately may limit and interrupt your experience on Facebook.

I’m sure you do.

Facebook: No access if we can’t spy on you

Back in November, a Belgian court ruled that Facebook should stop tracking Belgians who are not signed up to the site or pay a daily penalty of €250,000. This is on the basis that, if you are not signed up to Facebook, and have not given them explicit permission to track you, then they are not allowed to just assume that it’s okay to start monitoring your online activities.

The company failed to reach an agreement with the authorities and announced last Tuesday (1st December) that that they would comply with the ruling. Their idea of complying is to deny access to any Facebook pages to anyone in Belgium who isn’t logged on. This applies to personal web pages, businesses, charities, and any other activity organised through the Zuckernet.

Privacy secretary Bart Tommelein is not happy:

They’re a major player, and the impact of their decision is major, but we are not giving in to blackmail. Everyone has to abide by the privacy laws. Without privacy, there can be no freedom.

I have a couple of thoughts about this. The first is that Facebook needs to understand that they are not above the law. If not being allowed to spy on random individuals harms Facebook’s business model, then it’s the business model that needs to change. On a related note, it’s worth remembering that data protection laws exist at the EU level, so similar privacy cases can be brought in any other EU country.

The other point to bear in mind applies to the businesses, charities and other organisations that depend on Facebook for their online presence. Proprietary networks may look like a quick and convenient way to get online, but you are entirely dependent on an organisation that has absolutely no interest in your business, your revenue or your activities. These organisations really should take control of their own online presence.