Advanced Search
Content Type: Examples
In 2018, WhatsApp founder Brian Acton responded to the Cambridge Analytica scandal by tweeting "It is time. #deletefacebook." He also left the company, walking away from $850 million in unvested stock rather than accede to Facebook's plans to add advertising and commercial messaging, a purpose at odds with WhatsApp's encrypted environment. In 2014, Acton and his co-founder Jan Koum, sold WhatsApp to Facebook for $22 billion. Acton's wanted instead to monetise WhatsApp by charging users tiny…
Content Type: Examples
After a series of scandals, in the year up to September 2018 54% of American Facebook users had changed their privacy settings and 42% had skipped visiting the platform for several weeks or more. About 26% said they had deleted the Facebook app from their smartphone. Some 74% of Facebook users had taken at least one of these three actions, split evenly across Democrats and Republicans. Across age groups, younger users (18 to 29) were more likely to have deleted the app (44%), and only a third…
Content Type: Examples
Even after 2015, when Facebook said it had walled off user records from third parties, inside sources and court documents showed that the company went on maintaining a whitelist of companies that were allowed customised access to information about users' Friends, phone numbers, and a "friend link" metric that measured the degrees of separation. Whitelisted companies included Nissan and Royal Bank of Canada, and others that either advertised on the network or were valuable to Facebook for other…
Content Type: Examples
In July 2018, Facebook announced it was investigating whether the Boston-based company Crimson Hexagon had violated the company's policies on surveillance. Crimson Hexagon markets itself as offering "consumer insights". Its customers include a Russian non-profit with ties to the Kremlin, and multiple US government agencies. After pressure from civil liberties groups, Facebook put a policy in place in March 2017 barring the use of members' data for the purposes of government surveillance.…
Content Type: Examples
In May 2018 Facebook announced it would partner with organisations in places such as Myanmar and South Sudan in order to develop more "context-specific" knowledge about how its platform is being abused to create real risks of harm and violence. In Myanmar, where telephone companies allowed Facebook to offer free access, the number of users rose in tandem with the amount of online hate speech, most of it directed against the country's Muslim minority. Facebook wound up withdrawing its Free…
Content Type: Examples
In 2018, experiments showed that despite the company's denials, ads could be targeted at specific Facebook users via information that the users had never given Facebook, such as phone numbers.
The reason: Facebook allows advertisers to upload their own lists of phone numbers of email addresses, and the service will use them to put ads in front of users associated with those details. The company also uses information supplied for security purposes, including phone numbers provided for two-…
Content Type: Examples
In June 2018 Facebook announced it would install new controls to improve members' understanding of how companies targeted them with advertising, including letting them know if a data broker supplied the information. This was the second update to the company's policies in 2018; in March it attempted to ban the use of data brokers but pulled back when advertisers threatened to pull their business.
https://uk.reuters.com/article/us-facebook-privacy-broker/facebook-releases-new-privacy-safeguards-…
Content Type: Examples
Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's Facebook Friends. The most successful of these ads specifically targeted American girls aged 14 to 17 and said the app would let them play their favourite music on Facebook for free and share it…
Content Type: Examples
Under a clause in the country's computer crime act that criminalises uploading content that is false or causes "panic", in 2018, Thailand's ruling military junta pursued a criminal investigation into a live feed on the Facebook page belonging to the rising Future Forward Party. The postings claimed that the governing party, the National Council for Peace and Order, which seized power in 2014 was using the threat of lawsuits to recruit former MPs from rival parties. The NCPO has promised to hold…
Content Type: Examples
In the run-up to the November 2018 US midterm elections, Vice tested Facebook's new system of mandatory "Paid for" disclosure intended to bring greater transparency to the sources of ads relating to "issues of national importance". Placing political ads requires a valid ID and proof of residence. Vice found that Facebook quickly approved ads the site attempted to place that named Islamic State, US vice president Mike Pence, and Democratic National Committee chair Tom Perez in the "Paid for"…
Content Type: Examples
In the run-up to the 2018 US mid-term elections, researchers found that the dissemination of fake news on Facebook was increasingly a domestic American phenomenon rather than, as in the 2016 presidential election, an effort driven by state-backed Russian operatives. Removing such accounts (Twitter) and pages (Facebook) is tricky in the US, where the boundary between free speech and disinformation is particularly sensitive. In addition, domestic disinformation is harder to distinguish. One of…
Content Type: Examples
In 2014, a team of four Swedish and Polish researchers began scraping every comment and interaction from 160 public Facebook pages. By two years later, they had collected one of the largest sets of user data ever assembled from the social network; it enabled them to track the behaviour of 368 million members. Techniques like those the researchers used have been used by scholars around the world for a decade to compile hundreds of Facebook data sets of all sizes. Many have been used for research…
Content Type: Examples
Between May 18 and May 22, a bug in Facebook's system changed the settings on 14 million users' accounts so that newly posted updates they thought were private might have been made public instead. The company attributed the error to a mistake made in redesigning how the public parts of user profiles are displayed. After Facebook found the bug, it was another five days before all privacy settings were correctly restored.
https://www.washingtonpost.com/news/the-switch/wp/2018/…
Content Type: Examples
In July 2018, the leader of a private Facebook group for women with the BRCA gene, which is associated with high breast cancer risk, discovered that a Chrome plug-in was allowing marketers to harvest group members' names and other information. The group was concerned that exposure might lead to other privacy violations and discrimination from insurers. The company shut down the extension and closed the loophole. The case is of particular concern because the US Heath Insurance Portability and…
Content Type: Examples
In announcing a data breach in 2018, at first Facebook said 50 million people's data had been accessed, then 30 million - but the data accessed was more sensitive than they thought at first. After investigation, the company explained that it had identified four stages of attack with a different group of victims affected in each one. The attackers used an automated technique to move from the first small group of accounts they controlled to others, stealing access tokens of friends and friends of…
Content Type: Examples
In August 2018, Facebook announced it would remove more than 5,000 ad targeting options in order to prevent discrimination. Options specifying the exclusion of people interested in "Passover", "Native American culture", or "Islam" could be used as proxies to allow advertisers to exclude ethnic and religious groups in contravention of the law. The announcement came shortly after the US Department of Housing and Urban Development filed a complaint alleging that the company had enabled…
Content Type: Examples
Days before the US November 2018 midterm elections, ProPublica discovered that an organisation called Energy4US spent $20,000 to run ads on Facebook pushing conservatives to support the Trump administration's reversal of fuel emission standards. On closer scrutiny, Energy4US appeared to be a front organisation for the trade association American Fuel and Petrochemical Manufacturers, which numbers the world's largest oil companies among its members. Although Facebook's announced requirement that…
Content Type: Examples
In October 2018, in the wake of the Cambridge Analytica scandal and questions over Facebook's influence on the UK's EU referendum, Facebook announced it would add Britain to the US and Brazil on the list of countries where the company will no longer allow political groups to publish "dark" ads on its network. Among the changes: all paid-for political content will be automatically published in a public library for up to seven years; individuals and organisations running ads with political…
Content Type: Examples
In the run-up to the US 2018 mid-term elections, Facebook announced it would broaden the company's policies against voter suppression by banning misrepresentations about how to vote and whether a vote will be counted. The company also introduced a reporting option to allow users to report incorrect information and dedicated reporting channels for state election authorities. The company noted it was getting better at detecting and removing fake accounts and increasing transparency about…
Content Type: Examples
For many Filipinos, Facebook is their only way online because subsidies have kept it free to use on mobile phones since its launch in the country in 2013, while the open web is expensive to access. The social media network is believed to have been an important engine behind the ascent to the presidency of Rodrigo Duterte. Beginning in 2016, faked photographs and videos spread alongside false news targeting Senator Leila de Lima, a noted critic of Duterte and his violent war on drugs, and others…
Content Type: Examples
In a systematic campaign over more than five years, Myanmar military used Facebook to covertly spread propaganda, mostly against the Rohynga, via accounts that appeared to be dedicated to pop stars and entertainment, turning the social media site into a tool for ethnic cleansing. Having garnered a mass following, the military operatives then used the pages to distribute false news, and spread hostility and division. In one campaign in 2017, the military's intelligence group sought to convince…
Content Type: Examples
In June 2018, human rights and digital rights activists in Myanmar called on Facebook to raise its level of moderation of Burmese-language content in order to reduce hate speech, which they said was at high risk of sparking open violence. In Myanmar, decades of civil war and the end of military rule had led to a humanitarian crisis that sent 900,000 Rohynga fleeing the country and that United Nations investigators called "ethnic cleansing" and suspected genocide. Because Facebook is pre-…
Content Type: Examples
In April 2018, Facebook announced that in six months it would end a programme it called "Partner Categories", in which the social network acted as a bridge between data brokers like Acxiom, Epsilon, and TransUnion and the consumers their customers want to reach. In this deal, Facebook did not actually sell the data it collects; instead, it targeted ads to the lists of people the data brokers uploaded. Facebook users can see the results for themselves by going to their privacy settings and…
Content Type: Long Read
Photo Credit: Max Pixel
The fintech sector, with its data-intensive approach to financial services, faces a looming problem. Scandals such as Cambridge Analytica have brought public awareness about abuses involving the use of personal data from Facebook and other sources. Many of these are the same data sets that the fintech sector uses. With the growth of the fintech industry, and its increase in power and influence, it becomes essential to interrogate this use of data by the…
Content Type: Examples
Facebook-owned Onavo VPN (adertised as a way to block harmful websites, and keep a user's data safe) is pulled from the Apple App Store due to tracking, collecting, and analysing customers' usage data, including from other unrelated apps.
https://arstechnica.com/tech-policy/2018/08/facebook-violates-apples-data-gathering-rules-pulls-vpn-from-app-store/
Author: Valentina Palladino
Ars Technica
Content Type: Examples
30 million users had their accounts breached, with a total of 90 million accounts reset after Facebook's "view as" feature leaked unique user account access tokens, allowing attackers to not only trivially impersonate any other user on the platform, but also to potentially automate the attack on a massive scale using their API.
This is of particular concern where these access tokens were used as a "Single Sign On" for third-party services who authenticate against Facebook. The…
Content Type: Long Read
Yesterday the UK's Information Commissioner's Office (ICO) - which is responsible for ensuring people's personal data is protected - announced it intends to fine Facebook the maximum amount possible for its role in the Cambridge Analytica scandal.
This decision highlights of how serious and rampant misuse and exploitation of data is. Facebook is responsible and failed to comply with data protection 101: be upfront and honest about what you are doing with people's data.
Importantly, the ICO's…
Content Type: Examples
In May 2017, the European Commission fined Facebook $122 million for providing incorrect or misleading information during its 2014 acquisition of WhatsApp. At the time of the acquisition, Facebook assured the EC that it would not be able to link its accounts database to that of WhatsApp. After the merger, Facebook went on to implement that linkage, and the EC found that Facebook staff knew even in 2014 that it was technically possible to do so. The EC could have imposed a larger fine, but said…
Content Type: Examples
In December 2017, the German cartel office presented preliminary findings in an investigation of Facebook, ruling that the company had abused its dominant position by requiring access to third-party data (including data from subsidiaries WhatsApp and Instagram) when an account is opened and tracking users across the web. Facebook responded that the service is popular in Germany, but not dominant. About 41% of Germans have active Facebook accounts. The investigation's final resolution…
Content Type: Examples
In September 2017, the Spanish national data protection regulator fined Facebook €1.2 million, alleging that the company collected personal information from Spanish users that could then be used for advertising. The investigation, which took place alongside others in Belgium, France, Germany, and the Netherlands, found three cases in which Facebook had collected information such as gender, religious beliefs, personal tastes, and browsing histories of millions of Spanish users without disclosing…