> These advertisers are running ads using a contact list they or their partner uploaded that includes info about you. This info was collected by the advertiser or their partner. Typically this information is your email address or phone number.
Newsflash, BuzzFeed's ad networks onboard and sync information about their readers in exactly the same way. Do people think that BF loads Quantcast, Scorecard Research etc onto their site for the good of their health?
That's not to mention the viral quizzes and other data gathering exercises that BuzzFeed invented and sold as a product.
I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
Three reasons:
1. In most responsible news organizations, there is a significant firewall between advertising and news. In two places I worked, the sales people weren't even allowed to go into the newsroom.
2. News organizations are not IT departments. A reporter is not involved in how a web site is built, or what goes on behind the scenes. There are different people in different departments for that.
3. Just because a newspaper does something bad with its web site does not make what happens at Facebook/Google/etc... any less bad. SV needs to get over the whole "But Bobby jumped off the bridge, too!" mentality.
1. No one implied that this advertising was impacting their reporting.
2. They're reporters... if they don't know what's going on in their own backyard, there's a serious issue.
3. Maybe, but there's something ironic about the fact that this very reporting only exists because of these ad practices. This person most likely wouldn't have a job if the very practice they are reporting on didn't exist.
> Just because a newspaper does something bad with its web site does not make what happens at Facebook/Google/etc... any less bad.
Absolutely it does. The prevailing narrative is that SV tech companies are innovators in this space, invading your privacy in ways that normal companies would never dream of. "Facebook engages in industry standard data collection" is a very different story, even if the industry standard is still bad.
You can't have it both ways. The buzzfeed platform is tracking/collecting. Either the reporter knows this and is ignoring it or is unaware which makes the article seem less creditable.
yes it does. you don't get to criticize someone for an action while performing the exact same action and expect your argument to have a shred of credibility
> 1. In most responsible news organizations, there is a significant firewall between advertising and news. In two places I worked, the sales people weren't even allowed to go into the newsroom.
Do reporters not get any access to their analytics?
It doesn't make it any less bad, but it does make me question the motivations of the reporter.
Either A) They know what their own website is doing and think it's OK, in which case there may be a conflict of interest. If that's the case, we should take any suggestions they have about how to resolve the problem with a gain of salt.
or B) They don't know what their own website is doing, in which case they've done a pretty poor job researching their own article. I don't expect a reporter to be a tech expert, but I do expect them to be inquisitive enough to think, "when people say that advertising pays for reporting, might they conceivably mean the same thing as when they say that advertising pays for Facebook?"
Facebook's privacy violations are bad. The hypocrisy of journalists calling them out doesn't change that. But in the privacy community, it should make us suspicious of their articles for the same reason we should be suspicious of a scientific study of sugar paid for by the meat industry. It should push us to double check their claims and question what their motivations are.
These are people who's interests either happen to align with ours temporarily and that might change in the future, or they're allies who haven't done enough research to be able to make strong claims about what our responses and policy changes should be.
It's not that Buzzfeed is wrong about Facebook. It's that they're not currently in a responsible or knowledgeable enough position to lead the conversation about Facebook.
> In two places I worked, the sales people weren't even allowed to go into the newsroom.
And the journalists in turn aren't allowed to look at their own websites when researching a story?
> A reporter is not involved in how a web site is built, or what goes on behind the scenes.
But they do talk to IT people when they write stories about IT things, don't they?
I'm all with you that it doesn't change the story's correctness one bit, but it does question the self-awareness of journalists as part of companies. Unless it's a secret move to get people to focus on the stuff their organisation does which they can't publicly comment on for fear of being sacked (by the ads people, presumably), that would be quite different.
edit: I'd love to reply, but somebody in their limitless wisdom has decided to time me out for whatever reason.
> 1. In most responsible news organizations, there is a significant firewall between advertising and news. In two places I worked, the sales people weren't even allowed to go into the newsroom.
Editor: "So your last screed about Facebook got a ton of clicks and shares, can you do another?"
Tell me more about that firewall. In modern news orgs, you're selling the words next to the content, not the readership.
> 2. News organizations are not IT departments. A reporter is not involved in how a web site is built, or what goes on behind the scenes. There are different people in different departments for that.
Journalists are inquisitive, intellectually curious types. You have to call into question the ethics of someone prepared to write about something they have a good idea that their own company engages in.
> 3. Just because a newspaper does something bad with its web site does not make what happens at Facebook/Google/etc... any less bad. SV needs to get over the whole "But Bobby jumped off the bridge, too!" mentality.
This is just tu quoque. It's not exonerating Facebook at all (though Facebook typically have a deterministic data set to work with, which reduces the kind of shady practices they need to engage in with third party data sets), it's merely saying that you don't get a free pass on calling this kind of stuff out if you're engaging in the same kind of data gathering yourself.
>> These advertisers are running ads using a contact list they or their partner uploaded that includes info about you. This info was collected by the advertiser or their partner. Typically this information is your email address or phone number.
> Newsflash, BuzzFeed's ad networks onboard and sync information about their readers in exactly the same way. Do people think that BF loads Quantcast, Scorecard Research etc onto their site for the good of their health? ...
> I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
What you're advocating is basically a circular firing squad.
If you have to be impeccably pure to call out a wrong (and furthermore, only associate with impeccably pure people and organizations), then no one will ever call out any wrongs and they'll fester and grow.
I think it's possible that the author doesn't even know this. Does BuzzFeed have an interface where a user can go to see this information?
The level of understanding that most people have about online tracking is just really, really low, and this author probably wouldn't know about any of this if Facebook didn't have that particular page.
EFF's Privacy Badger, NoScript, Unlock, AdblockPlus has many lists, and many many more add-ons can show you all the nasties in each page, and you click-block them once and for all. Same add-ons are also for the Firefox on Android.
Edit: yes most likely the author is someone that may be seldonmly writing for the site, or just sells his texts and doesn't really pay attention/care where this is posted.
NoScript shows buzzfeed.com when you initially load it, when you (temporarily) accept that domain you get lots of others... including facebook.net. Allowing any one of those (which I didn't do) may bring up others in this very fun game of javascript domain whackamole. Using that extension or one of many others that work similarly will enlighten even the most technophobic of journalists as to how this all works.
I find it hard to believe they looked into the subject and didn't run across these. But I suppose it's possible.
> I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
Not only is the media guilty of many of the popular tech company sins, but they originated them.
* Putting us all into filter bubbles where a few big players control and curate the information seen by the masses? The media did it first.
* Using the aforementioned powers to affect elections and democracy, sometimes adversely? The media did it first.
* Advertiser-supported business models? The media did it first.
* Obsessively optimizing the product for reads/clicks, thus leading to sensationalist clickbait headlines, an overabundance of negativity, and an extreme focus on novelty above all else? The media did it first.
The media doesn't like tech for the same reason you almost always see when any two industries feud with each other: because they're competitors and one feels threatened by other.
Hypocrisy aside, news publications also have significant incentive to go after Facebook because Facebook has become their biggest competitor for attention. You don't need to visit NYT or WaPo for news if your social circle keeps you up to date on the issues you care about. The substitution of real investigative journalism for unverified word-of-mouth stories via acquaintance is definitely something we should be concerned about as a society, but it's also important to recognize that there are significant profit motives at play that should also be examined.
I have no idea why everyone isn't blocking all ads, trackers, beacons, or even using Facebook to begin with. Everyone knows what they are about. An ad-free Internet is a good Internet. Personally I have not seen a single ad online on my computers or mobile in years. You already pay to use the Internet. Keeping a website alive is the cost of doing business, not tracking people and allowing their ads to infect, slow down, or interfere with content.
> Yet all of this journalism was paid for, in part, by The Times’s engaging in the type of collecting, using and sharing of reader data that we sometimes report on.
Nice passive voice. A writer good enough to write for the New York Times only writes a sentence that passive and convoluted for a very good reason.
"We track, use and share the data of you, the reader, and sell this to advertisers."
It's definitely fair to criticize Buzzfeed etc for these practices, but don't want to stop the reporting on facebook because the buzzfeed business model has overlap. That would surely reduce the total amount of scrutiny on such practices because of all the sites that can't throw stones from their glass houses.
More to the point building up lists of people's phone numbers and physical/electronic addresses has been how direct marketing has been done for literally centuries. From wikipedia:
> In 1667, the English gardener, William Lucas, published a seed catalogue, which he mailed to his customers to inform them of his prices.
I just have trouble seeing how adding computers to this practice is the line that is too far for people.
For me: there's a world of difference between giving someone your private data and having third-party services (Scorecard, Quantcast, Criteo, Tapad, others) give it to them.
Just because I happen windowshop some store doesn't mean I gave them permission to ask for my info around. They're free to ask me. But that's just me.
FWIW, I wrote a little script back in Feb that you can use in the console on that Facebook advertisers page to auto click "remove" on them all for you.
I run it about every month, and it's crazy how many get added in that time span. There is literally thousands and thousands from brands/companies/etc. that I've never heard of it. It's insane.
The author keeps saying 'my data' when the data isn't theirs. The fact that they interacted with a party, that interaction, and who you are, is thier data.
This isn't a theoretical nit pick, this is the law. And it makes sense. If you and i have a conversation, i am free to tell someone else about that conversation, because i was part of it. That is my data, as it is also theirs.
In casual use, if we agree not to tell anyone, that is different, but the default is both parties own it.
This the simple minded use of 'my data' really wrecks what could be a rather interesting ( but not surprising ) piece.
> This isn't a theoretical nit pick, this is the law.
Of course, the law is changing... and in fact, under a lot of laws, it really is "my data".
Much like intellectual property, these laws were established for a particular context, and we've long since moved past that context, raising reasonable questions as to whether those laws are really a good idea.
> And it makes sense. If you and i have a conversation, i am free to tell someone else about that conversation, because i was part of it. That is my data, as it is also theirs.
Are you entitled to a DNA sample from some skin cells that floated in the air while you were having said conversation? Does that conversation entitle you to know of every other place that person goes that day? Are you entitled to share a full recording of that conversation with anyone you'd like?
The lowered price of collecting, aggregating & exchanging information changes the context under which the existing laws were made, raising questions about whether we wish to alter those laws.
Exactly. Here's an example of the type of law you are talking about.
I live in a all party consent state, so if you want to record a conversation with me, legally, you need to have my consent.
Some states are one party consent states. You can record any conversation you want.
Across state lines, federal law requires only consent of one of the parties. But that doesn't resolve anything. Courts in different states handle cross-border complaints differently, some enforce their local all party standard, others demure to the other jurisdiction's one party laws.
>Are you entitled to share a full recording of that conversation with anyone you'd like?
You already have no expectation of privacy in a public space, though.
Today I overheard an HR person talk about a big tech firm's recent VP tenures and prospects on a bus. I looked up a couple of linkedins before my earbuds charged enough to put an audiobook on. Not that I'll ever contact them, I just couldn't believe someone would be so genuinely unprofessional and I was bored.
What a world we live in, where corporations can gossip just like people.
> Are you entitled to a DNA sample from some skin cells that floated in the air while you were having said conversation?
Yes. Why wouldn't I be. Those DNA are in my body. They might be infecting me in some way. Why would I not be able to inspect them however I want?
> Does that conversation entitle you to know of every other place that person goes that day?
If I'm with them the entire time then yes. If other mutual friends were with them I'm fully entitled to ask them and they are fully entitled to answer.
I went to Disneyland with my sister yesterday. I just shared with you that my sister was at Disneyland yesterday. My mom told me she and my sister went to dinner at McDonalds on the east exit of Disneyland after they got out. I just shared with you something my mother told me about my sister. I have broken no laws nor done anything considered wrong AFAIK in any country in the history of the world up to this point.
> Are you entitled to share a full recording of that conversation with anyone you'd like?
Personally I believe the answer is effectively yes and should be yes though I understand it might legally be no in certain places at the moment I believe those laws will eventually be overturned. Why do I hold this position? Because my brain recorded the conversation. So, first off if I have good memory I can dictate the conversation. Second, if I can make a machine to pull that data out of my brain it doesn't feel like the law can tell me I can't. It's my brain and my memory. Further, it's arguably we will enhance brains digitally at some point. First for people with brain disability. At that time it will be trivial for them to digitally extract their memories and being their memories again the law should have no say. In other words, tech will eventually make this question moot. Conversations will be recorded and just like I can tell you that while at Disneyland yesterday my sister said she was going to Hawaii in June (I just shared a lo-fi recording of that conversation with you) eventually I'll be able to do that with hi-fidelity.
Let me add I'm a little scared of such a world but I personally see it as inevitable. I believe digitally augmenting brains is inevitable and I believe telling people what they can do with their personal memories and who they can share them with is impossible/untenable so that world will come eventually.
Let me add though that I'm not against laws that say such data can not be collected in mass quantities. I have no idea how to word those laws so as it's possible for me to share all the data mentioned above with whoever I choose and yet not allow FB to do the same and also still allow services to help me share that data with who I choose to share it just like HN just facilitated me sharing info about my sister with you above.
I see nothing wrong with calling my contact information "my data," because I feel some ownership over how it is used and disseminated. I strongly disagree with the idea that having an interaction with a business gives them a license to tell anyone anything about our interaction, including (especially) my contact information. I agree it is "the law" right now, but I think that is wrong and should be changed.
I'll see your analogy and raise you a begged question.
You're starting from the assumption that a collection of personally-identifiable information is free to share. That isn't necessarily true of such information.
If you and I have a conversation about a trade secret of mine, then you are not free to tell someone else about the conversation. There are forms of information and transmission that we've agreed by law to restrict.
Why shouldn't we include PII in that? (For another example, consider the privacy of medical data.)
> This isn't a theoretical nit pick, this is the law.
There are exceptions for things like health information or DVD rentals. It's time we start to think about expanding those rules to any commercial use of data about private individuals.
In Europe we think differently as can be read in article 8 of the Charter of Fundamental Rights of the European Union [0]:
"Everyone has the right to the protection of personal data concerning him or her. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified."
> The author keeps saying 'my data' when the data isn't theirs. The fact that they interacted with a party, that interaction, and who you are, is thier data.
"My data" might be ambiguous, because it can imply both ownership and association, but in this case obviously means "personal data concerning me".
> This the simple minded use of 'my data' really wrecks what could be a rather interesting ( but not surprising ) piece.
Try to read it again, this time without assuming the least favorable interpretation you can think of.
The difference is you can't have a conversation with a hundred million people in a day and record everything to use in the most efficient analytical way. Additionally Facebook isn't even having a conversation - it's just a space where other people have conversations and fb records everything like a creepy friend in the shadows.
I think it's pretty pedantic to claim the data isn't ours.
These advertisers are running ads using a contact list they or their partner uploaded that includes info about you. This info was collected by the advertiser or their partner. Typically this information is your email address or phone number.
I like how they purposely give a couple examples, omitting the targeting factors that are more likely to freak people out, such as targeting by lists of names and dates of birth
On top of that, it's absurd that someone can add my phone number to their advertising platform to get my name. Unlike email addresses, phone numbers are rather finite, and the number itself is tied to a particular geographical area (for the most part).
On a related note, Facebook makes it so difficult to unlike things, unfriend people, and opt-out of information from individual advertisers. It's obviously hostile design aimed at making it as hard as possible to reduce your advertising value to them.
What Facebook is doing might not be illegal, but I think what they are doing is more unethical than many felonies. The people in charge of these decisions are getting wealthy from them, and they are never going to face consequences for their actions, which is a real shame.
That's why I never signed up for FB's 2FA program, and give out random fake phone numbers elsewhere, like grocery stores. I'm sure (987) 654-3210 will save you 10% on your tomatoes.
Name and birth date is nothing. The freaky shit is that Acxiom tracks women's menstrual cycles. Advertisers tailor their campaigns depending on what will be best received at any given time in the cycle.
really? that's interesting, because I'm literally running an experiment right now since this whole 'Facebook shows you who's targeting you' thing started.
Facebook explicitly has my name, my "second" birthday (I love all my birthdays equally, especially the ones I give to marketing sites) and a special email address I have literally created only to give to Facebook for my account. The rest of my account info is deliberately empty and I've deliberately locked down as much privacy settings as I can, don't use the site from my phone (Honestly I barely use the site at all) and have opted out of everything I can.
Advertisers are still showing up (one of them is a liquor store even though I'm a teetotaler and I have selected not to be shown alcohol ads, but what can you do?)
It's always interesting to me the number of people who come out on HN to advocate vociferously for ownership of their private data, given that HN doesn't even let you delete your account ;)
> It's always interesting to me the number of people who come out on HN to advocate vociferously for ownership of their private data, given that HN doesn't even let you delete your account ;)
It's true HN doesn't let you delete your account, but I'm not sure most HN account information is really "private", since submissions and comments are all public. Maybe a user's voting history is more sensitive. But it's not like HN (to my knowledge) is aggregating data on its users from other sources.
I can't speak for anyone else, but when I signed up to HN I made the naive mistake of assuming that of course a pure tech website would be implemented correctly.
I was surprised and disappointing when I found out it didn't support deletion, but I'm kind of stuck now. Maybe one day I'll scramble my password and never come back, that's about the closest I can get to a deletion I guess. I check all new websites more carefully these days.
True account deletion was one of the first features I implemented into my web service. I don't think any non-government site that doesn't offer it has a valid excuse. For example with npmjs.com you have to contact their customer support to delete your account, that's just bad UX.
it also requires almost no private info, so, technically, you can stay anonymous (modulo a dedicated adversary). Granted, I agree with your point. HN should try and mask deleted account, but the website is public, and therefore the point is moot.
The Cambridge Analytica scandal was super interesting to me because it reflected an entirely standard and unremarkable data-collection process that I'd seen several times. And yet it filled international headlines. Congress was interested.
It's easy to do. You create some app that has "login with Facebook". That's great for users, right? One less password for them to remember. Then as soon as they log in you make a quick call to the Facebook API, get all their friends, and dump it in some database table.
Even if only a few people log in to your app, you can get a database of thousands of real people.
I don't work for that type of company anymore, but I've been many places where that was bog standard, the very first code you write for a new product.
Does anyone know if the Facebook API has changed now?
Tangent: This is a side-effect to how Facebook exposes Facebook ids. They expose system-wide identifiers. LinkedIn's API exposes user ids that are transformed based on whoever is interacting with the API. My network graph could overlap with your network graph, but the overlapping people would have different ids.
Weren't you able to also pull infos like birthday, posts, likes and the online-status of friends of the one who used Facebook to log-in into a 3rd-party site? I think they then limited this to just the list of friends.
It became a massive "scandal" because it was part of the ongoing Facebook-scapegoating campaign that began the day after Trump won the election. There have been like 7 separate episodes in that scapegoating saga over the oas 2 years, and Zuckerberg has had to go public a bunch of times with some new vow to do something to get Facebook under control so that something so heinous doesn't happen again, lol... CNN and MSNBC viewers cannot understand how someone can support Trump unless than person is a white supremacist Nazi or whatever. All I know is that I have a nice $1,500 wager with a relative (who bet me last time as well) that if Trump is IN the election, he will win again. The only thing that could stop him is if he is simply not a candidate on Election Day. I think the main thing that could stop him is his own cholesterol; celebrity physician Dr. Oz said, in a show WITH Trump in September 2016, that Trump has too much of the "bad cholesterol."
Don't use social media and lock down your browser to limit fingerprinting. Your remaining big threats are phone apps and traditional data brokers profiling your credit card usage. Cut out all unnecessary apps, block everything else with a firewall and pay cash. You will then be far more opaque to the private surveillance apparatus than most first-worlders.
I'm rarely using Facebook. I have an account, even some photos, but that's it. I may scroll the wall from time to time, usually readings arists posts and stuff, as my friends are just like me - not posting anything about them anyway.
I'm a heavy user of privacy extensions. Currently using uBlock Origin + uMatrix. Most sites I run can't store anything (like cookies) or has access to scripting. I'm having an unique e-mail address for every service I register to (thanks to catch-all on own domain).
The above are available to everyone.
Additionally, I'm manually fixing broken websites, that can work without JS but refuses to - this however requires some skills.
When I really want to see the website that refuses to work with all these protections - I'm opening it in incognito session.
Result:
On my accounts (both fake and real) these Facebook advertisers lists are empty. The only list that's not empty is advertisers I decided I don't want to see ads from.
Of course I know this doesn't mean I'm anonymous and nobody knows anything about me. A lot of services know. These protections listed above aren't the silver bullet. They can still track me, they just won't tell me everything. Most of my data are stored with Google. I let them store my location history (they probably would do it anyway). They know all my searches. They know my entertaiment interests (Youtube history, likes, dislikes).
Well... You can track me too. I'm not using unique nicknames usually. You can find my contact info on the internet, on my website and other places. You can find my home address. You can know where I work.
But these were my choice. But I still have to remember I can't take that back, "Internet won't forget".
So yeah. You have the control. Just stop giving yourself away, protect yourself from automation. Share yourself with people offline. That's all.
One thing I don't quite understand is why Facebook's data about me is my data? In my opinion, it's not. I've never put a single thing on Facebook with the expectation that I'd own it or control it.
I understand what you're saying, and you're not wrong. I just find the concept of data about me being "my data" to be strange. If someone takes a picture of me, it's their picture. If I use your website, and you collect information about me, it's your information. Maybe I just don't care what you know about me. I know the REALLY good stuff about me, and I ain't sharin' that with anyone!
Its because you don't use Facebook in order to communicate WITH facebook. Just like with the telephone company or an email provider they only have access to the communication by virtue of the fact that they have set themselves up as an intermediary.
Readit News
Newsflash, BuzzFeed's ad networks onboard and sync information about their readers in exactly the same way. Do people think that BF loads Quantcast, Scorecard Research etc onto their site for the good of their health?
That's not to mention the viral quizzes and other data gathering exercises that BuzzFeed invented and sold as a product.
I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
Three reasons:
1. In most responsible news organizations, there is a significant firewall between advertising and news. In two places I worked, the sales people weren't even allowed to go into the newsroom.
2. News organizations are not IT departments. A reporter is not involved in how a web site is built, or what goes on behind the scenes. There are different people in different departments for that.
3. Just because a newspaper does something bad with its web site does not make what happens at Facebook/Google/etc... any less bad. SV needs to get over the whole "But Bobby jumped off the bridge, too!" mentality.
2. They're reporters... if they don't know what's going on in their own backyard, there's a serious issue.
3. Maybe, but there's something ironic about the fact that this very reporting only exists because of these ad practices. This person most likely wouldn't have a job if the very practice they are reporting on didn't exist.
Absolutely it does. The prevailing narrative is that SV tech companies are innovators in this space, invading your privacy in ways that normal companies would never dream of. "Facebook engages in industry standard data collection" is a very different story, even if the industry standard is still bad.
Do reporters not get any access to their analytics?
Either A) They know what their own website is doing and think it's OK, in which case there may be a conflict of interest. If that's the case, we should take any suggestions they have about how to resolve the problem with a gain of salt.
or B) They don't know what their own website is doing, in which case they've done a pretty poor job researching their own article. I don't expect a reporter to be a tech expert, but I do expect them to be inquisitive enough to think, "when people say that advertising pays for reporting, might they conceivably mean the same thing as when they say that advertising pays for Facebook?"
Facebook's privacy violations are bad. The hypocrisy of journalists calling them out doesn't change that. But in the privacy community, it should make us suspicious of their articles for the same reason we should be suspicious of a scientific study of sugar paid for by the meat industry. It should push us to double check their claims and question what their motivations are.
These are people who's interests either happen to align with ours temporarily and that might change in the future, or they're allies who haven't done enough research to be able to make strong claims about what our responses and policy changes should be.
It's not that Buzzfeed is wrong about Facebook. It's that they're not currently in a responsible or knowledgeable enough position to lead the conversation about Facebook.
On the other hand, if adtech practices are bad (and they are), then it is not only Facebook that needs to change.
Deleted Comment
And the journalists in turn aren't allowed to look at their own websites when researching a story?
> A reporter is not involved in how a web site is built, or what goes on behind the scenes.
But they do talk to IT people when they write stories about IT things, don't they?
I'm all with you that it doesn't change the story's correctness one bit, but it does question the self-awareness of journalists as part of companies. Unless it's a secret move to get people to focus on the stuff their organisation does which they can't publicly comment on for fear of being sacked (by the ads people, presumably), that would be quite different.
edit: I'd love to reply, but somebody in their limitless wisdom has decided to time me out for whatever reason.
Editor: "So your last screed about Facebook got a ton of clicks and shares, can you do another?"
Tell me more about that firewall. In modern news orgs, you're selling the words next to the content, not the readership.
> 2. News organizations are not IT departments. A reporter is not involved in how a web site is built, or what goes on behind the scenes. There are different people in different departments for that.
Journalists are inquisitive, intellectually curious types. You have to call into question the ethics of someone prepared to write about something they have a good idea that their own company engages in.
> 3. Just because a newspaper does something bad with its web site does not make what happens at Facebook/Google/etc... any less bad. SV needs to get over the whole "But Bobby jumped off the bridge, too!" mentality.
This is just tu quoque. It's not exonerating Facebook at all (though Facebook typically have a deterministic data set to work with, which reduces the kind of shady practices they need to engage in with third party data sets), it's merely saying that you don't get a free pass on calling this kind of stuff out if you're engaging in the same kind of data gathering yourself.
> Newsflash, BuzzFeed's ad networks onboard and sync information about their readers in exactly the same way. Do people think that BF loads Quantcast, Scorecard Research etc onto their site for the good of their health? ...
> I have no idea why people don't call BS on news orgs that run 'exposes' on Facebook's ad targeting, when they target, track and follow their readers in exactly the same way.
What you're advocating is basically a circular firing squad.
If you have to be impeccably pure to call out a wrong (and furthermore, only associate with impeccably pure people and organizations), then no one will ever call out any wrongs and they'll fester and grow.
The level of understanding that most people have about online tracking is just really, really low, and this author probably wouldn't know about any of this if Facebook didn't have that particular page.
Edit: yes most likely the author is someone that may be seldonmly writing for the site, or just sells his texts and doesn't really pay attention/care where this is posted.
I find it hard to believe they looked into the subject and didn't run across these. But I suppose it's possible.
Not only is the media guilty of many of the popular tech company sins, but they originated them.
* Putting us all into filter bubbles where a few big players control and curate the information seen by the masses? The media did it first.
* Using the aforementioned powers to affect elections and democracy, sometimes adversely? The media did it first.
* Advertiser-supported business models? The media did it first.
* Obsessively optimizing the product for reads/clicks, thus leading to sensationalist clickbait headlines, an overabundance of negativity, and an extreme focus on novelty above all else? The media did it first.
The media doesn't like tech for the same reason you almost always see when any two industries feud with each other: because they're competitors and one feels threatened by other.
And if BuzzFeed has no such disclosure page, you'd expect the reporter to mention that, and credit Facebook more strongly for having one.
Nice passive voice. A writer good enough to write for the New York Times only writes a sentence that passive and convoluted for a very good reason.
"We track, use and share the data of you, the reader, and sell this to advertisers."
Though even if they weren't that wouldn't really invalidate the points made in the article.
https://www.crowdtangle.com/privacy
The company's clients include many news publications like Buzzfeed. This company is part of Facebook.
Dead Comment
> In 1667, the English gardener, William Lucas, published a seed catalogue, which he mailed to his customers to inform them of his prices.
I just have trouble seeing how adding computers to this practice is the line that is too far for people.
Just because I happen windowshop some store doesn't mean I gave them permission to ask for my info around. They're free to ask me. But that's just me.
Here is the github gist: https://gist.github.com/bluetidepro/bfa60c1d63925180daf3dd53...
I run it about every month, and it's crazy how many get added in that time span. There is literally thousands and thousands from brands/companies/etc. that I've never heard of it. It's insane.
This isn't a theoretical nit pick, this is the law. And it makes sense. If you and i have a conversation, i am free to tell someone else about that conversation, because i was part of it. That is my data, as it is also theirs.
In casual use, if we agree not to tell anyone, that is different, but the default is both parties own it.
This the simple minded use of 'my data' really wrecks what could be a rather interesting ( but not surprising ) piece.
Of course, the law is changing... and in fact, under a lot of laws, it really is "my data".
Much like intellectual property, these laws were established for a particular context, and we've long since moved past that context, raising reasonable questions as to whether those laws are really a good idea.
> And it makes sense. If you and i have a conversation, i am free to tell someone else about that conversation, because i was part of it. That is my data, as it is also theirs.
Are you entitled to a DNA sample from some skin cells that floated in the air while you were having said conversation? Does that conversation entitle you to know of every other place that person goes that day? Are you entitled to share a full recording of that conversation with anyone you'd like?
The lowered price of collecting, aggregating & exchanging information changes the context under which the existing laws were made, raising questions about whether we wish to alter those laws.
I live in a all party consent state, so if you want to record a conversation with me, legally, you need to have my consent.
Some states are one party consent states. You can record any conversation you want.
Across state lines, federal law requires only consent of one of the parties. But that doesn't resolve anything. Courts in different states handle cross-border complaints differently, some enforce their local all party standard, others demure to the other jurisdiction's one party laws.
You already have no expectation of privacy in a public space, though.
Today I overheard an HR person talk about a big tech firm's recent VP tenures and prospects on a bus. I looked up a couple of linkedins before my earbuds charged enough to put an audiobook on. Not that I'll ever contact them, I just couldn't believe someone would be so genuinely unprofessional and I was bored.
What a world we live in, where corporations can gossip just like people.
Yes. Why wouldn't I be. Those DNA are in my body. They might be infecting me in some way. Why would I not be able to inspect them however I want?
> Does that conversation entitle you to know of every other place that person goes that day?
If I'm with them the entire time then yes. If other mutual friends were with them I'm fully entitled to ask them and they are fully entitled to answer.
I went to Disneyland with my sister yesterday. I just shared with you that my sister was at Disneyland yesterday. My mom told me she and my sister went to dinner at McDonalds on the east exit of Disneyland after they got out. I just shared with you something my mother told me about my sister. I have broken no laws nor done anything considered wrong AFAIK in any country in the history of the world up to this point.
> Are you entitled to share a full recording of that conversation with anyone you'd like?
Personally I believe the answer is effectively yes and should be yes though I understand it might legally be no in certain places at the moment I believe those laws will eventually be overturned. Why do I hold this position? Because my brain recorded the conversation. So, first off if I have good memory I can dictate the conversation. Second, if I can make a machine to pull that data out of my brain it doesn't feel like the law can tell me I can't. It's my brain and my memory. Further, it's arguably we will enhance brains digitally at some point. First for people with brain disability. At that time it will be trivial for them to digitally extract their memories and being their memories again the law should have no say. In other words, tech will eventually make this question moot. Conversations will be recorded and just like I can tell you that while at Disneyland yesterday my sister said she was going to Hawaii in June (I just shared a lo-fi recording of that conversation with you) eventually I'll be able to do that with hi-fidelity.
Let me add I'm a little scared of such a world but I personally see it as inevitable. I believe digitally augmenting brains is inevitable and I believe telling people what they can do with their personal memories and who they can share them with is impossible/untenable so that world will come eventually.
Let me add though that I'm not against laws that say such data can not be collected in mass quantities. I have no idea how to word those laws so as it's possible for me to share all the data mentioned above with whoever I choose and yet not allow FB to do the same and also still allow services to help me share that data with who I choose to share it just like HN just facilitated me sharing info about my sister with you above.
Now if only we could oprevent them from sharing/selling their data which contains your info.
I realize that in my argument I am being rather pedantic...but in online text based exchange it is what separates us from the barbarians.
You're starting from the assumption that a collection of personally-identifiable information is free to share. That isn't necessarily true of such information.
If you and I have a conversation about a trade secret of mine, then you are not free to tell someone else about the conversation. There are forms of information and transmission that we've agreed by law to restrict.
Why shouldn't we include PII in that? (For another example, consider the privacy of medical data.)
this seems counter intuitive to me. can you explain?
There are exceptions for things like health information or DVD rentals. It's time we start to think about expanding those rules to any commercial use of data about private individuals.
"Everyone has the right to the protection of personal data concerning him or her. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified."
[0] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:12...
"My data" might be ambiguous, because it can imply both ownership and association, but in this case obviously means "personal data concerning me".
> This the simple minded use of 'my data' really wrecks what could be a rather interesting ( but not surprising ) piece.
Try to read it again, this time without assuming the least favorable interpretation you can think of.
Thank you for saying this.
I think it's pretty pedantic to claim the data isn't ours.
Deleted Comment
I like how they purposely give a couple examples, omitting the targeting factors that are more likely to freak people out, such as targeting by lists of names and dates of birth
On a related note, Facebook makes it so difficult to unlike things, unfriend people, and opt-out of information from individual advertisers. It's obviously hostile design aimed at making it as hard as possible to reduce your advertising value to them.
What Facebook is doing might not be illegal, but I think what they are doing is more unethical than many felonies. The people in charge of these decisions are getting wealthy from them, and they are never going to face consequences for their actions, which is a real shame.
Advertisers don't get any information about you from Facebook ads unless you click on an ad and tell them it yourself.
I use different e-mail for FB and everyday use, yet still there are a lot of companies that target me
Typically you wouldn't be able to do this.
Facebook explicitly has my name, my "second" birthday (I love all my birthdays equally, especially the ones I give to marketing sites) and a special email address I have literally created only to give to Facebook for my account. The rest of my account info is deliberately empty and I've deliberately locked down as much privacy settings as I can, don't use the site from my phone (Honestly I barely use the site at all) and have opted out of everything I can.
Advertisers are still showing up (one of them is a liquor store even though I'm a teetotaler and I have selected not to be shown alcohol ads, but what can you do?)
either way, something rather fishy is going on.
Unless they're Facebook "partners," which means more access, but nobody really knows how far that goes because it's all private.
https://jacquesmattheij.com/the-unofficial-hn-faq/#deleteacc...
I would complain if my pseudonymity were compromised, or if content beyond what I intended to share was being broadcast.
It's true HN doesn't let you delete your account, but I'm not sure most HN account information is really "private", since submissions and comments are all public. Maybe a user's voting history is more sensitive. But it's not like HN (to my knowledge) is aggregating data on its users from other sources.
I was surprised and disappointing when I found out it didn't support deletion, but I'm kind of stuck now. Maybe one day I'll scramble my password and never come back, that's about the closest I can get to a deletion I guess. I check all new websites more carefully these days.
https://www.ycombinator.com/legal/
It's easy to do. You create some app that has "login with Facebook". That's great for users, right? One less password for them to remember. Then as soon as they log in you make a quick call to the Facebook API, get all their friends, and dump it in some database table.
Even if only a few people log in to your app, you can get a database of thousands of real people.
I don't work for that type of company anymore, but I've been many places where that was bog standard, the very first code you write for a new product.
Does anyone know if the Facebook API has changed now?
https://static01.nyt.com/images/2018/02/18/opinion/sunday/18...
Don't use social media and lock down your browser to limit fingerprinting. Your remaining big threats are phone apps and traditional data brokers profiling your credit card usage. Cut out all unnecessary apps, block everything else with a firewall and pay cash. You will then be far more opaque to the private surveillance apparatus than most first-worlders.
I'm a heavy user of privacy extensions. Currently using uBlock Origin + uMatrix. Most sites I run can't store anything (like cookies) or has access to scripting. I'm having an unique e-mail address for every service I register to (thanks to catch-all on own domain).
The above are available to everyone.
Additionally, I'm manually fixing broken websites, that can work without JS but refuses to - this however requires some skills.
When I really want to see the website that refuses to work with all these protections - I'm opening it in incognito session.
Result: On my accounts (both fake and real) these Facebook advertisers lists are empty. The only list that's not empty is advertisers I decided I don't want to see ads from.
Of course I know this doesn't mean I'm anonymous and nobody knows anything about me. A lot of services know. These protections listed above aren't the silver bullet. They can still track me, they just won't tell me everything. Most of my data are stored with Google. I let them store my location history (they probably would do it anyway). They know all my searches. They know my entertaiment interests (Youtube history, likes, dislikes).
Well... You can track me too. I'm not using unique nicknames usually. You can find my contact info on the internet, on my website and other places. You can find my home address. You can know where I work.
But these were my choice. But I still have to remember I can't take that back, "Internet won't forget".
So yeah. You have the control. Just stop giving yourself away, protect yourself from automation. Share yourself with people offline. That's all.
[1] http://fortune.com/2018/04/11/mark-zuckerberg-facebook-data-...
[2] https://newsroom.fb.com/news/2018/04/data-off-facebook/
[3] https://www.wsj.com/articles/you-give-apps-sensitive-persona...