Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Buys Data From Third-Party Brokers To Fill In User Profiles (ibtimes.com)

Posted by BeauHD on from the few-different-sources dept.

An anonymous reader quotes a report from International Business Times: According to a report from ProPublica, the world's largest social network knows far more about its users than just what they do online. What Facebook can't glean from a user's activity, it's getting from third-party data brokers. ProPublica found the social network is purchasing additional information including personal income, where a person eats out and how many credit cards they keep. That data all comes separate from the unique identifiers that Facebook generates for its users based on interests and online behavior. A separate investigation by ProPublica in which the publication asked users to report categories of interest Facebook assigned to them generated more than 52,000 attributes. The data Facebook pays for from other brokers to round out user profiles isn't disclosed by the company beyond a note that it gets information "from a few different sources." Those sources, according to ProPublica, come from commercial data brokers who have access to information about people that isn't linked directly to online behavior. The social network doesn't disclose those sources because the information isn't collected by Facebook and is publicly available. Facebook does provide a page in its help center that details how to get removed from the lists held by third-party data brokers. However, the process isn't particularly easy. In the case of the Oracle-owned Datalogix, users who want off the list have to send a written request and a copy of a government-issued identification in the mail to Oracle's chief privacy officer. Another data collecting service, Acxiom, requires users provide the last four digits of their social security number to see the information the company has gathered about them.

56 of 116 comments (clear)

  1. NO! by Frosty+Piss · · Score: 1

    Really?

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:NO! by Anonymous Coward · · Score: 5, Informative

      Worse than that is, even if you don't have an account, FB already has one for you, just waiting to be activated. Because your friends, family, and private databases sold you out.

      Fuck the Zuck.

    2. Re: NO! by pixelpusher220 · · Score: 4, Informative

      Your friends have apps with access to their contacts among a multitude of other permissions. They Sold you out long ago

      --
      People in cars cause accidents....accidents in cars cause people :-D
    3. Re:NO! by BurlyFox · · Score: 1, Offtopic

      Worse than that is, even if you don't have an account, FB already has one for you, just waiting to be activated. Because your friends, family, and private databases sold you out.

      Fuck the Zuck.

      Heh heh.. World 2004 - Love the Zuck. World 2010 - Hate the Zuck. World 2016+ - Fuck the Zuck.

    4. Re: NO! by Anonymous Coward · · Score: 2, Informative

      Your friends have cell phones.
      Cell phones have apps.
      Apps may have access to your contacts.
      You are a contact.
      Sold out.

    5. Re:NO! by UnixUnix · · Score: 1

      So it would -- were I on FB (or any of my email accounts) with my real name, birthday etc. #sorry_Zuck

    6. Re: NO! by hughbar · · Score: 1

      Thanks. I agree, I'm 66, been in computing for 40 years and 'apps' must be short for 'appalling'. Most of my younger friends and family think this is 'old person' stuff, but they will probably live to regret it.

      I don't have Facebook, LinkedIn or a smartphone at the moment. I dislike Android too, am waiting for a Linux phone.

      --
      On y va, qui mal y pense!
    7. Re: NO! by Zero__Kelvin · · Score: 1

      Cybersecurity is still possible even though Windows 10 exists. There are non-Windows solutions like OS X and Linux. Don't act as though it's Windows or nothing.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    8. Re: NO! by Anonymous Coward · · Score: 1

      The Jolla is a Linux phone.

    9. Re: NO! by ilsaloving · · Score: 1

      AFAIK, they already do. Any app you install needs to require explicit permissions from you to access things like location, contacts, etc, and you can change your mind either way, at any point in time.

      And AFAIK, Google has *finally* pulled their thumb out and added privacy controls to the latest versions of android. I haven't used Android in a while so I can't remember exactly when they did that. I think it was v6. But since the overwhelming majority of people use 6, that doesn't mean much.

    10. Re: NO! by Luthair · · Score: 1

      Android was the first to actually tell you what an application wanted to do.

    11. Re:NO! by Rick+Schumann · · Score: 1

      Prove it. Show me incontrovertible evidence of this.

    12. Re: NO! by Rick+Schumann · · Score: 1

      I am *ahem* slightly younger than you are, and are more or less in the same boat, philosophically-speaking. I think the younger generations have been indoctrinated, and that's why they get a confused look on their faces when you try to explain how their privacy is being grossly violated and that they should be outraged by this; they don't think privacy is important or that wanting it is even normal. Many of the ones that do understand don't think there's any way to maintain their privacy, that the game is so thoroughly rigged that there's no hope, and just give up and allow themselves to be surveilled and tracked anyway, like good little farm animals.

      If you find you can't get a basic dumbphone that doesn't suit you (or can't get one at all anymore) then you should be able to intentionally misconfigure a smartphone so no Internet access is possible, and use it only as a phone (and as a personal music player, if you're so inclined). Then at least the smartphone would be about as secure as it can be from incursions.

    13. Re: NO! by pixelpusher220 · · Score: 1

      Sadly you do have a facebook account at the very least. You have not 'activated' or 'acknowledged' it yet but it's there piling up data about you :)

      There's going to be an interesting transition in society as people who grew up with 'always on/share everything' get smacked in the face with the stupid stuff that they (and I!) did 20 years ago. Until those same people are in upper management and making those decisions...it's going to make for a very lean candidate pool.

      --
      People in cars cause accidents....accidents in cars cause people :-D
    14. Re:NO! by Gussington · · Score: 1

      So it would -- were I on FB (or any of my email accounts) with my real name, birthday etc. #sorry_Zuck

      You don't have to have an account. If people you know have a FB account and the app, and have you in their contacts, they already have a profile on you. And with your phone number and email address, they can buy all your online activity from all these online analytics companies to build up a FB profile even though you've never signed up. #you_lose

    15. Re: NO! by hughbar · · Score: 1

      Thanks for the heads-up, I'll take a look.

      --
      On y va, qui mal y pense!
    16. Re: NO! by allo · · Score: 1

      avoid the primary keys.

      give noone your phone number. The phone number is often used to link profiles together, as its unique and hard to change.
      Do not install apps from untrusted companies (like facebook, microsoft, etc.), they will collect your phone number, be aware that your phone os knows the number (i.e. google, apple have this identifier already).
      use different e-mail adresses. A a domain is cheap, a catch all with forward to your mailaccount is free with most dns hosters.
      Do they really need to know your real name? The surname as well? But you're at least never giving out your real postal address, are you?
      They do now allow you to fake address data? Maybe you just don't sign up there ...

      If you're lucky, your data will accumulate at different profiles, which are not linked together. But one mistake can give you away ...

      btw. that using an adblocker and deleting cookies at browser exit or sooner (install self destructing cookies) is a must should be obious.

    17. Re: NO! by ilsaloving · · Score: 1

      Sorry, I meant on the iOS platform, Applications can ask.

      Android, on the other hand, was *designed* to slurp as much of your personal data as it possibly could. Recent versions are finally making an attempt to close the barn doors, but in the mean time all the myriad developers had already long ago built a high-speed conveyor belt so that horses could shoot through at breathtaking speed.

  2. Muahahahahaha! by Anonymous Coward · · Score: 1

    Yes, my little piggies, soon I'll know EVERYTHING about you!

    -Mark Z

    1. Re:Muahahahahaha! by Anonymous Coward · · Score: 1

      His wife is ugly ...

      Because having a trophy is far more important than a partner who understands his friends and is good in bed and the kitchen.

      ... his house is small.

      He can afford to rent his toys and anything else, besides, why is conspicuous consumption the measure of success?

  3. YES! by Anonymous Coward · · Score: 5, Funny

    Zuck on It.

  4. I've worked with that data by the_Bionic_lemming · · Score: 3, Interesting

    the third party data is gathered from re sellers of data grabbed by the "win prize" folks and oil change places, and pert damn everywhere where they ask you for name/address/phone - as well as trawling public records.

    Then to make sure they have a monthly supply of fraction of a cent commodity they mingle the data by moving names/numbers/addresses.

    I found that out when I started to data mine the stuff our business bought and didn't find myself, but found a few references to my address being owned by different people.

    Most of the data out there is worthless garbage. People like me sign up as Tripod McBallsington, living at an address in the zip code of 98210, with a phone number of 1-800-555-1212.

    And my email address is always on somethingmadeup@mailinator.com.

    --
    _ _ _ Go for the eyes Boo! GO FOR THE EYES!
    1. Re:I've worked with that data by the_Bionic_lemming · · Score: 3, Funny

      Tripod McBallsington, can't you read?

      --
      _ _ _ Go for the eyes Boo! GO FOR THE EYES!
    2. Re: I've worked with that data by Zero__Kelvin · · Score: 2

      That's a ridiculous claim. Banks get the answer to security questions directly from you. They aren't harvesting them. That would be stupid, Especially since the best way to take advantage of said mechanism is to give a wrong answer, e.g. "What's is your Mother maiden name?" ..... Answer: ABSOLUTELY NOT No matter how much data mining someone does they will never be able to determine that is the correct answer.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    3. Re:I've worked with that data by KozmoStevnNaut · · Score: 2

      I prefer Kinki Wankinnen, Finnish expat racing driver :-)

      --
      Eat the rich.
  5. Don't be afraid of the NSA, be afriad of Facebook. by Anonymous Coward · · Score: 1

    Zuckerberg's mission at this point is to literally be Big Brother, from surveillance to media censorship to policing thoughtcrime. (Obviously Trump is Goldstein.) The face-cages with the rats are next.

    And since FB is a private entity there's no pesky Constitution to worry about.

  6. Re:Don't be afraid of the NSA, be afriad of Facebo by I'm+New+Around+Here · · Score: 1

    And since FB is a private entity there's no pesky Constitution to worry about.

    Yes, because private companies never have to worry about running afoul of Constitutional issues.

    --
    If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
  7. Re:Don't be afraid of the NSA, be afriad of Facebo by mysidia · · Score: 3, Interesting

    What if the Facebook is a front for an intelligence agency?

    https://www.youtube.com/watch?...

  8. This seems like the end.. by no1nose · · Score: 1

    What do I do? Make a profile and delete it?

    1. Re: This seems like the end.. by Zero__Kelvin · · Score: 1

      I did that very thing though not intentionally. Someone convinced me I should have one but after a few months of mostly wasting my time I deleted it. As far as I know it has indeed been deleted after a two week waiting period.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  9. Re: I don't use Facebook by Anonymous Coward · · Score: 1

    Ha. But what about yours? Because they have it too. It's called shadow accounts. They are created by facebook using stuff that people tell facebook about you. "You know M. X? Can you help us making sure you have the right one? What is his street address? His phone number? ..." you would be surprised at how many people are willing to sell you out.

  10. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  11. Re:I don't use Facebook by Solandri · · Score: 5, Insightful

    You browse the web, right? Every website you visit with that little 'f' icon (hey look at the upper right corner of the slashdot page!) is running a little script courtesy of Facebook. The moment you load that page, Facebook knows you visited it. If you don't have a FB account, they don't know who you are (yet), but based on cookies, flash cookies, or other signatures unique to your browser and computer, they know that user 1348752983 (in their database) reads slashdot, and on Dec 30, 2016 @ 12:39 am made a post under the name "I'm New Around Here" (1154723).

    Then one day your friend (who is on Facebook) sends you an email with a video invite to her birthday party. You click to play the video. The video is hosted by Facebook, and now based on your click-through, Facebook knows your email address. Based on their cookie stored in your browser, they now know that your email address is user 1348752983, and all the other info they've been collecting about you is now linked to your email address in their servers. Based on your email and other data they have, they deduce your name, cross-reference that to this info they're buying from other services. And now they know your full name, age, address, where you work, roughly how much you make, which high school you went to, who you're dating,

    They know all this even though you don't have a Facebook account. Crap like this is why I started browsing everything in incognito/private mode, in addition to the half dozen script, cookie, and tracker blockers I run. I'm not really a private person (the government has my fingerprints and iris scans thanks to the Nexus program I had to join to work crossing the border every day). I just do this because of the principle of the thing - if you want to be gathering info like this about me, at least have the decency to ask for my permission first. Otherwise you're just a digital stalker. And stalking should not be a legitimate business model.

  12. Also remember cross site stalking by WaffleMonster · · Score: 2

    If your not completely blocking Facebook domains they will also stalk you as you move from website to website thanks to globally pervasive social media bugs installed on websites throughout the Internet.

    1. Re:Also remember cross site stalking by gweihir · · Score: 1

      Indeed. I think I have enough of them, especially as what they do is criminal here (you may not save any user data without explicit permission, and I did not ever permit them to do anything).

      Have a link to a list of all their domains/subnets so I can put them into my firewall?

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:Also remember cross site stalking by Threni · · Score: 1

      > especially as what they do is criminal here...I did not ever permit them to do anything

      If you use their services in any way then you are permitting them.

    3. Re:Also remember cross site stalking by gweihir · · Score: 1

      Not true at all. EU law is far ahead in this regard. They need to explicitly ask. And even if they do and I say yes, I can order them at any time to delete all my data and they have to do it. Storing and correlating data on people that do not have consented and that do not have an account with them is a criminal act.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Also remember cross site stalking by Threni · · Score: 1

      You're agreeing with me. Look at the terms you agreed to when you signed up with facebook.

  13. Re:Don't be afraid of the NSA, be afriad of Facebo by ls671 · · Score: 1

    nice link, i enjoyed it...

    --
    Everything I write is lies, read between the lines.
  14. Isn't it time we make our own? by johannesg · · Score: 2

    Isn't it time for a distributed, open source, facebook competitor? One where you can _choose_ which FB-provider you want to use (or just run on your own server if you want), and migrate your account if need be. One where you retain ownership over your comments and your data and your f'ing life?

  15. They all do it... by eWarz · · Score: 4, Informative

    Oh it goes FAR deeper then that. Many of these companies know a lot more about you than even YOU know about you. Forget browser fingerprinting. Forget tracking. Every piece of information you give away to every advertiser or company allows them to individually put together pieces of information about you. What you don't realize is that even if you use incognito mode all the time, change your user agent, etc. they can track your HABITS. They can track your LOCATION via the IP address you use to visit. They can even track you based on on the type of porn you look at. This information might not be worth much by itself, but it all gets fed into a system that grades it on it's quality and uses the results to identify you, profile you, and then find you (I say 'a system', but there are several competing products out there) and sell personalized products/services to you or worse. Even if you use a VPN 24/7/365 someone likely has a handle on you. It might not be a good one at first, but they will build a profile, and combine it with other data/profiles...and eventually they'll be able to tie it all together. You might think that staying off the internet can help you, but at this point, the world has become so connected that anyone can be found and identified. Have a drivers license? You are on the radar. Get a ticket/go to court/sue anyone/get sued? On the radar. Use a credit/debit card or checking account/ACH? DEFINITELY on the radar (even if your bank has a decent privacy policy, Your transaction crosses several different boundaries, so it's impossible to guarantee your privacy when doing a financial transaction of any kind except MAYBE cash...and even then...)

    1. Re:They all do it... by Anonymous Coward · · Score: 1, Interesting

      > Many of these companies know a lot more about you than even YOU know about you
      bullshit, paranoid I'm-clever-than-you-can-possibly-think-look-how-much-secret-stuff-I-know post.
      > they can track your HABITS
      No they can't.
      > They can track your LOCATION
      No they can't if you disable all the stuff they use for tracking and have a nonfixed IP - duh.
      > They can even track you based on on the type of porn you look at
      lie
      > and sell personalized products/services to you or worse
      being as I never see an advert (gee, how did I manage that?) how are they selling to me?
      Shut up with your pathetic we-can't-win crap.You - personally - lost because you can't be arsed to fight back. Idiot.

  16. Re:Block them by Jack9 · · Score: 4, Informative

    I assure you, blocking the ads doesn't change the data collection aspect of most adservers. Disabled javascript (80%) and image loading (19%), you eliminate most of the tracking....excepting your cellphone. Nothing stops collection on that device. Having worked on a host of adservers, I'm surprised at how the biggest problems are scaling and manipulating large data, not the complexity of gathering data.

    --

    Often wrong but never in doubt.
    I am Jack9.
    Everyone knows me.
  17. Re:Don't be afraid of the NSA, be afriad of Facebo by Wootery · · Score: 2

    Pretty much, yeah.

    The US constitution restricts the government, remember?

  18. Re:Make all your personal info by johannesg · · Score: 1

    I don't mean creating our own service, and then _still_ handing our data over to some 3rd party. What I meant was creating a service like email - something that runs at every provider, giving people a choice of whether to place their "social" account with one provider or with another - or be entirely self-hosted, if they're up for that.

    The license is less relevant in that sense. The software itself can be GPL. And for the data you entrust to it, different providers might have different terms, but since there is no single over-arching monopolist that sets all the rules, you can always choose a provider that has terms you can agree to. Or just host it yourself.

  19. Facebook: the future as nightmare .. by khz6955 · · Score: 1

    I think Charlie Brookers Black Mirror got it depicted right as to the effect these unsocial networks will have on the real world: See episode one Nosedive ..

  20. Re:I don't use Facebook by l20502 · · Score: 1

    What an hassle, you just have to enable "Fanboys annoyance list" in your adblocker

  21. Re:Don't be afraid of the NSA, be afriad of Facebo by AHuxley · · Score: 1

    The real fun is the private contractor or private detective like services who kept all the images and material from early social media in near real time.
    An image removed/hidden within 12 hours a few years ago might still exist.
    That material is then packaged to Fortune 500 brands to look back over the top resumes that get considered. Did a person party? Drink? Drugs? Are they political on the left or right? Any links to undercover journalism? Any interesting people in group photos years ago?
    Other nations are buying the same data within the US private sector on US gov staff as resume services.
    The CIA and State department can never really be sure what their newer staff did at university years ago and what got kept by a third party and is now for sale and indexed.
    University images that got saved by a third party and can be recovered for a fee and can undo any classic CIA or State Department digital cover story expected to hold up to a normal background searches.
    Even criminal groups are using commercial detective services to see who a stranger is and if their cover story is real at city and state levels.

    --
    Domestic spying is now "Benign Information Gathering"
  22. Re:I don't use Facebook by Place+a+name+here · · Score: 1
    I was going to say: I use NoScript and Cookie Monster, you insensitive clod! To quote Ranum:

    The opposite of "Default Permit" is "Default Deny" and it is a really good idea. It takes dedication, thought, and understanding to implement a "Default Deny" policy, which is why it is so seldom done. It's not that much harder to do than "Default Permit" but you'll sleep much better at night.

  23. Could facebook be next? Please... by BlueCoder · · Score: 1

    Only reason to what is claim in the article is to enrich... aka verify data.

    The irony is that if your just a little bit more honest .... people will give your their data. You just have to show reasonably that it won't bite them in the ass.

    If your a marketer then advocate stronger banking regulation. Actually if your totally honest then you should be devising the next replacement for cash and selling it to the world governments.

    Advertising has always been grey on both ends yet it might equal 40 percent of every economy.

  24. Re:Don't be afraid of the NSA, be afriad of Facebo by Wootery · · Score: 1

    You apparently don't understand even the first thing about the US constitution.

    Again, it imposes restrictions on the government, not on private corporations. The only way the constitution relates to your ability to refuse to hire racial minorities, is in whether or not it's unconstitutional for the government to ban you from doing it.

  25. Re:Block them by Elric55 · · Score: 1

    If it is available, install Firefox as your mobile browser, then install uBlock Origin. Enable your favorite filters and enjoy much less mobile advertising and tracking.

    tor is available for android.

  26. Front not needed by phorm · · Score: 1

    Who needs a front when you can make all that profit selling to both advertisers and intelligence agencies as a business?

  27. Re:Don't be afraid of the NSA, be afriad of Facebo by I'm+New+Around+Here · · Score: 1

    I admit I was not thinking straight on that one.

      In my brain, I was thinking of the private sector anti-discrimination suits, and tying them into the government anti-discrimination suits. Private sector anti-discrimination is of course set by laws, federal and state. The Constitution prohibits various discriminatory practices for governments, or government run institutions like public colleges. Somehow, those two different situations got mingled in my brain in my first post.

    --
    If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
  28. Re:Don't be afraid of the NSA, be afriad of Facebo by cwatts · · Score: 1

    F, FB, FBI, I see where this is going...

    --
    chris watts íë¦ìS ì(TM)ì
  29. Re:Don't be afraid of the NSA, be afriad of Facebo by Wootery · · Score: 1

    Gotcha. Forgive my snark.