Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook and Its Executives Are Getting Destroyed After Botching the Handling of a Massive Data Breach (businessinsider.com)

Posted by msmash on from the everything-wrong-with-Facebook dept.

The way Facebook has disclosed the abuse of its system by Cambridge Analytica, which has been reported this week, speaks volumes of Facebook's core beliefs. Sample this except from Business Insider: Facebook executives waded into a firestorm of criticism on Saturday, after news reports revealed that a data firm with ties to the Trump campaign harvested private information from millions of Facebook users. Several executives took to Twitter to insist that the data leak was not technically a "breach." But critics were outraged by the response and accused the company of playing semantics and missing the point. Washington Post reporter Hamza Shaban: Facebook insists that the Cambridge Analytica debacle wasn't a data breach, but a "violation" by a third party app that abused user data. This offloading of responsibility says a lot about Facebook's approach to our privacy. Observer reporter Carole Cadwalladr, who broke the news about Cambridge Analytica: Yesterday Facebook threatened to sue us. Today we publish this. Meet the whistleblower blowing the lid off Facebook and Cambridge Analytica. [...] Facebook's chief strategy officer wading in. So, tell us @alexstamos (who expressed his displeasure with the use of "breach" in media reports) why didn't you inform users of this "non-breach" after The Guardian first reported the story in December 2015? Zeynep Tufekci: If your business is building a massive surveillance machinery, the data will eventually be used and misused. Hacked, breached, leaked, pilfered, conned, "targeted", "engaged", "profiled", sold.. There is no informed consent because it's not possible to reasonably inform or consent. [...] Facebook's defense that Cambridge Analytica harvesting of FB user data from millions is not technically a "breach" is a more profound and damning statement of what's wrong with Facebook's business model than a "breach." MIT Professor Dean Eckles: Definitely fascinating that Joseph Chancellor, who contributed to collection and contract-violating retention (?) of Facebook user data, now works for Facebook. Amir Efrati, a reporter at the Information: May seem like a small thing to non-reporters but Facebook loses credibility by issuing a Friday night press release to "front-run" publications that were set to publish negative articles about its platform. If you want us to become more suspicious, mission accomplished. Further reading: Facebook's latest privacy debacle stirs up more regulatory interest from lawmakers (TechCrunch).

39 of 187 comments (clear)

  1. A lesson by burtosis · · Score: 5, Insightful

    For people who didn't see why they should care about who uses thier data or how it's used, thinking they had noting to hide and it wouldn't affect them, I hope you learned a lesson.

    1. Re:A lesson by PolygamousRanchKid+ · · Score: 4, Interesting

      For people who didn't see why they should care about who uses thier data or how it's used, thinking they had noting to hide and it wouldn't affect them, I hope you learned a lesson.

      I highly doubt that anyone has learned a lesson:

      "No one in this world, so far as I know ... has ever lost money by underestimating the intelligence of the great masses of the plain people." -- H. L. Mencken.

      Often paraphrased as:

      "Nobody ever went broke underestimating the intelligence of the American public."

      Why did the Facebook execs take their story to Twitter . . . ?

      Easy they want to calm the great masses of their user base, whose reading comprehension can't deal with anything longer than a Twitter message. The Facebook execs don't care about what other, more intelligent, folks think. They are a lost cause for Facebook anyway.

      But most folks would react:

      "Facebook was hacked? No, it wasn't . . . their management said so on Twitter!"

      "Oh, look! Facebook! Baby pictures and ponies!"

      Do most folks in the US care about what Facebook is up to . . . ? Or do they want to know what the Kardashians are up to . . . ?

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    2. Re:A lesson by burtosis · · Score: 4, Informative

      Where in the quote did I say "lost"? Pictures of your family in the Bahamas can lend information as to your finances and when coupled with metadata can be revealing. Same with that kale and organic Romano salad. Even if you weren't a swing voter, revealing that and letting anyone (including the government) use it anyway they want lets criminals rule you out and focus on the gullible sitting on the fence - also revealed through the same methods. These types of targeted attacks by anyone, even advertising, should be illegal, the US needs an improved version of data privacy that the U.K. has.

    3. Re: A lesson by jd · · Score: 5, Insightful

      What was lost by people accessing your private data in your account?

      Every page you've ever visited, including any that could compromise you.

      Every post you've ever written, even to closed and secret groups.

      Every after you've chased. Every move you made. Every like you paid, every group you've saved, they've been watching you.

      Oh, don't you see, you're in their data tree, every move you've made means that they get paid.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    4. Re:A lesson by Anonymous Coward · · Score: 2, Insightful

      The only problem is that they were looking for (and found) dumb people. Then they targeted those dumb people with fake news. I did not say all conservatives are dumb - clearly they aren't. Just that dumb people are easily swayed by things like "lock her up" and "but those emails!" and "that pizza place where they do x, y, z to the children". So they used this to find enough of those people to help the Russian's sway the election. Now, are those dumb people going to change their data sharing habits? Not likely. Are they going to become less gullible? Hah!

    5. Re:A lesson by Anonymous Coward · · Score: 3, Insightful

      No one will learn a lesson. They're blaming Cambridge Analytica for doing what Facebook and advertisers and dataminers are doing as you read this. The only difference is that the Trump campaign apparently commissioned the data.

      As the Facebook brass said, it wasn't a data breach. It was, in every respect, business as usual. And the public don't get that. The MA attorney general is making a big show of cracking down. Cracking down on what? Online spying? Great! But she probably has no idea that a dozen datamining companies are tracking her movements as she researches the case online.

      "Say, why do I keep seeing ads for Wired and The Nation subscriptions?"

    6. Re:A lesson by postbigbang · · Score: 3

      Child porn and privacy violations aren't synonymous. One is not the other. Your data is vacuumed everywhere, including this site, where there are eight different trackers. Unless you stop them, they'll count you, track you, and get into your social business.

      That data in turn, becomes easily personally identifiable, thence characterized, and worse.

      It's an industry-wide, Internet-wide problem. It won't be prosecuted because: profit. Until it's not profitable or satisfy their seemingly endless curiosity (for profit), it'll continue. Corporate immunity means that breaches are highly unlikely to be prosecuted, because: lobbying and expense in prosecution.

      Face this reality and vote until they get it right.

      --
      ---- Teach Peace. It's Cheaper Than War.
    7. Re: A lesson by Anonymous Coward · · Score: 2, Interesting

      Nah, it's very different. We (presuming you're in the UK as well) have good protection of our privacy from business and others members of the public, but very little protection from the government.
      In the US, they have quite good protection of their privacy from the government, but very little from business.

      I campaigned and protested heavily against the snoopers charter and many other invasions of our privacy (I still think May was the worst home secretary we've ever had), but somehow I still think we've got a better balance than the Merkins do

    8. Re:A lesson by Anonymous Coward · · Score: 4, Funny

      That race on Deep Space 9 that was always quarreling with the Bajorans.

    9. Re: A lesson by Anonymous Coward · · Score: 2, Insightful

      In the US, they have quite good protection of their privacy from the government,

      Yeah. that's the theory. Not the practice.

    10. Re:A lesson by Ken+McE · · Score: 4, Insightful

      I don't care what Facebook knows about me. And I'm sure they know something, since my family members use it. But they can't track my location, calls, emails, and other personal stuff that could only come from me.

      That's kind of like saying that this octopus tentacle over here on my left can't hurt me when I've got this whole other side where it can't reach.

      Our problem is that this is just one single arm, not the whole beast. The actual data aggregators are obscure companies or agencies that you may have never heard of, and they are OK with that, because you are their product, not their customer.

      The consequences come when your automotive insurance shoots up for no reason (because some one in your family has hit the threshold to trigger some algorithm you've never heard of) or your medical insurance starts going up every quarter, without limit, because they've decided you're no longer a good risk and need to be shaken off, or you can't seem to buy property where you want because the HOA thinks your profile is "just not right", or when you can't get a job you're superbly prepared for because of something your son posted from your machine a few years ago and on and on.

      Facebook gathers opinions, political views, and social networks. Someone else is responsible for tracking other bits of your life like location, phone calls, and emails.

      You should be concerned about this because it is part of a larger and growing system, and that system is massively unconcerned with your best interests.

    11. Re:A lesson by pete6677 · · Score: 2

      Tends to be way less controversial than a child porn analogy, yes.

    12. Re:A lesson by Maxo-Texas · · Score: 2

      Absolutely correct.

      It's why privacy is essential and folks have signed theirs away for pennies or less.

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  2. Enough of the hyperbole in the headlines by Anonymous Coward · · Score: 5, Insightful

    Dear Slashdot, please knock it off with the hyperbole in the headline. Unless the Facebook executives are literally being torn limb from limb or being ground into dust, I don't really find the over top headline informative or useful.

    1. Re:Enough of the hyperbole in the headlines by MightyMartian · · Score: 4, Informative

      It is a pretty idiotic headline. It looks like something a twelve year old would write.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    2. Re:Enough of the hyperbole in the headlines by giggleloop · · Score: 2

      "Facebook Bosses Totes Pwned by Info Leak!!!!"

    3. Re:Enough of the hyperbole in the headlines by Anonymous Coward · · Score: 2, Funny

      50,000,000 Users Hate Him! (Unironically)

  3. Destroyed by 110010001000 · · Score: 3, Insightful

    I'm sure their tens in millions in stock options will soothe them. Give me a break.

  4. Harvesting profiles is not a breach by blogagog · · Score: 4, Insightful

    I'm confused. The only thing they did was view 40 Million profiles on Facebook? Google, Bing, and DuckDuckGo do more than that every single day.

    1. Re:Harvesting profiles is not a breach by Zocalo · · Score: 5, Insightful

      No, it's not a breach, Facebook is correct on that point. The real issue here, and one that Facebook seems to be pulling off successfully judging by some of the replies so far, is that Facebook's response to 50m user profiles being harvested and abused is to turn it into a discussion about semantics through misdirection. That's *exactly* what Facebook wants the discussion to be on, because it puts them in a favourable light, rather than the real point of TFS, which is that their business model is not only based almost entirely on sharing user data with third parties, but also has no controls or policies in place to effectively govern what happens when they get a bad actor like Cambridge Analytics in the mix.

      tl;dr: it's not just about "All your data belong to Facebook (and the rest)", it's that they'll freely share that data with third parties and don't give a fuck what happens when someone abuses their access to it.

      --
      UNIX? They're not even circumcised! Savages!
    2. Re:Harvesting profiles is not a breach by Entrope · · Score: 4, Insightful

      You are almost right. Facebook isn't upset that this company got so much information about Facebook users. They are upset that this company didn't pay Facebook for that information, and that the company didn't pay them more to used Facebook's targeting services.

    3. Re: Harvesting profiles is not a breach by jd · · Score: 2

      No, that is not what they did. RTFA. They used malware to gain access to the entire user profile, including every Facebook link clicked on. Everything Facebook stores on you. Including in the closed and secret groups. Every click, time spent viewing something, everything.

      By going through the UK, it wouldn't matter, malware is covered by the computer misuse act, personally identifying information (even if public) is covered by the data protection act.

      It's no wonder such lunacy happens, if nobody bothers to understand simple things like laws and regulation. Time was, if you worked in computer science, you were expected to know. Ignorance is no excuse.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    4. Re:Harvesting profiles is not a breach by I'm+New+Around+Here · · Score: 4, Interesting

      No, it's not a breach, Facebook is correct on that point. The real issue here, and one that Facebook seems to be pulling off successfully judging by some of the replies so far, is that Facebook's response to 50m user profiles being harvested and abused is to turn it into a discussion about semantics.... a bad actor like Cambridge Analytics in the mix.
       

      It seems like you are lost in the same fight against semantics. User profiles were harvested, because that is what they are there for. But how are the users abused, other than receiving campaign attention? And how do you judge that Cambridge Analytics is a bad actor in establishing that attention?

      These people were not scammed of their life savings, no one opened credit cards in their names, and no one lost their house over this. But because it favored one political candidate, it causes outrage. Why?

      --
      If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
    5. Re:Harvesting profiles is not a breach by Rob+Y. · · Score: 3, Insightful

      The kind of targeted advertising that was delivered via Facebook (outright falsities and incitements to violence, etc) would be illegal on just about any other medium. Certainly on Television, and certainly as relates to electioneering rules. That it wasn't illegal in 2016 - and that it was so widespread - is just more indication that Facebook needs to be regulated as an advertising medium. Ads and other commercial items clearly labeled as such - with their sponsors identities either shown or made available.

      "Hi, I'm Vladimir Putin, and I approve this message"

      --
      Posted from my Android phone. Oh, I can change this? There, that's better...
  5. Whiner by Anonymous Coward · · Score: 2, Interesting

    I think its hilarious that Zuckerberg hates Trump and pulls this 'oh yeah well I'm gonna..' stunt and now it has drawn attention to what Facebook has become: Ugly and intrusive.

    I want a Ferrari, but I'm not about to help the US Government nor a private company [insert terrible babies and pitchforks jokes here] to get one.

    Does no one else think twice about this?

    """Facebook insists that the Cambridge Analytica debacle wasn't a data breach, but a "violation" by a third party app that abused user data."""

    So, who owns the data?

    Facebook says I own the data https://www.facebook.com/terms.php

    But they are free to do what they want with it (Facebook is).

    Like sell it.

    I don't care for Facebook or what Cambridge Analytica is doing with user data, but just to see how it plays out:

    I want Cambridge Analytica to be able to use my Facebook data for free, because it is mine.

  6. Color me surprised by quonset · · Score: 4, Insightful

    Who would have thought that a company founded on collecting people's personal data and selling it to third parties would be involved in a scandal about the collection of people's personal data without those people's permissions?

    It's almost as if the people using FB had no clue what was going on.

  7. Re: What by jd · · Score: 3, Interesting

    Then you never understood Snowden's message, never understood what Facebook records and never understood European law.

    And people wonder why the world is going to hell in a handbasket. Ignorance.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  8. Re: What's the real issue? by jd · · Score: 2

    No, multiple European laws were violated, malware was used, and the military's psychological warfare division attempted to rig an election (aka a military coup).

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  9. Re: What's the real issue? by Anonymous Coward · · Score: 2, Insightful

    Hillary's campaign was very proud of their use of social media platforms to harvest votes. Obama's campaign bragged about their efficiency at doing so.
    Trump hires advisors who beat them and suddenly it's a breach?

    That Facebook decides its response based on the politics of their customer tells us all we need to know about their lack of values

  10. Anyone surprised by this? by Locke2005 · · Score: 5, Insightful

    The old rule still applies: don't post ANYTHING on the internet that you would be upset to seeing printed in the newspaper that next day! I'd advise against taking any digital nudes or videos in the first place; no telling where they will end up. Don't google anything that would trigger NSA keywords, no matter how interesting the subject of homemade explosives is. Avoid watching kitty porn. Don't mention online how much you would love to see Trump have a heart attack. Probably need to avoid monitored keywords in your phone conversations as well.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
    1. Re:Anyone surprised by this? by Kohath · · Score: 2

      It's not about posting. FB tracks nearly every web site you go to, whether you post or not. They track your location when you use their app, whether you post or not. They know what everyone around you posted, everyone you've associated with, everything posted about you.

  11. It's not as intended by jd · · Score: 2

    If malware is used to download FB's internal profile of you using your credentials, it's not access as intended by the user.

    This is an EU company, EU laws hold. Including the computer misuse act and the data protection act. As does the right to be forgotten, along with various pieces of human rights legislation.

    This is a criminal enterprise and Cambridge University should be shut down until its role is established.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  12. Re: What's the real issue? by Mitreya · · Score: 3, Insightful

    multiple European laws were violated, malware was used, and the military's psychological warfare division attempted?

    Yes, and Facebook is being "destroyed" as we speak.
    They might even pay a small fine when this is all over. Or not.

    Equifax is still standing, and that was financial, non-voluntarily given data, and on a far larger scale.

  13. Re: What by jd · · Score: 2

    He was not, and is not, a Russian agent. That was investigated and thrown out. Your pukeworthy bullshit has no business here or in any civilized society. Go back under your rock.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  14. Re: What's the real issue? by jd · · Score: 2

    Facebook has a European presence. That means they can be fined. Cambridge Analytics is in the UK and will be ripped a new one iff (if and only if) May doesn't try and exonerate it.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  15. Stopped using facebook over 7 years ago by Maxo-Texas · · Score: 2

    They repeatedly violated user privacy rights, changed settings without warning, and I finally cut ties with them. I've never gone back.

    They are not trustworthy.

    You are the product being sold.

    --
    She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  16. Re: mathematics by Evtim · · Score: 2

    That's the answer. Only from your food habits one can tell all kinds of things about you....from health to finance to political preferences... it might seem tedious and useless to a human to sift through all that boring data but the machine does not care and does it millions of times faster.
    100 likes and they know you better than your friends. 300 likes and they know you better than you know yourself. That's proven BTW....

  17. Is this really Facebook's fault? by Murdoch5 · · Score: 2

    If you use a system which you know stores and harvests your data, then you can't be surprised or worried when that data gets used by other parties.

    Facebook's response was correct, this wasn't breach, and just because the over liberalized media doesn't understand that, doesn't make it Facebook's problem. The only reason that Cambridge Analytica was able to grab the data is because people provided it and provided it openly without any second thought for the consequences of what they were doing at the time.

    if you don't want to be tracked, then stop willfully giving your data up to everyone who wants it, otherwise you have no right to complain when it gets used against you.

  18. Harvesting information is the entire point of FB by walterbyrd · · Score: 2

    What did anybody expect? How naive can you be?