Facebook Security Keeps a Detailed 'Lookout' List of Threats, Including Users and Former Employees, and Can Track Their Location

An anonymous reader shares a report: In early 2018, a Facebook user made a public threat on the social network against one of the company's offices in Europe. Facebook picked up the threat, pulled the user's data and determined he was in the same country as the office he was targeting. The company informed the authorities about the threat and directed its security officers to be on the lookout for the user. "He made a veiled threat that 'Tomorrow everyone is going to pay' or something to that effect," a former Facebook security employee told CNBC. The incident is representative of the steps Facebook takes to keep its offices, executives and employees protected, according to nine former Facebook employees who spoke with CNBC.

The company mines its social network for threatening comments, and in some cases uses its products to track the location of people it believes present a credible threat. Several of the former employees questioned the ethics of Facebook's security strategies, with one of them calling the tactics "very Big Brother-esque." Other former employees argue these security measures are justified by Facebook's reach and the intense emotions it can inspire. The company has 2.7 billion users across its services. That means that if just 0.01 percent of users make a threat, Facebook is still dealing with 270,000 potential security risks.

[...] One of the tools Facebook uses to monitor threats is a "be on lookout" or "BOLO" list, which is updated approximately once a week. The list was created in 2008, an early employee in Facebook's physical security group told CNBC. It now contains hundreds of people, according to four former Facebook security employees who have left the company since 2016. Facebook notifies its security professionals anytime a new person is added to the BOLO list, sending out a report that includes information about the person, such as their name, photo, their general location and a short description of why they were added. In recent years, the security team even had a large monitor that displayed the faces of people on the list, according to a photo CNBC has seen and two people familiar, although Facebook says it no longer operates this monitor.

What?!

Are you questioning the wisdom of the Zuck?

remember past data incidents at FB?

they should update the title to "including users, former employees and ex-girlfriends"

You can check out anytime you like

,but you can never leave.

Who's on first?

[Monkey-Wrench-Inc]

Is Zuck at the top of the list?

Re: Who's on first?

[Type44Q]

... when the Revolution comes?

Executives & Employees

Just to make it transparent that they're considered to be two different classes of people.

Finding the real threats among the noise?

[shanen]

On the one hand, I sort of approve of tracking the threats, but on the other hand, who appointed Facebook gawd with the secret inside knowledge of who is and is not a REAL threat that deserves to be tracked?

Actually, it is quite conceivable to me that Facebook has a high-dimension personality profile of each identity. On that basis they might actually have some real basis to know who is actually dangerous and who is just a noisy fool looking for attention. If that hypothesis is valid, then why doesn't Facebook take the next step of discouraging the noisemakers to make it easier to focus on the actual problems?

Facebook will NEVER do it because it would require sharing some of the personal information they've collected on us. They'd have to share it WITH us, and heaven forbid that much honesty. It might reduce the value of OUR personal information that Facebook is hoarding.

Just joking on the theory that Facebook could be more valuable, but it would waste less of my time if the trolls and sock puppets were helped in rendering themselves invisible. (ADSAuPR, atAJG.)

Re:Finding the real threats among the noise?

[drinkypoo]

On the one hand, I sort of approve of tracking the threats, but on the other hand, who appointed Facebook gawd with the secret inside knowledge of who is and is not a REAL threat that deserves to be tracked?

The users that gave away their private information.

Re:Finding the real threats among the noise?

You don't have to give your private information to Facebook in order that Facebook has your private information.

Know any Facebook users? Or non-users who happened to have the app on their phone? Congrats! You are in Facebook's database, and they are slowly aggregating data about you.

If you don't block their cross-site asset loads, they know even more.

You can't totally escape Facebook's clutches. Not unless you've never been near a modern computing device and you live in a cave in Mongolia, you can't.

Re: Finding the real threats among the noise?

[Type44Q]

Sort of, eh? How decisive.

Re:Finding the real threats among the noise?

On the one hand, I sort of approve of tracking the threats, but on the other hand, who appointed Facebook gawd with the secret inside knowledge of who is and is not a REAL threat that deserves to be tracked?

Nobody appointed anyone. Guy threatens, someone hears it and call the police. At least, if the guy is believed to be dangerous. This is how things always worked. Now a guy posts threats on facebook. So, someone notices and calls the police. No difference from the old days, really. Of course, "someone" may very well be facebook itself. Nothing new - other than "it happened on facebook".

Re:Finding the real threats among the noise?

Liberals always know what is in your best interest even if you don't.

The Church of Facebook

[Zorro]

The "Church" of Scientology works the same way.

Business as usual

Doesn't surprise me. Business as usual.
I wonder what it would really take for large swaths of people to delete their Facebook accounts. At this point, Zuckerberg is ruthless and knows there isn't a point of no return based on past events.

Re:Business as usual

I wonder what it would really take for large swaths of people to delete their Facebook accounts.

This is an easy question. A "better" Facebook. Something that collects and keeps even more information about you, and makes it even easier, or even automatic, for you to create a profile of the life you pretend to be living and to glorify you better in your own eyes.

Everybody will leave FB and run to that.

Re: Business as usual

What a bunch of surrender monkeys you are.

Buy an RPI and run your personal server with a personal forum.

That's a pretty stupid bad guy.

[ITRambo]

I have no idea why anyone that genuinely wanted to do damage would advertise it, unless they really wanted to be stopped first. This seems like a made for TV movie.

Re:That's a pretty stupid bad guy.

Huh? Every last malign person/government/corporation in human history that successfully tried to control/exploit/repress/enslave/whatever any significant amount of people began its journey by loudly proclaiming its benevolence, from Caligula to Attila the Hun to Hitler to the Taliban and ISIS to <politician you hate>

You don't get anywhere in the World Domination game by admitting you're evil right out of the gate.

Re:That's a pretty stupid bad guy.

[b0s0z0ku]

Marko Ramius -- "I'm gonna steal this multi-billion ruble submarine and sail it into New York Harbor ... just TRY and stop me, Russkies. MUHAHAHAHAHA!"

Abuse of multiplication

[sacrilicious]

Other former employees argue these security measures are justified by Facebook's reach and the intense emotions it can inspire. The company has 2.7 billion users across its services. That means that if just 0.01 percent of users make a threat, Facebook is still dealing with 270,000 potential security risks.

Nonsense.

There are 6 billion people on this planet. If just 1 in a million of them decides they need to hurt me, I've got six thousand people coming to hurt me. Therefor I need to have a permanent police escort, and patrolling of my house, and wear a bullet proof vest at all times. And there's probably some more.

Re:Abuse of multiplication

[dshk]

But you have no 1 million people interacting with you. And by the way, from my experience, while 0.01 percent is a bit high, but only a bit. 0.001 or 0.0001 is a better estimate for serious threats.

Re:Abuse of multiplication

[geggam]

Pretty sure you just used math to prove why there is no real threat from terrorism

Re: Abuse of multiplication

[Type44Q]

You don't need to break out the quantitative logic to demonstrate that; the qualitative kind will suffice.

Re:Abuse of multiplication

The real threat from terrorism is overreacting to it.

Make a threat against Facebook

[Chris+Mattern]

and they call out all the dogs.

Make a threat against a Facebook user? Not so much.

Re:Make a threat against Facebook

Lesson? Stay away from Facebook.

you bad mouthed facebook?

Zuckernet does not like that. Zuckerberg will send you to his great grand uncles old gulag. Aka political rehab, kinda like Auschwitz, but its not in the american historybooks that are sent to the public schools

Stalking

In some states, Stalking is a felony.

He's a Facebook user

At this point I think that meets the legal definition of insane.

Re:He's a Facebook user

Exactly. The brain is a complex organ. Some people have a compulsion to hurt others, while another part of their brain does NOT want to, but they can't help it. Sometimes that other part of their brain will "sabotage" the efforts of the part with the compulsion, in order that they be stopped.

Things are not always so clearly cut-and-dry as that every killer is a ruthless machine.

Poison company

The company is evil.

The reason it blew up and continues to function at a high level of invulnerability must be due to government backing.

It only makes sense.

A private company tracking "threats"

Yeah ok.

Stalkers

[Shotgun]

So, can we all sue Facebook for stalking behavior?

Re:Stalkers

So, can we all sue Facebook for stalking behavior?

Only if Facebook has a twig & berries.

Keep your friends close...

And your enemies closer...

I guess the zuck understands basic tactics..

Meh.

[PPH]

Lots of companies do this. Keep track of disgruntled ex-employees or those who make threats against the company or its personnel. And if the threat begins to look credible, they turn that information over to law enforcement authorities to act on it.

It's possible that this can be abused. If you have a paranoid member of management or one that uses the system to carry out personal retribution. Usually law enforcement is smart enough to figure out if the threats are groundless or malicious. Problems arise when the "security professionals" who are handed this information are empowered as mini police forces by themselves. There are companies that employ armed personnel who step beyond protection and conduct further investigations or other actions posing as police or FBI agents. Conducting "sneak and peak" searches when they have no legal warrants nor the authority to act on them.

Re:Meh.

[JaredOfEuropa]

Lots of companies do this. Keep track of disgruntled ex-employees or those who make threats against the company or its personnel. And if the threat begins to look credible, they turn that information over to law enforcement authorities to act on it.

That's not unreasonable. But the potential for abuse is a lot less. Most companies will only have your name, address, SSN, and some additional info in your personnel file. FB however is sneaking and peeking all the time. So Imagine a company that has already built up a social profile about you, knows your sexual preferences, tracks what you buy, where you go and where you are, what sites you visit and what news you read, who your friends are, and what your online aliases are... and you are on that company's shit list. That cannot be a comfortable thought.

Re:Meh.

There are companies that employ armed personnel who step beyond protection and conduct further investigations or other actions posing as police or FBI agents.

Apple.

Re:Meh.

[PPH]

FB however is sneaking and peeking all the time.

I wonder if they are actually entering subjects residences as if they were real live cops executing search warrants. This has been done by others.

Re:Meh.

[...] Usually law enforcement is smart enough to figure out if the threats are groundless or malicious. [...]

Nope.

Re:Meh.

further investigations or other actions posing as police or FBI agents

Isn't impersonating an FBI agent itself a serious crime? My recollection is that the FBI takes a rather dim view of imposters.

hosts

127.0.0.1 connect.facebook.net
127.0.0.1 connect.facebook.com
127.0.0.1 staticxx.facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 scontent.xx.fbcdn.net
127.0.0.1 scontent-sjc2-1.xx.fbcdn.net

Double standard

... everyone is going to pay ...

Did he target Facebook in general, Facebook in his country, or Facebook in a specific building?

Facebook reports a non-specific threat against "its offices, executives and employees" but does nothing when a murder threat or rape threat against a user occurs.

So do we need a lawsuit to see the enemies list?

Chances are there are probably lots of civil rights suits there, along with some other protected class discrimination and political influence peddling.

Who freely chooses to use Facebook?

[shanen]

Are you trying to claim that the consent was informed? If so, I dismiss you as some sort of Libertarian. If not, then it is possible we have some underlying agreement on at least some aspects of the problem.

Potentially a distracting topic, but I mostly don't waste time with Libertarian BS these days. Last Libertarian-slanted book was Nudge , which was basically a paean to clever manipulation of the suckers for their own good.

Though I have basically started avoiding Libertarians in recent years, back when I "encountered" them more frequently I mostly concluded that they didn't have much understanding of what "liberty" or "freedom" mean--even though I admit my own understanding was relatively limited at that time. The first part of my Slashdot sig is dated and font-constrained here, but it captures some of my evolution on the topic. Now I think freedom exists, but it ain't easy.

On the other side, there seem to be an increasing number of materialists who disavow the idea of human freedom. They see humans as quite limited and easily manipulated machines. Currently reading 21 Lessons for the 21st Century by Yuval Noah Harari, and so far he seems to be taking that position on the issue.

In answer to the new Subject: question, I was asked by friends to communicate via Facebook. I still hate Facebook as a tool, and just made a kind of resolution to limit my usage of the tool, but it's also "The poor craftsman who blames his tools." But it's also the poor craftsman who doesn't know the differences among tools and who doesn't want the best tool for each job.

Re:Who freely chooses to use Facebook?

[drinkypoo]

Informed? Not by Faceboot. But by the hundreds of articles on the subject of their ubiquitous tracking, spying, etc. And by "the users" I don't mean only the direct provision of information by users themselves, but also the other users who provide information about other people by uploading pics and tagging them, gossiping about them, and the like. Remaining willfully ignorant is a choice. Not running a script blocker is a choice. Not running a cookie manager is a choice. Choosing a platform which makes those things hard is a choice. Facebook isn't magical, they depend on users acting dumb for their power. They can't wish their way to panopticon, they have to be given that position by countless hordes of the hear no evil, see no evil crowd.

This stuff is in the news constantly, and on people's lips as well. If people choose to block out information they find troubling, only further trouble follows.

Re:Who freely chooses to use Facebook?

[shanen]

I'm not doubting your evidence, but I still can't figure out your perspective. However, because I suspect you are blaming the victims it makes me think you are trying to frame the discussion from a Libertarian perspective, where it is "normal" to blame the victims because the Libertarians always think that they themselves are just too damn smart to be victimized. There are various responses (mostly related to information imbalances) that I could offer to your analysis, but if your framing of the "problem" is fundamentally "broken", then it would be a waste of time (for both of us).

Somewhat peripheral, but I think this is a related analysis. Some people are negatively deranged to believe Obama is a Kenyan Muslim Black Panther and Hillary is a super-criminal worse than El Chapo. However it is mostly the SAME people who are positively deranged to believe that Trump is honest and self-made. Maybe your framing is realistic, but you might be leading with your straight cards, like the Obama hater who starts with the "But he was a pothead" attack.

(P.S. I do not think I am deranged to hate liars--but...)

Re:Who freely chooses to use Facebook?

[drinkypoo]

I'm actually left of left, including being left of nobel-prize-for-drone-strikes Obama. I don't think Hillary is personally worse than El Chapo, I think Trump is the biggest shitheel around, etc. But I'm also pro personal responsibility where personal responsibility makes sense. The tools are available. I'm equally disgusted with people who don't read their car's owner's manual.

Re:Who freely chooses to use Facebook?

[shanen]

Okay, on that basis I will attempt to respond that it's (once again) a matter of time and prioritization. For example, I have stacks of manuals and supporting information around here, and I even used to read computer language manuals from cover to cover, but my time is limited. As I've grown older I've become more aware of how limited my time is to the point where my second email sig is now "It took me so long to learn patience that now I have no time to be patient!" I just can't RTFM (and all the manuals I've seen for Facebook are strong on the F).

Even worse, there are bad actors who will deliberately hide crucial information, or bury it in mountains of trivia. There are cases beyond that, as when what seems to be a non-adversarial relationship actually is adversarial, and I think that is largely the situation in Facebook's case. For all of these reasons, I don't think that the victims of Facebook (including yours truly) deserve as much opprobrium and scorn as you want to heap on them.

One more thing. I really doubt anyone fully understood the evil of Facebook while it was being created. Even Zuckerberg was mostly steering blind, though I think he may have "smelled" the power or the money or something lurking in the area. If I was sure that Zuck was evil, then I'd say he was eager to make a deal with the devil, but based on the books I've read about Facebook, I think he just woke up in bed with the devil, but it was okay with him because he was on the money side of the bed.

P.S. Your ad hominem stuff about politicians mostly seems justified, though I think you might be a bit nutty if you regard Obama as some sort of leftist. I would say that Obama is weakly principled but was effectively guided by pragmatism, while Hillary's true principles are probably pretty far to the left, though they are completely masked by her indoctrination as a lawyer. In contrast, I would say that Trump is completely unprincipled and delusional. #PresidentTweety may actually believe he's self-made and I definitely think he believes his own lies, at least for the instant in which he is lying. The interesting aspect of Trump is the volition element. He doesn't have any bad will to deceive, because the truth is irrelevant to him. Trump's bad will is to make the "thing" do what he wants. (The sociopathic aspect of Trump's "personality" sees all human beings as "things" to be manipulated.)

P.P.S. I feel like I was suckered into the Trump topic. I just promised to avoid all things Trump for the next few weeks... It's apparently quite hard to extirpate all things Trump. For example, the name keeps popping up in books published long before he entered politics.