Apparently Facebook is claiming that the functionality came from a separate "import contacts" feature that used to exist. But I agree; the idea that the import logic could have slipped into the login process accidentally is ludicrous. Or at least it indicates an outrageous lack of care on Facebook's part.
It requires just one developer and a couple of reviewers to make poor choices.
Which begs the question, how do you structure your organisation such that a foolish developer that only barely understands the change that they are making can't write code that makes arbitrary queries to particular data sets in unapproved contexts?
But you actually say it requires negligence on part of multiple people. I find it very hard to apply Hanlon's razor in this case.
Anyway, from my experience people do the stupidest/reckless things despite being told not to, just because there is no fear of backlash. Holding people liable for their actions could be a start, but who wants that?
Also, don't hire foolish developers in the first place. Policing around pebkac is hard.
Have you ever worked for an organization? 3 people making mistakes on a project, coupled with bystander effects, is par for the course. Being a million times wealthier isn't a million times smarter. We're still talking about how Boeing accidentally crashed a few jetplanes full of people, which required dozens of people to screw up.
Start by keeping the primary copy of the user's data on the user's own device so that the developers never have access to it to begin with. Then, if you ever have to hold a copy of the user's data, make sure it's encrypted by the client and your servers are never in possession of the plaintext.
To access the user's data, your developers should have to intentionally crack the user's password. And if they attempt to do that they should be fired.
Obviously this is not how Facebook works, but ideally it's how the thing that replaces Facebook will work.
There should be a name for this sort of software design. It's not just encrypted/privacy-oriented or whatever. It's a software design with a clear contract on who owns the data: the user.
E.g. Google Drive, which claims to take privacy seriously and also encrypts your data. But the data is not encrypted with a secret unknown to the server. How should my family members differentiate between the encryption Google claims it has and client-side encryption? For them it's all the same.
Maybe we need some commonly understandable name that a regular user can look at and know that this software is data-agnostic.
I don't think you need a board to stop this specific case. It's pretty obvious that what they were doing is unacceptable. The problem must have been a pervasive culture of lack of respect for privacy at Facebook, not a single engineer who somehow just didn't know any better.
Situations can get complicated. There might have been some side show reason to do this or that. Without oversight, some things will fall through the cracks.
A review board would a) give clear direction b) catch problems and c) put accountability where it belongs.
> It's an organizational policy, procedural, ethics and legal question - not a technical one.
Not really. You have to fall back to those things when a good technical solution isn't available, but sometimes it is.
Suppose you have a car, and four children. You can enact all the laws and policies and procedures you like, you can lecture the kids not to misbehave a thousand times. But the most important thing you can do, if you really don't want them out joyriding in the street, is to not give them the keys to the car.
The Engineers at FB should be given product direction, and should not even be making decisions as to what information to ask users for. That's for Product.
Part of product management will involve legal review, risk management. Clearly, FB has a few other concerns that should be thrown in there as well.
This issue basically has nothing to do with technology.
The way Facebook works is that they have all your data on their servers. That is the underlying flaw.
You want to have your data, you want the people you share it with to have it, but there is no reason for Facebook to ever have it. When you share it, it should be encrypted by you and decrypted by the end recipient(s).
You don't need to worry much about policies for accessing data that you shouldn't, and don't, ever actually have.
That's not exactly true, it depends on the architecture in use. For instance if using a Publish/Subscribe model, you could have had a service that listens to your email being connected, and since the only reason to connect your email was to upload contacts, it would upload contacts automatically.
Later when login with email was added, the same event was sent but whomever added the event didn't know it would case the upload of contacts.
That doesn't mean it wasn't shoddy craftsmanship, bad architecture, bad QA and probably bad communication later on, but it could have been by mistake (at least at first).
If the feature was using the fact that the user supplied the email password, parsing the emails for contacts or logging in with the password and getting the contact list, how on earth could that have been a part of an earlier import contact feature? Did they already ask users for their email password for that? If not this is a feature that needed special code, impossible to be an accident.
> When you create a Facebook page for your business, you can import your email list of contacts directly into Facebook. From there, you can suggest your Facebook page directly to your customers. Facebook can interact with a range of email providers and only needs your email accounts's username and password to import your contacts.
> Type your email address and password for the Web-based email or instant-messaging service that you want to import into the dialog boxes and click "Find Friends."
I believe "move fast and break things" is a quote often attributed to Facebook. In this case the automatic importing feature might have been something broken, or something working correctly with an excuse that it was "broken".
Forget the contacts. People willingly gave Facebook their email passwords. Did Facebook also accidentally upload users' emails? Why would Yandex (from the screenshot) even permit this?
First they ask for email passwords. Then the new users assume Facebook won't comprehensively mine their emails. Then Facebook awkwardly gets caught uploading 1.5 million users' email contacts.
It doesn't make sense for people to trust the service at all unless you assume one of two things:
1 - Despite all the outrage on hackernews, and the NWT stories, our neighbours down the street and family members still don't know how Facebook works or what is done with their data
2 - They don't care about their data privacy. I've heard this claim many times, but the people saying it often change their minds when they read more news stories. I really do think people have trouble assuming the worst about the intentions of others and are inclined to be trusting.
> "I really do think people have trouble assuming the worst about the intentions of others and are inclined to be trusting."
I think you hit the nail on the head. Even on HN, it's not uncommon to see a few comments on each negative story about facebook accusing the media of a conspiracy against Facebook; claiming that the media is wrongly maligning Facebook who is merely the unfortunate victim of a series of coincidental accidents.
They have trouble accepting that a tech corporation like facebook actually might be rotten.
I think you see that more with other tech companies.
There is a certain amount of anti-silicon valley sentiment in the media and as a result there are a lot of stories maligning tech companies in ways that aren't always fair. Especially when the media companies are campaigning for some kind of problematic legislation that the tech companies are on the other side of and so will take any excuse to try to make them look bad.
Then there's Facebook, about which nobody has time to write a story maligning them unfairly because there is never that long between any of the stories maligning them fairly.
>They have trouble accepting that a tech corporation like facebook actually might be rotten.
Probably because they work for an evil tech corporation as well (this is HN, where SV techbros hang out, so the probability of that it pretty high) and want to ease their cognitive dissonance.
Group #2 somehow lacks the imagination to see what could go wrong. They will learn when a cause effect of Facebook usage is put in their face. I guess the recent news does not push it in their face enough.
Its like that with skimming, lock picking, server security, infrastructure security, basically everything security related.
You're absolutely right. Yet for some reason it seems popular to discount that possibility. Particularly when invoking the thought terminating cliche that is "Hanlon's Razor."
Only idiots invoke "Hanlon's Razor" not jokingly. It's such an incredibly shallow and stupid thought indeed. I like the way you put it: "thought terminating." That's what stupid people generally prefer to do with arguments.
>They don't care about their data privacy. I've heard this claim many times, but the people saying it often change their minds when they read more news stories.
"People don't care about a problem initially, then when it becomes graver they start to care"
I think the backlash is mostly just delayed. At one point revenue will take a hit because engineers might refuse to implement these "unintentional" and "accidental" features on time.
There is no doubt that the public image about FB is significantly changing - a year from now things will not look better for Facebook then they are today, most likely worse I'd say. This is not something they can turn around anymore - the leadership is not making any learnings and repeats the same mistakes over and over again.
I try to be an advocate for privacy. I really do. But everyone just calls me paranoid, asks why I need to be worried about my government like I have something to hide, or just stares blankly at me because they can't be bothered to actually think about the words climbing through their ears.
I'm going mental over the explosion of televisions in the last half decade which identify and report any content you watch on the TV by default, in exchange for 100-150 off the television (which was fluff to begin with... it's not a direct trade of $100 for your data).
I've set up about a dozen of these now for people and they just stare blankly while I try to explain what "Auto Content Recognition" means... Hello 1984.
I'm right there with you. Most people write it off as paranoia and give the tired "Doesn't matter if you have nothing to hide". I think the problem is the only reason we have to convince people to change is just principles. There is no existential reason right now to convince people to change their behavior. Sure it's scary having large entities vacuum up our data and spy on us but so far there are no real bad effects on the users being spied on that I know of.
These companies would not be wrapping their practices in secrecy and lobbying against user rights unless there were sinister aspects of Big Data.
And it's not just principles. The effects of Big Data are extremely tangible even if not to you in this particular time or space. Some feel the effects now, others will feel them later in life.
I'm worried my children or grandchildren could one day be denied healthcare or adequate education or loans or low insurance payments just because of my attitude towards my government and every other aspect of my lifestyle which gets swept up and analyzed by for-profit robot armies bent on achieving the Holy Margin.
Can someone use a throwaway e-mail address to sign up for Facebook?
Once the e-mail address is validated, is there any further need for a valid e-mail address to continue using FB?
Historical fact: Going back to the days when a university address was required, if the user created her Facebook account while at university and her e-mail address later expired when she graduated, FB did not disable the account.
Unless one wants to get notifications and other FB crud via email, AFAIK there is no need for a working e-mail address to use FB.
Just use a throwaway email account AND keep it? At some point they might decide to lock you out if you log in from a different place, I think it's better if you keep the email account safe.
I created a temporary email on my domain to use for the Facebook account creation and then disabled it so I stop getting spammed.. I can always re-enable it if I ever need to.
Yes. I use throw-away email addresses for everything. When a company gets popped or "accidentally" leak my email address, I simply add a header check and reject or discard them. I was on FB for 2 weeks when it started and I still see them in my logs from time to time trying to fish me back into the system.
I wanted to create a FB account while giving as minimal data as possible. While it's possible to create an account using temporary emails / temporary phone numbers, FB eventually asks you to submit more details.
This includes clicking verification links, uploading your photo, providing phone numbers etc.
Even when I managed to do all these (using fake data), my accounts got disabled in few days.
PS: when I used my email id associated with my FB account deleted back in ~2012, I found out it wasn't deleted. FB asked me to recognize pictures of my friends. So I believe no detail that ever passes the event horizon of facebook can ever leave it.
Not for one second I believe this was unintentionally. After all data scandals where Facebook didn't actively care or even empowered the problem by not acting towards privacy.
I think this company is inherently bad from the top and everyone working there is enabling them. Sure, it pays well.
Problem is, most bigger companies do bad things. See VW and the emission scandal and I hope Winterkorn and other top managers goes to jail for that. Also I'm biased, for me Facebook and Instagram are pretty useless, the only useful product they have is Whatsapp...
>Facebook says that it didn't mean to upload these contacts
How can you not mean to? It's one thing to say that, were it something tangible, like paper, "Sorry, mate. These pages snuck in with the others. Sorry about that. We'll pull it out. No worries."
Pulling contacts and uploading them is not a passive action but takes active action.
>and is now in the process of deleting them.
So, the question must then be asked: How do they differentiate the sources of contacts associated with an account, unless they're logging that, as well? If they're not logging that, then how are they, presumably, deleting those contacts?
Are we taking bets on Facebook being in the news again, in a months' or so time, for being found to not have deleted them? :)
Indeed. Expect the next headline to be, "Facebook 'unintentionally failed to delete' 1.5M people's contacts, which they'd previously unintentionally uploaded".
> Pulling contacts and uploading them is not a passive action but takes active action.
Action such as "accidentally" asking for email passwords. It is quite remarkable how these accidents line up just so.
Grammar-checking programs should be flagging any use of "accident", "accidentally", "unintended" and "unintentionally" whenever they appear in the same sentence as "Facebook" and are not within quotes.
This seems like 'growth hacking' gone wrong. Facebook's growth has been loosing momentum for several year's now and it seems to me they are trying to make up for it by using every trick they have up their sleeves.
They might want to overthink their motto 'Move fast and break things'.
It's my understanding that they used to do this entirely intentionally at one point via an "import contacts from mail" feature, then they dropped the feature and now when they added the "sign in with e-mail to verify your identity" feature someone reused the old code without being aware that it will also harvest the contacts and that they don't want that this time.
It's the opposite of "privacy by default", basically.
The selfish part of me wishes that the media would stop reporting on the endless procession of privacy violations / attacks by Facebook. It doesn’t seem to change a damn thing (Facebook revenue, DAU, etc seem to just keep going up). All it does it make me depressed, watching as we all just aimlessly shuffle pathetically toward some surveillance capitalism dystopia.
Since FB has gone out of their way to weaponize "friendship", my suggestion to everyone who actually likes to have some standards in their life and don't like to be manipulated like that is simple. Just do it back to them. "Unfriend" (IRL) everyone you know who works at Facebook and tell them you will "friend" them back once they leave the company.
Or maybe people could learn again "personal responsibility" and realize that everything they give to facebook is exactly like giving oyur life to any compagny like Coca Cola, and that these compagny can do pretty much anything with it within the limits of the "laws that are actually enforced", whose number is pretty much 0.
You're right and I appreciate your comment. You probably noticed taking responsibility is extremely unpopular nowadays in all aspects of life, most noticeable in politics probably.
People aren’t entitled to commit cyber crimes, just because it’s a convenient way to pay the bills.
So far as I can tell, this was Facebook exceeding authorized access to a computer system — at scale. If you or I did this, we’d be looking at felony charges.
I wouldn't say I necessarily agree with doing this when it comes to Facebook, but is there really no circumstance in which you think it'd be justified to cut off contact with a friend because of where they work?
For instance, if I had a friend whose job it was to design missiles that are used to bomb innocent people (Lockheed-Martin for instance) I would seriously reconsider my friendship with that person. Yes, it's "just their job" but choosing to have a job which requires having such warped ethics would make me reconsider whether I want to continue associating with them.
Nobody is forced to work at such companies. Yes, effectively all companies do things which we don't agree with on some level (unimaginably large amounts of tax avoidance being the most obvious example). But if a company's ethics are completely antithetical to your own, then I don't see how you could morally justify working for them.
(Obviously there are some understandable exceptions to the above -- the most obvious being that in the US employees are effectively blackmailed into working for their employer because they'll lose their heath insurance otherwise.)
On its face the statement is true. LM does design missiles, and some non-zero number of them have been used to kill innocent people.
I'm curious what part of the statement is important to you in making that decision though. Is it that LM is part of the military-industrial complex, full stop? That the weapons are used by the US military? That they are sold to and used by other governments? Would LM be acceptable if they created weapons that magically never harmed the innocent? What if they occasionally harmed the innocent but were always used by people with good intentions who were doing things you supported?
I was using Lockheed-Martin as an example of a "clearly immoral" company, you could replace it with any other example you can think of and the point would be the same (that at some point you have to accept that ignoring your morals in order to get a paycheck means you don't really have those morals).
As for my personal view, it's fairly clear that Lockheed-Martin props up (through lobbying) and profits (through government contracts) from the US war machine -- which in turn has killed millions of innocent civilians. And then there's the contractors that Lockheed-Martin has provided to government agencies to further strengthen the surveillance tools of the NSA, CIA, FBI, and so on. So, I think Lockheed-Martin was a good example of a "clearly immoral" company.
EDIT: You changed your comment after I responded to it. I don't think the ethics of hypothetical magic missiles is a super useful conversation to have (changes in technology don't change our underlying ethics, they just change what ethical questions are being asked).
On the question about unintended consequences, obviously in wars you can't guarantee zero civilian casualties and innocent bloodshed is inevitable (though still unjustifiable). But the US is currently engaged in several illegal wars of aggression (which is a crime under international law) and clearly planning to engage in several more. Personally, I think the "unintended consequences are inevitable in war" defense isn't available to you if the war itself was illegal from the outset.
Suppose we reverse that sentiment a little bit: I would never friend someone again who knowingly manipulated me to suit their employer and ultimately themselves. Which, once you remove all the layers of abstraction, is what it boils down to.
"Suppose you were bereft of morals, and suppose you were working at Facebook; but I repeat myself."
Judging from other comments this is an unpopular idea, but why does business get to be some sort of quasi morality-free zone where nobody has to take responsibility for anything? If a friend works for a company that engages in activity that I find morally reprehensible, why shouldn't this affect our friendship? I think our society could really benefit from a little accountability, so in lieu of regulations and laws protecting us from corporations I think protecting our social circles from people who endorse the bad actions of their employers because "it's just business" is perfectly okay.
I see other comments talking about personal responsibility, but in the case of FB the notion of a company selling their data is too abstract to clearly understand the risks/consequences for many. Should we put no responsibility on corporations to act civilly or at least legally? Should one not have a personal responsibility to engage only with corporate entities that behave civilly/lawfully/etc? I really don't understand this mindset.
Honestly I don't understand why Zuck doesn't sell up at Facebook and use his considerable money and brains to move to philanthropy, like billg. His personal brand is going to continue to dive while he's the face of this bullshit.
Zuckerberg, like billg, has no interest in philanthropy until his mortality and his wife are is staring him the face putting the fear of the afterlife in him.
>what is your tipping point? Would you say no to that assignment?
When FB stops giving them a check.
At least that has been my experience watching programmers at other companies. Unless ethically bound by regulation and law, few people seem to have ethics.
Methinks that was what the OP was asking -- what is the tipping point ? Having differing ethics is fine but one can't just lean on that as a crutch when one has none.
What tipping point? Maybe the engineer themselves who recommends the practice. Everyone have ethics but might be differ than you. As long as the practice meet their goal, from their perspective it works.
From the article it sounds like there was a prompt for permission that got removed:
> Facebook told Gizmodo via email that in May 2016 it made a revision to the registration process, which originally asked the affected users for permission to upload contact lists. That change removed the opt-in prompt, though the company did not realize the underlying functionality was still operating in some cases.
It doesn't take a conspiracy to understand how a bug like that could happen.
Just to be devil's advocate: Google is notorious for having separate siloed teams that do not share efficiencies or updates (eg. Hangouts and other messengers). A company like Google and Facebook don't have a good excuse, but we shouldn't be surprised.
Doing QA at large tech companies is never that simple. You have lots of teams that share code. Imagine a scenario where Team A uses code written by Team B which uses code written by Team C. Team C makes a change to their code that breaks Team B's code but only for the way Team A uses it.
For the people in the back, "Facebook is a multi-billion dollar company." They have 30,000 employees. They could spend the money to do better QA. But it's cheaper to let your end-users do it for free.
One way to combat this is to let other teams register tests in other team's projects. If a test fails, you know it breaks someone's expectations. From there, you work with that team to update both sides.
It doesn't matter if it's simple or not. We can't hold these 1k+ engineer teams to the same accountability levels as a 3 person team. When, as engineering professionals, are we going to put an end to this? This is completely unacceptable in any other engineering discipline.
its such a coincidence that these accidents keep happening in ways that enable further data gathering...surely there isn't a larger problem with Facebook's attitude towards their users' private data or anything
That bug would be a critical failure and be caught, the reverse would be a non-critical bug that the PM decides to to put in the backlog because reasons. If in a year we haven't gotten around the fixing it, then it's time to clean out that backlog!
"New Facebook Feature Allows User To Cancel Account. ... The company later confirmed that account closures would not stop Facebook from continuing to acquire, permanently store, and sell all information about its current and former users until the day they die." https://www.theonion.com/new-facebook-feature-allows-user-to...
I'm not excusing FB, but it still makes sense. Their whole business model is data collection on their users, graphing connections between these users, and brokering deals with advertisers about users on the platform. When something goes awry, you can bet that it will somehow affect one of those things.
When every public-facing thing you build is centered on hoovering up data, you're going to have two broad classes of errors. Hoovering up too little data, which doesn't hit the news, and hoovering up too much, which does.
That said, when your "errors" directly line your pockets, you're not entitled to the benefit of the doubt.
It’s pretty hard for me to imagine that there’s some other function that just happens to coincide with accessing different email servers and collect past emails to collect the email addresses.
It was deliberate because of the work involved. The only investigators that think it’s accidental probably believe the internet is a small black box guarded by the “Internet wizards”.
> A Facebook spokesperson also told Gizmodo that a screenshot of the original opt-in prompt was not available.
I'm not a conspiracy theorist but if you're trying to claim you cannot capture a screenshot from any release meant to be shipped out, either you're crap at release management or are full of shit. Which one is it?
Also, even if we were to suspend logic and belive this was a bug, what's FB doing to correct it? Are they deleting all uploaded contacts and going to request for consent again?
FB is a cesspit. Get out of the company if you work there and get out of the platform in any case.
> I'm not a conspiracy theorist but if you're trying to claim you cannot capture a screenshot from any release meant to be shipped out, either you're crap at release management or are full of shit. Which one is it?
That doesn't strike me as especially unlikely, especially for a specific branch of the app codebase that would likely only operate with a huge number of other co-dependent codebases for backend systems that no longer exist.
With six months to recover code and build a non-live environment with all the dependencies could it be done? Sure. But that's not really within the scope of a journalist request.
I would say it should take less than an hour for a dev to get an instance of a specific revision up and running, not months...but I agree with the thrust of your message: when the reporter asked their Facebook representative for a screenshot of the box, they looked in their pictures folder for a screenshot. They probably did not try to spin up an instance for the developer.
This reminds me of the Firefox/Google tweet storm. A bunch of "bugs" or "unintentional feature" that get fixed with a seemingly honest apology, only for another "bug" or "unintentional feature" to take its place.
At some point, it goes from "the occasional bug" to negligence at best, and hostility at worst.
“For the FB employees reading this: what is your tipping point? Would you say no to that assignment?”
There is a good chance that they didn’t know how their work would eventually be used. That’s the problem with big companies. Most people are far away from seeing the consequences of their work.
The tipping point is when the utility value of their paychecks no longer exceed their personal sense of responsibility about the system they're complicit in.
- developer A is tasked to create the prompt to ask for username and password of the email account
- developer B is tasked to call some API to upload contacts from email account
- developer C is tasked to bind two functionalities.
Now replace developers with teams and you see how simple is for the average developer to underestimate the scope and the ethical bounds of a given task.
I’m dead serious when I say that no two large scale projects are done the same way. I have seen many and can tell you the possibilities are infinite how it gets approached
That implies that you, as a developer, then hear new stories like this one and simply ignore any role you may or may not have had in the situation. It implies that you simply ignore that your manager or engineering leadership are asking you to do things that are unethical without informing you about how your work will be used. It implies that you continue to work for that leadership knowing that they will lie to you, hide their true intentions, and use your labor to execute profoundly unethical practices.
It's not news at this point to anyone working at FB what their leadership is engaged in, and what their work is being used to accomplish.
Perhaps several years ago you could claim some kind of ignorance.
That's no longer the case. You know who you work for. Own it.
I’m more surprised that people are still being “surprised” that Facebook isn’t a wholesome company out to make the world a better place through algorithmic social manipulation.
Let’s not be ignorant of the idea of one or two senior developers each given a suitcase full of cash. It’s not like learning to program magically gives you unbreakable ethics.
Even at this point, you’re not getting a mass exodus of workers from Facebook. Those in there are choosing to be there at this point. Koolaid or not.
But you are right, scope creep in the “unethical” aspects and it can suddenly be “no one’s fault”. That isn’t a bad plan.
I’m not one of them, but let me play the devil’s advocate...
You’re getting paid 2x market salary (“market” here being non-Facebook and non-Google, which isn’t any better) and delivering services to people who voluntarily sign up ro them... I mean there are worse jobs in the world.
“That’s a really dick of an idea and I’m pretty sure it’s illegal. Exactly how illegal, I’m not sure. But I know illegal to some degree.”
“You live in a shit apartment because housing prices are stupid and makes your salary meaningless in this town. Here’s a wheelbarrow full of hundreds and we all agree it was an accident.”
But seriously. There’s no accident in what happened. This is Facebook. Anyone who thinks Facebook isn’t morally corrupt probably also says “What do you mean Stalin wasn’t a pacifist?”
> It takes extra work to upload those contacts, which means several managers and developers decided to do it and then spent time implementing it.
Not really. Facebook is a bunch of autonomous services (registration, access, tracking, activities, etc.) accessing shared databases (chat logs, activities, media uploads, etc.) with some kind of automatic implicit and explicit ACL in place. The suggestion/contact service got access to data provided through the email-not-working-with-oauth-so-let-us-use-automatic-token-delivery-and-confirmation-by-accessing-user-emails because it was told a new source of contacts were available for those users. So, not a straight path.
Accident/Blunder > Evil.
Now. GDPR ? GDPR. And because of GDPR those things aren't supposed to happen in Europe.
Considering vast crowds of folks happily working for amoral places like investment banks (2008 crisis and its consequences) or wealth management (rich folks trying to keep as much money untaxed as possible and used for public spending), the moral bar for usual smart person is actually pretty low. Optimizing some ads seems pretty harmless when compared to.
As long as you don't see the evil being literally done ie in form or row of inmates being sent to gas chambers, there are almost endless ways to persuade yourself that all is actually OK and fine.
They did have the upload-your-address-book functionality before they instituted this check. I’m very much hoping to see Facebook suffer for this, but I could conceivably see a scenario where they reused code that did more than they wanted.
In The Fine Article, it says that the feature was built on purpose, and previously asked for permission. The accident is that it wasn't completely removed.
It also takes extra work to ask consent. You build it. You don't notice that your confirmation screen fails to trigger. You've just unintentionally uploaded a bunch of data without consent, when your intention was to do it with consent.
It's still pretty darn negligent, but it's easy to see how it could be done unintentionally.
FB has said they'll be notifying the people whose contacts they "unintentionally" uploaded. How about notifying those contacts whose private details they illicitly obtained that their privacy has been compromised by Facebook - the innocents who signed up for FB and had their contact-list stolen (let's call it what it is) may or may not feel any moral obligation (more likely, don't even see the issue) to notify their friends/family/plumber whose details they "lost" to a thief.
That's right. Whenever a computer system is breached, it is the breacher's responsibility to notification the affected people, not the entity entrusted with the information. That's why it's generally agreed that Equifax did nothing wrong when credit data was accessed.
People can sue if they can find some claim to real-life damages... You'd only need a small percentage of the 1.5 million people and FB would probably settle out of court.
How about consumer and privacy laws? I know it varies from country to country but the government can sue and fine companies and people in order to protect it's citizens. I know I know.. I'm old fashioned like that.
How about notifying those contacts whose private details they illicitly obtained that their privacy has been compromised
Because there's a difference between "we screwed up and obtained this" and "we screwed up, obtained this, then used it. Hope our use didn't result in any problems for you."
Convenience. That is, Facebook - and others, like Skype - tells new users that the easiest and quickest way to find your friends is to send them your contacts so they can cross-reference the users.
And that, including me not paying attention, is how all my e-mail contacts got an email from facebook where I invited them to FB. That wasn't the intent!
Interestingly, WhatsApp (and Telegram, and Signal) don't even ask and just upload all your contacts' phone numbers (this is before Android had the prompt "Allow this app access to your contacts?). It's very convenient, and also very sad.
Also sad is the fact that BlackBerry already had a fine-grained permissions systems pre-iPhone days, but it took iPhone and Android many many versions and years before they built such privacy controls (but yeah "We care about our costumer's privacy"
- Apple). And Google didn't even care about privacy back then I remember the Google Maps app for BlackBerry just prompts you "Please give us all the permissions we want or this app will just exit now." on startup, when you've denied it a permission or two.
Permissions to read text messages is another one that gets me. I know not many people use SMS as their primary communication but how can you be so astonishingly blasé about your data to save typing in a code?
Thankfully there is now the SMS Retriever API that lets you do this without having access to all messages, and the Play Store no longer allows apps that require this permission without SMS handling being a core functionality of the app.
Signal doesn't upload your contact's details anywhere. It hashes your phone number and sends that to a central service that knows which hashed numbers have Signal. Then it periodically asks that service whether hashes of contact numbers are in the list in order to decide whether to suggest Signal for them instead of unencrypted messages.
It turns out that some people genuinely are forgetful enough that if they told their iPhone Bob's number, email address and shoe size in 2016 and then in 2019 their phone finds out that phone number is registered for Signal, they will conclude that the phone must have learned Bob's details from Signal, which in turn stole them from Bob as part of some nefarious plan.
You can't do anything about this, it's like the Spam problem. If you send ten million very, very useful emails that are genuinely valued by every human recipient, hundreds of them will be flagged "spam" because Humans aren't very good at this sort of thing. They press the wrong button or they've been using "mark as spam" because they thought it's "mark as read" or they meant to mark the one below it, or above it.
People who aren't very tech/privacy-savvy, like elderly people, or kids/teenagers.
I remember signing up for facebook when I was in high school, and I probably would've provided my email password if facebook asked for it...as an adult now I wouldn't provide my email password to anyone, of course.
Most people don't understand OAuth, so they don't know the difference between OAuth and giving out their password. Most people don't know they're doing this with bank scrapers like Mint!
I myself have had trouble figuring out whether certain dialogs were OAuth dialogs or just skimming my password, and I've been in web software for 20 years. A layperson has no chance.
This is not at all abnormal behavior. I'm kind of amazed consistently by the lack of awareness of the HN crowd of the habits of most users. Most people do not think about what they do on a computer even a fraction as often as a developer or other user here would.
My mother, for example, does not really understand that websites are run by individual entities. There's one "internet" and all websites are kind of like a strip mall under general management, so in her mind if one page on facebook askes for a password to read my email, how is that any different than reading my email on on the yahooo page.
All she knows is Facebook, an "official" website asked for a password.
It's a pretty easy mistake to make when you're new to the web, or simply don't care all that much how it works. I made the mistake of giving someone my contacts once when I was new to this stuff, and had many apology emails to send when my friends were spammed as a result. It was a harsh lesson in the web's fundamental hostility.
SOFORT quite explicitly ~scraps~ scrapes the entire available transaction history for „your convenience” (much more is available with access login and password actually). What a satisfaction when they tried to enter Polish market and the Polish finance controlling authorities shut them down before they managed to squeek. The famous German „privacy” it is.
They claim it's to see that the customer is liquid enough, so more for the convenience of the seller.
It's incredible that the banks tolerated this service even though they told their customers to not to give their credentials to a 3rd party. Or not just banks, how about the German Federal Office for Information Security.
I wish the bank would just block accounts who they detect used the service with an error like "We think your credentials have been compromised" (then again the stupid customer will think it's the bank who got breached). Or give them a fine of e.g. 100 Euro for breaching their user agreement. Then again, this would lose them so many pissed-off customers.
The idea of handing over my banking password to any third party is crazy. Mind you, I'd love an API that I could use to easily pull all of my banking details into my local system. There are a few ways to do this currently, but nothing simple, open, and standard.
P.S. As you seem to be a non-native English speaker, the word you wanted to use was "scrapes" not "scraps".
There was a class action lawsuit against them (LinkedIn Lost it, iirc) for what they did. I believe they would try to connect you with any of your email contacts if you logged in with OAuth.
LinkedIn was pretty bad, but Facebook was saying that your login information was only going to get used to verify your email. smt88 has a good analogy up there
At some point, some government is going to have to step in and stop Facebook. Five years ago, I would not have believed that I would have supported government action. Now, I’m afraid for the future if there is no intervention.
Well yeah, I’m sure they do, but at what cost? The same data collection that government loves so much has been misused to throw elections and genuinely cast doubt upon the democratic process. Ultimately, creating this big giant drag nets has only empowered companies to demonstrate a complete lack of regard for humanity.
If that’s security, I no longer want to be secure.
It only makes the job of intelligence agencies easier, a tiny part of an government. And one that wouldn't play any role in intervening in a company like proposed.
I don't know if you've followed the news, but multiple governments have investigated, sued and fined Facebook. A quick Google indicates Facebook may end up paying 1.6 billion to the EU. The UK is doing an investigation too, with FB's impact on the Brexit referendum, as well as the whole Cambridge Analytica thing.
If you're thinking Facebook is getting away with it, you're wrong.
Of course, they're mainly getting fined; if that isn't harsh enough punishment then I don't know what to do next, that's dangerous territory.
Eventually fines can exceed revenue. There are also laws which allow board members to be directly liable, one of which (I have been told by trade-union-funded free legal aid) is the UK can go after board members who knowingly trade while insolvent — and demand they personally pay the debts.
Another (which is merely me reading the law and therefore probably doesn’t mean what I think it does) is prison time and equipment seizure if a business engages in copyright infringement commercially.
> that isn't harsh enough punishment then I don't know what to do next,
Split the business into smaller, independent ones. We've seen this before. There's enough services hiding inside FB that treating them like a monopoly is not a terrible idea.
They don't. I meant the similar approach of splitting them up would make both the regulation easier and self-regulation more incentivise - the same reason monopolies are split.
1.) The US FTC really needs to update its working definition of a monopoly. “Consumer welfare” is normally shown via price and since free services are always free, it’s a tough thing to argue.
2.) Facebook owns about 70% of the social networking space, and Google and Facebook have a virtual lock on online advertising. Moreover, through its share buttons, Facebook has created a web full of data gathering - the sheer amount of information they have makes them very hard to compete against. Add in some regulatory issues in the Instagram and Whatsapp regulations and there’s an image of a company that’s just about impossible to compete against and that has used its clout to bring net harm to consumers.
Facebook faces a small punishment or perhaps a public rebuke from some politician, someone from the company makes some lame statement about how they’re committed to do better, and then within two weeks another story comes out that demonstrates they don’t give a shit about their users.
Facebook has thumbed its nose at every single attempt to rein it in. The next steps are dangerous territory, but only for companies that behave in tremendously antisocial ways. It would be a net win for the rest of us.
Well, not much is changing after these kind of fines.
> A quick Google indicates Facebook may end up paying 1.6 billion to the EU.
A slap on the wrist, Facebook had 8 billion in revenue Q1 2019. But first let's see if they actually end up paying that.
It's just like how banks change after receiving massive fines for their role in the crisis, money laundering, transacting to sanctioned countries (they don't really, aside from some minor internal processes to prevent the exact same thing from happening again).
I don't think personal liability for white collar crime would be "dangerous." Someone either signed off on this, or negligently let it happen, and they should own it. Unfortunately, we'll probably just keep fining the company, and occasionally dragging Zuck in front of Congress for a bit of scolding and boilerplate apologizing.
The incessant stories about Facebook are beyond tedious. I don't even know how to complain about this. I suppose it would be nice if we could somewhere officially label Facebook as dodgy rubbish, and abandon everyone who continues to knowingly use it to suffer the expected consequences, and never have to read another unsurprising article about them ever again.
While they are deleting the imported contacts, that doesn’t undo any potential shadow profiles they generated, any training to their ML models that associate users (relationships), or any training to their advertising models. I believe Facebook doesn’t care about the contacts themselves. They wanted all of these collarary benefits that the general public will not be thinking about.
Why does it ask for your e-mail password to begin with? It is sad that there are 1.5M people out there (and probably more) that actually gave them their password. Scary.
Why are companies even asking users to provide passwords for unrelated services? For example, when I added an external account on Etrade, they gave me the option of same day verification of that account if I provided them my online banking account credentials.
This practice opens up a significant potential for abuse and should be illegal.
Yes, but that doesn't mean that someone else needs my credentials to verify it. They should have their own independent method of verification. Do I need to give you my online banking's user name and password in order for you to send me money?
309 comments
[ 2.6 ms ] story [ 260 ms ] threadthe code to implement that functionality didn't come from nowhere
Which begs the question, how do you structure your organisation such that a foolish developer that only barely understands the change that they are making can't write code that makes arbitrary queries to particular data sets in unapproved contexts?
Anyway, from my experience people do the stupidest/reckless things despite being told not to, just because there is no fear of backlash. Holding people liable for their actions could be a start, but who wants that?
Also, don't hire foolish developers in the first place. Policing around pebkac is hard.
To access the user's data, your developers should have to intentionally crack the user's password. And if they attempt to do that they should be fired.
Obviously this is not how Facebook works, but ideally it's how the thing that replaces Facebook will work.
E.g. Google Drive, which claims to take privacy seriously and also encrypts your data. But the data is not encrypted with a secret unknown to the server. How should my family members differentiate between the encryption Google claims it has and client-side encryption? For them it's all the same.
Maybe we need some commonly understandable name that a regular user can look at and know that this software is data-agnostic.
It's an organizational policy, procedural, ethics and legal question - not a technical one.
They should have feature reviews before the code reviews. The feature review panel puts bounds on what the code can do.
A review board would a) give clear direction b) catch problems and c) put accountability where it belongs.
Not really. You have to fall back to those things when a good technical solution isn't available, but sometimes it is.
Suppose you have a car, and four children. You can enact all the laws and policies and procedures you like, you can lecture the kids not to misbehave a thousand times. But the most important thing you can do, if you really don't want them out joyriding in the street, is to not give them the keys to the car.
The Engineers at FB should be given product direction, and should not even be making decisions as to what information to ask users for. That's for Product.
Part of product management will involve legal review, risk management. Clearly, FB has a few other concerns that should be thrown in there as well.
This issue basically has nothing to do with technology.
You want to have your data, you want the people you share it with to have it, but there is no reason for Facebook to ever have it. When you share it, it should be encrypted by you and decrypted by the end recipient(s).
You don't need to worry much about policies for accessing data that you shouldn't, and don't, ever actually have.
Later when login with email was added, the same event was sent but whomever added the event didn't know it would case the upload of contacts.
That doesn't mean it wasn't shoddy craftsmanship, bad architecture, bad QA and probably bad communication later on, but it could have been by mistake (at least at first).
Yes they did. I remember people complaining about it many years ago. Here’s a page from 2012 describing it I found using google advanced search: https://smallbusiness.chron.com/import-email-facebook-44162....
> When you create a Facebook page for your business, you can import your email list of contacts directly into Facebook. From there, you can suggest your Facebook page directly to your customers. Facebook can interact with a range of email providers and only needs your email accounts's username and password to import your contacts.
Here’s another from 2011 https://www.techwalla.com/articles/how-to-import-contacts-to...
> Type your email address and password for the Web-based email or instant-messaging service that you want to import into the dialog boxes and click "Find Friends."
It doesn't make sense for people to trust the service at all unless you assume one of two things:
1 - Despite all the outrage on hackernews, and the NWT stories, our neighbours down the street and family members still don't know how Facebook works or what is done with their data
2 - They don't care about their data privacy. I've heard this claim many times, but the people saying it often change their minds when they read more news stories. I really do think people have trouble assuming the worst about the intentions of others and are inclined to be trusting.
edit: clarification
I think you hit the nail on the head. Even on HN, it's not uncommon to see a few comments on each negative story about facebook accusing the media of a conspiracy against Facebook; claiming that the media is wrongly maligning Facebook who is merely the unfortunate victim of a series of coincidental accidents.
They have trouble accepting that a tech corporation like facebook actually might be rotten.
There is a certain amount of anti-silicon valley sentiment in the media and as a result there are a lot of stories maligning tech companies in ways that aren't always fair. Especially when the media companies are campaigning for some kind of problematic legislation that the tech companies are on the other side of and so will take any excuse to try to make them look bad.
Then there's Facebook, about which nobody has time to write a story maligning them unfairly because there is never that long between any of the stories maligning them fairly.
Probably because they work for an evil tech corporation as well (this is HN, where SV techbros hang out, so the probability of that it pretty high) and want to ease their cognitive dissonance.
Its like that with skimming, lock picking, server security, infrastructure security, basically everything security related.
I'm pretty sure there are five year olds who have learned the magic phrase "I didn't mean to!"
edit - specifically, that mighty tome of great knowledge; 'Murphy's Law Book Two: More Reasons Why Things Go Wrong!', by Arthur Bloch.
"People don't care about a problem initially, then when it becomes graver they start to care"
So normal, expected behaviour?
There is no doubt that the public image about FB is significantly changing - a year from now things will not look better for Facebook then they are today, most likely worse I'd say. This is not something they can turn around anymore - the leadership is not making any learnings and repeats the same mistakes over and over again.
I'm going mental over the explosion of televisions in the last half decade which identify and report any content you watch on the TV by default, in exchange for 100-150 off the television (which was fluff to begin with... it's not a direct trade of $100 for your data).
I've set up about a dozen of these now for people and they just stare blankly while I try to explain what "Auto Content Recognition" means... Hello 1984.
And it's not just principles. The effects of Big Data are extremely tangible even if not to you in this particular time or space. Some feel the effects now, others will feel them later in life.
I'm worried my children or grandchildren could one day be denied healthcare or adequate education or loans or low insurance payments just because of my attitude towards my government and every other aspect of my lifestyle which gets swept up and analyzed by for-profit robot armies bent on achieving the Holy Margin.
Once the e-mail address is validated, is there any further need for a valid e-mail address to continue using FB?
Historical fact: Going back to the days when a university address was required, if the user created her Facebook account while at university and her e-mail address later expired when she graduated, FB did not disable the account.
Unless one wants to get notifications and other FB crud via email, AFAIK there is no need for a working e-mail address to use FB.
I wanted to create a FB account while giving as minimal data as possible. While it's possible to create an account using temporary emails / temporary phone numbers, FB eventually asks you to submit more details.
This includes clicking verification links, uploading your photo, providing phone numbers etc.
Even when I managed to do all these (using fake data), my accounts got disabled in few days.
PS: when I used my email id associated with my FB account deleted back in ~2012, I found out it wasn't deleted. FB asked me to recognize pictures of my friends. So I believe no detail that ever passes the event horizon of facebook can ever leave it.
I think this company is inherently bad from the top and everyone working there is enabling them. Sure, it pays well.
Problem is, most bigger companies do bad things. See VW and the emission scandal and I hope Winterkorn and other top managers goes to jail for that. Also I'm biased, for me Facebook and Instagram are pretty useless, the only useful product they have is Whatsapp...
How can you not mean to? It's one thing to say that, were it something tangible, like paper, "Sorry, mate. These pages snuck in with the others. Sorry about that. We'll pull it out. No worries."
Pulling contacts and uploading them is not a passive action but takes active action.
>and is now in the process of deleting them.
So, the question must then be asked: How do they differentiate the sources of contacts associated with an account, unless they're logging that, as well? If they're not logging that, then how are they, presumably, deleting those contacts?
Are we taking bets on Facebook being in the news again, in a months' or so time, for being found to not have deleted them? :)
Indeed. Expect the next headline to be, "Facebook 'unintentionally failed to delete' 1.5M people's contacts, which they'd previously unintentionally uploaded".
Action such as "accidentally" asking for email passwords. It is quite remarkable how these accidents line up just so.
Grammar-checking programs should be flagging any use of "accident", "accidentally", "unintended" and "unintentionally" whenever they appear in the same sentence as "Facebook" and are not within quotes.
They might want to overthink their motto 'Move fast and break things'.
It's my understanding that they used to do this entirely intentionally at one point via an "import contacts from mail" feature, then they dropped the feature and now when they added the "sign in with e-mail to verify your identity" feature someone reused the old code without being aware that it will also harvest the contacts and that they don't want that this time.
It's the opposite of "privacy by default", basically.
https://nordic.businessinsider.com/facebook-old-posts-mark-z...
Stop complaining, start taking responsibility.
So far as I can tell, this was Facebook exceeding authorized access to a computer system — at scale. If you or I did this, we’d be looking at felony charges.
For instance, if I had a friend whose job it was to design missiles that are used to bomb innocent people (Lockheed-Martin for instance) I would seriously reconsider my friendship with that person. Yes, it's "just their job" but choosing to have a job which requires having such warped ethics would make me reconsider whether I want to continue associating with them.
Nobody is forced to work at such companies. Yes, effectively all companies do things which we don't agree with on some level (unimaginably large amounts of tax avoidance being the most obvious example). But if a company's ethics are completely antithetical to your own, then I don't see how you could morally justify working for them.
(Obviously there are some understandable exceptions to the above -- the most obvious being that in the US employees are effectively blackmailed into working for their employer because they'll lose their heath insurance otherwise.)
I'm curious what part of the statement is important to you in making that decision though. Is it that LM is part of the military-industrial complex, full stop? That the weapons are used by the US military? That they are sold to and used by other governments? Would LM be acceptable if they created weapons that magically never harmed the innocent? What if they occasionally harmed the innocent but were always used by people with good intentions who were doing things you supported?
Never worked in that industry, just curious.
As for my personal view, it's fairly clear that Lockheed-Martin props up (through lobbying) and profits (through government contracts) from the US war machine -- which in turn has killed millions of innocent civilians. And then there's the contractors that Lockheed-Martin has provided to government agencies to further strengthen the surveillance tools of the NSA, CIA, FBI, and so on. So, I think Lockheed-Martin was a good example of a "clearly immoral" company.
EDIT: You changed your comment after I responded to it. I don't think the ethics of hypothetical magic missiles is a super useful conversation to have (changes in technology don't change our underlying ethics, they just change what ethical questions are being asked).
On the question about unintended consequences, obviously in wars you can't guarantee zero civilian casualties and innocent bloodshed is inevitable (though still unjustifiable). But the US is currently engaged in several illegal wars of aggression (which is a crime under international law) and clearly planning to engage in several more. Personally, I think the "unintended consequences are inevitable in war" defense isn't available to you if the war itself was illegal from the outset.
"Suppose you were bereft of morals, and suppose you were working at Facebook; but I repeat myself."
I see other comments talking about personal responsibility, but in the case of FB the notion of a company selling their data is too abstract to clearly understand the risks/consequences for many. Should we put no responsibility on corporations to act civilly or at least legally? Should one not have a personal responsibility to engage only with corporate entities that behave civilly/lawfully/etc? I really don't understand this mindset.
The BS you refer to is his creation, not some accidental thing that happened to occur in his company without his intention.
It takes extra work to upload those contacts, which means several managers and developers decided to do it and then spent time implementing it.
For the FB employees reading this: what is your tipping point? Would you say no to that assignment?
When FB stops giving them a check.
At least that has been my experience watching programmers at other companies. Unless ethically bound by regulation and law, few people seem to have ethics.
Or maybe their set of ethics simply differs from yours. It is very subjective after all
Methinks that was what the OP was asking -- what is the tipping point ? Having differing ethics is fine but one can't just lean on that as a crutch when one has none.
> Facebook told Gizmodo via email that in May 2016 it made a revision to the registration process, which originally asked the affected users for permission to upload contact lists. That change removed the opt-in prompt, though the company did not realize the underlying functionality was still operating in some cases.
It doesn't take a conspiracy to understand how a bug like that could happen.
It is difficult to get a man to understand something, when his salary depends on his not understanding it.
-- Upton Sinclair
"Mark Zuckerberg Promises That Misuse Of Facebook User Data Will Happen Again And Again" https://www.theonion.com/mark-zuckerberg-promises-that-misus...
"Facebook Employees Explain Daily Struggle Of Trying To Care About Company's Unethical Practices When Gig So Cushy" https://www.theonion.com/facebook-employees-explain-daily-st...
"Cash-Strapped Zuckerberg Forced To Sell 11 Million Facebook Users" https://www.theonion.com/cash-strapped-zuckerberg-forced-to-...
"New Facebook Feature Allows User To Cancel Account. ... The company later confirmed that account closures would not stop Facebook from continuing to acquire, permanently store, and sell all information about its current and former users until the day they die." https://www.theonion.com/new-facebook-feature-allows-user-to...
When every public-facing thing you build is centered on hoovering up data, you're going to have two broad classes of errors. Hoovering up too little data, which doesn't hit the news, and hoovering up too much, which does.
That said, when your "errors" directly line your pockets, you're not entitled to the benefit of the doubt.
That’s the initial asshole maneuver. There’s no excuse for Facebook to need that. Period.
2. CollectUserContacts(email, username, password);
It’s pretty hard for me to imagine that there’s some other function that just happens to coincide with accessing different email servers and collect past emails to collect the email addresses.
It was deliberate because of the work involved. The only investigators that think it’s accidental probably believe the internet is a small black box guarded by the “Internet wizards”.
> A Facebook spokesperson also told Gizmodo that a screenshot of the original opt-in prompt was not available.
I'm not a conspiracy theorist but if you're trying to claim you cannot capture a screenshot from any release meant to be shipped out, either you're crap at release management or are full of shit. Which one is it?
Also, even if we were to suspend logic and belive this was a bug, what's FB doing to correct it? Are they deleting all uploaded contacts and going to request for consent again?
FB is a cesspit. Get out of the company if you work there and get out of the platform in any case.
That doesn't strike me as especially unlikely, especially for a specific branch of the app codebase that would likely only operate with a huge number of other co-dependent codebases for backend systems that no longer exist.
With six months to recover code and build a non-live environment with all the dependencies could it be done? Sure. But that's not really within the scope of a journalist request.
At some point, it goes from "the occasional bug" to negligence at best, and hostility at worst.
There is a good chance that they didn’t know how their work would eventually be used. That’s the problem with big companies. Most people are far away from seeing the consequences of their work.
- developer A is tasked to create the prompt to ask for username and password of the email account
- developer B is tasked to call some API to upload contacts from email account
- developer C is tasked to bind two functionalities.
Now replace developers with teams and you see how simple is for the average developer to underestimate the scope and the ethical bounds of a given task.
It's not news at this point to anyone working at FB what their leadership is engaged in, and what their work is being used to accomplish.
Perhaps several years ago you could claim some kind of ignorance.
That's no longer the case. You know who you work for. Own it.
Even at this point, you’re not getting a mass exodus of workers from Facebook. Those in there are choosing to be there at this point. Koolaid or not.
But you are right, scope creep in the “unethical” aspects and it can suddenly be “no one’s fault”. That isn’t a bad plan.
Indeed.
You’re getting paid 2x market salary (“market” here being non-Facebook and non-Google, which isn’t any better) and delivering services to people who voluntarily sign up ro them... I mean there are worse jobs in the world.
“That’s a really dick of an idea and I’m pretty sure it’s illegal. Exactly how illegal, I’m not sure. But I know illegal to some degree.”
“You live in a shit apartment because housing prices are stupid and makes your salary meaningless in this town. Here’s a wheelbarrow full of hundreds and we all agree it was an accident.”
“When do you need it by?”
Nobody will test this? No developer in team C will consider what they're doing?
return true;
Return true is tested to still work.
But seriously. There’s no accident in what happened. This is Facebook. Anyone who thinks Facebook isn’t morally corrupt probably also says “What do you mean Stalin wasn’t a pacifist?”
Unfortunately, this ha-ha-only-serious joke is least several decades old.
Not really. Facebook is a bunch of autonomous services (registration, access, tracking, activities, etc.) accessing shared databases (chat logs, activities, media uploads, etc.) with some kind of automatic implicit and explicit ACL in place. The suggestion/contact service got access to data provided through the email-not-working-with-oauth-so-let-us-use-automatic-token-delivery-and-confirmation-by-accessing-user-emails because it was told a new source of contacts were available for those users. So, not a straight path.
Accident/Blunder > Evil.
Now. GDPR ? GDPR. And because of GDPR those things aren't supposed to happen in Europe.
As long as you don't see the evil being literally done ie in form or row of inmates being sent to gas chambers, there are almost endless ways to persuade yourself that all is actually OK and fine.
I have an open ended question aimed mainly towards founders. Would you have any issues in hiring a candidate with Facebook on their resume?
It also takes extra work to ask consent. You build it. You don't notice that your confirmation screen fails to trigger. You've just unintentionally uploaded a bunch of data without consent, when your intention was to do it with consent.
It's still pretty darn negligent, but it's easy to see how it could be done unintentionally.
Because there's a difference between "we screwed up and obtained this" and "we screwed up, obtained this, then used it. Hope our use didn't result in any problems for you."
And that, including me not paying attention, is how all my e-mail contacts got an email from facebook where I invited them to FB. That wasn't the intent!
Also sad is the fact that BlackBerry already had a fine-grained permissions systems pre-iPhone days, but it took iPhone and Android many many versions and years before they built such privacy controls (but yeah "We care about our costumer's privacy" - Apple). And Google didn't even care about privacy back then I remember the Google Maps app for BlackBerry just prompts you "Please give us all the permissions we want or this app will just exit now." on startup, when you've denied it a permission or two.
It turns out that some people genuinely are forgetful enough that if they told their iPhone Bob's number, email address and shoe size in 2016 and then in 2019 their phone finds out that phone number is registered for Signal, they will conclude that the phone must have learned Bob's details from Signal, which in turn stole them from Bob as part of some nefarious plan.
You can't do anything about this, it's like the Spam problem. If you send ten million very, very useful emails that are genuinely valued by every human recipient, hundreds of them will be flagged "spam" because Humans aren't very good at this sort of thing. They press the wrong button or they've been using "mark as spam" because they thought it's "mark as read" or they meant to mark the one below it, or above it.
I remember signing up for facebook when I was in high school, and I probably would've provided my email password if facebook asked for it...as an adult now I wouldn't provide my email password to anyone, of course.
I myself have had trouble figuring out whether certain dialogs were OAuth dialogs or just skimming my password, and I've been in web software for 20 years. A layperson has no chance.
My mother, for example, does not really understand that websites are run by individual entities. There's one "internet" and all websites are kind of like a strip mall under general management, so in her mind if one page on facebook askes for a password to read my email, how is that any different than reading my email on on the yahooo page. All she knows is Facebook, an "official" website asked for a password.
It's incredible that the banks tolerated this service even though they told their customers to not to give their credentials to a 3rd party. Or not just banks, how about the German Federal Office for Information Security.
I wish the bank would just block accounts who they detect used the service with an error like "We think your credentials have been compromised" (then again the stupid customer will think it's the bank who got breached). Or give them a fine of e.g. 100 Euro for breaching their user agreement. Then again, this would lose them so many pissed-off customers.
P.S. As you seem to be a non-native English speaker, the word you wanted to use was "scrapes" not "scraps".
This is almost non-existend for personal banking. First and only case by now I’ve encountered was in Czechia:
https://www.fio.cz/bank-services/internetbanking-api
If that’s security, I no longer want to be secure.
If this is done in favor of the current government, then they probably won't mind.
If you're thinking Facebook is getting away with it, you're wrong.
Of course, they're mainly getting fined; if that isn't harsh enough punishment then I don't know what to do next, that's dangerous territory.
Another (which is merely me reading the law and therefore probably doesn’t mean what I think it does) is prison time and equipment seizure if a business engages in copyright infringement commercially.
Split the business into smaller, independent ones. We've seen this before. There's enough services hiding inside FB that treating them like a monopoly is not a terrible idea.
1.) The US FTC really needs to update its working definition of a monopoly. “Consumer welfare” is normally shown via price and since free services are always free, it’s a tough thing to argue.
2.) Facebook owns about 70% of the social networking space, and Google and Facebook have a virtual lock on online advertising. Moreover, through its share buttons, Facebook has created a web full of data gathering - the sheer amount of information they have makes them very hard to compete against. Add in some regulatory issues in the Instagram and Whatsapp regulations and there’s an image of a company that’s just about impossible to compete against and that has used its clout to bring net harm to consumers.
Facebook faces a small punishment or perhaps a public rebuke from some politician, someone from the company makes some lame statement about how they’re committed to do better, and then within two weeks another story comes out that demonstrates they don’t give a shit about their users.
Facebook has thumbed its nose at every single attempt to rein it in. The next steps are dangerous territory, but only for companies that behave in tremendously antisocial ways. It would be a net win for the rest of us.
> A quick Google indicates Facebook may end up paying 1.6 billion to the EU.
A slap on the wrist, Facebook had 8 billion in revenue Q1 2019. But first let's see if they actually end up paying that.
It's just like how banks change after receiving massive fines for their role in the crisis, money laundering, transacting to sanctioned countries (they don't really, aside from some minor internal processes to prevent the exact same thing from happening again).
This practice opens up a significant potential for abuse and should be illegal.
Your online banking is known to be verified, therefore another company can piggyback on that verification.