Facebook and Cambridge Analytica

In the wake of the Cambridge Analytica scandal, news articles and commentators have focused on what Facebook knows about us. A lot, it turns out. It collects data from our posts, our likes, our photos, things we type and delete without posting, and things we do while not on Facebook and even when we're offline. It buys data about us from others. And it can infer even more: our sexual orientation, political beliefs, relationship status, drug use, and other personality traits -- even if we didn't take the personality test that Cambridge Analytica developed.

But for every article about Facebook's creepy stalker behavior, thousands of other companies are breathing a collective sigh of relief that it's Facebook and not them in the spotlight. Because while Facebook is one of the biggest players in this space, there are thousands of other companies that spy on and manipulate us for profit.

Harvard Business School professor Shoshana Zuboff calls it "surveillance capitalism." And as creepy as Facebook is turning out to be, the entire industry is far creepier. It has existed in secret far too long, and it's up to lawmakers to force these companies into the public spotlight, where we can all decide if this is how we want society to operate and -- if not -- what to do about it.

There are 2,500 to 4,000 data brokers in the United States whose business is buying and selling our personal data. Last year, Equifax was in the news when hackers stole personal information on 150 million people, including Social Security numbers, birth dates, addresses, and driver's license numbers.

You certainly didn't give it permission to collect any of that information. Equifax is one of those thousands of data brokers, most of them you've never heard of, selling your personal information without your knowledge or consent to pretty much anyone who will pay for it.

Surveillance capitalism takes this one step further. Companies like Facebook and Google offer you free services in exchange for your data. Google's surveillance isn't in the news, but it's startlingly intimate. We never lie to our search engines. Our interests and curiosities, hopes and fears, desires and sexual proclivities, are all collected and saved. Add to that the websites we visit that Google tracks through its advertising network, our Gmail accounts, our movements via Google Maps, and what it can collect from our smartphones.

That phone is probably the most intimate surveillance device ever invented. It tracks our location continuously, so it knows where we live, where we work, and where we spend our time. It's the first and last thing we check in a day, so it knows when we wake up and when we go to sleep. We all have one, so it knows who we sleep with. Uber used just some of that information to detect one-night stands; your smartphone provider and any app you allow to collect location data knows a lot more.

Surveillance capitalism drives much of the internet. It's behind most of the "free" services, and many of the paid ones as well. Its goal is psychological manipulation, in the form of personalized advertising to persuade you to buy something or do something, like vote for a candidate. And while the individualized profile-driven manipulation exposed by Cambridge Analytica feels abhorrent, it's really no different from what every company wants in the end. This is why all your personal information is collected, and this is why it is so valuable. Companies that can understand it can use it against you.

None of this is new. The media has been reporting on surveillance capitalism for years. In 2015, I wrote a book about it. Back in 2010, the Wall Street Journal published an award-winning two-year series about how people are tracked both online and offline, titled "What They Know."

Surveillance capitalism is deeply embedded in our increasingly computerized society, and if the extent of it came to light there would be broad demands for limits and regulation. But because this industry can largely operate in secret, only occasionally exposed after a data breach or investigative report, we remain mostly ignorant of its reach.

This might change soon. In 2016, the European Union passed the comprehensive General Data Protection Regulation, or GDPR. The details of the law are far too complex to explain here, but some of the things it mandates are that personal data of EU citizens can only be collected and saved for "specific, explicit, and legitimate purposes," and only with explicit consent of the user. Consent can't be buried in the terms and conditions, nor can it be assumed unless the user opts in. This law will take effect in May, and companies worldwide are bracing for its enforcement.

Because pretty much all surveillance capitalism companies collect data on Europeans, this will expose the industry like nothing else. Here's just one example. In preparation for this law, PayPal quietly published a list of over 600 companies it might share your personal data with. What will it be like when every company has to publish this sort of information, and explicitly explain how it's using your personal data? We're about to find out.

In the wake of this scandal, even Mark Zuckerberg said that his industry probably should be regulated, although he's certainly not wishing for the sorts of comprehensive regulation the GDPR is bringing to Europe.

He's right. Surveillance capitalism has operated without constraints for far too long. And advances in both big data analysis and artificial intelligence will make tomorrow's applications far creepier than today's. Regulation is the only answer.

The first step to any regulation is transparency. Who has our data? Is it accurate? What are they doing with it? Who are they selling it to? How are they securing it? Can we delete it? I don't see any hope of Congress passing a GDPR-like data protection law anytime soon, but it's not too far-fetched to demand laws requiring these companies to be more transparent in what they're doing.

One of the responses to the Cambridge Analytica scandal is that people are deleting their Facebook accounts. It's hard to do right, and doesn't do anything about the data that Facebook collects about people who don't use Facebook. But it's a start. The market can put pressure on these companies to reduce their spying on us, but it can only do that if we force the industry out of its secret shadows.

This essay previously appeared on CNN.com.

EDITED TO ADD (4/2): Slashdot thread.

Posted on March 29, 2018 at 3:50 PM • 68 Comments

Comments

Ed BearMarch 29, 2018 4:57 PM

One thing that might help is holding shareholders criminally responsible for criminal acts performed by their property.

Right now the usual corporate response is "I talked to the dog and he's sorry and won't do it again. Besides, the toddler was trespassing." and go on their merry way.

justinacolmenaMarch 29, 2018 5:36 PM

But for every article about Facebook's creepy stalker behavior, thousands of other companies are breathing a collective sigh of relief that it's Facebook and not them in the spotlight. Because while Facebook is one of the biggest players in this space, there are thousands of other companies that spy on and manipulate us for profit.

"Creepy stalker behavior" — yes, I suppose it is necessary to condescend to Facebook users and talk to them in their language — otherwise, here's the thing: those thousands of other companies are relieved that they are allowed to continue using that data which they paid Facebook handsomely for, and the whole situation is moving toward the corporatist // statist fascism which Italy was known for in the Great Depression and World War II era.

Wall Street sells FB as a "growth stock" at $159.79/share (today's close) which is 29.6 times $5.39 reported earnings per share for all of last year. I hate to say it, but Mark Zuckerberg has reached adulthood, and is no longer a "growing boy." Facebook has no room to "grow" anymore — "everybody" is on Facebook; it has saturated its market. The youngsters on Facebook are spending all money they are going to spend, and those who have more money are too busy for Facebook.

You cannot realistically expect that many more users to get on Facebook who aren't already; and you cannot expect people to spend that much more money than they already are as a result of their use of Facebook. There is no free lunch, and you can only make so much money off some random airhead teenage girl sitting in front of her computer.

Facebook has never paid a dividend. A trickle of share repurchases starting 2017 represented the first money ever to be returned to investors since it went public in 2012, but Forbes is not really impressed with the concept of buybacks.

https://www.forbes.com/sites/investor/2017/07/24/stock-buybacks-the-greatest-deception/

Bachir BenyammiMarch 29, 2018 5:46 PM

While hoping to see more regulations similar or complementary to GDPR worldwide, the logical solution for an individual is not to rely on companies that offer a wide range of products and services to host and manage his data - either freely or not - but to pick different providers for different services - kind of not putting all the eggs in one basket - such as the ones advocates for the protection of users’ privacy (e.g. PrivacyTools).
While this solution might be easy to be employed for an individual, it is not evident at all - in my mind - for businesses to do the same.

TrevorMarch 29, 2018 5:59 PM

"Who has our data?"
Once it leaves our hand, it's not ours anymore. It's theirs.

DentonMarch 29, 2018 6:05 PM

What remains unmentioned in this specific article is the relationship between these kinds of companies and intelligence agencies. How much do you think attempts to regulate data collection will be hampered by powerful agencies that want this to continue so they can siphon it off for their own usage?

Rui GoncalvesMarch 29, 2018 6:11 PM

[...] but some of the things it mandates are that personal data of EU citizens can only be collected and saved for "specific, explicit, and legitimate purposes," and only with explicit consent of the user.

The last part (about the need for consent) is not true. There are many other legal basis for processing the data, including "legitimate interests", which companies may use to "justify" the processing of data for ads, for example.

When I see a list like the one from PayPal, it makes me even more inclined to think that GDPR will do very little to protect people from tracking by large corporations.

neillMarch 29, 2018 6:34 PM

what if we just generate data - to feed the 'data kraken'?

we can not stop the data collection anymore, we can not delete what already has been collected, but we can generate data that we want to be 'out there' about us, that makes us look smart, wealthy, generous, successful etc - whatever we'd like!

Put N. TameMarch 29, 2018 7:48 PM

"The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public."

https://www.ftc.gov/news-events/press-releases/2011/11/facebook-settles-ftc-charges-it-deceived-consumers-failing-keep

That was in 2011. Then the FTC simply went away. Now they are scheduling a hearing. I guess the agreement will be updated.

Rinse repeat.


I don't recall even one noteworthy federal politician who has criticized Facebook. It could be fat donations have something to do with it.

I can't put the right words on this situation which is so prevalent in the federal government anymore. Is it corruption, incompetence, arrogance, criminal conduct, laziness?

I don't know. But, I do know it stinks.

65535March 29, 2018 9:14 PM

I agree with what Bruce S. is driving at: “Regulation is the only answer.” But this far into the future. What do we do in the present time. Here are some small solutions.

The biggest data collector:

“…[mobile] phone is probably the most intimate surveillance device ever invented. It tracks our location continuously, so it knows where we live, where we work, and where we spend our time. It's the first and last thing we check in a day, so it knows when we wake up and when we go to sleep… your smartphone provider and any app you allow to collect location data knows a lot more.”- Brice S.

Yes, and it gives your data directly to not only “Equidox” but also to your local police and down to private investigators and so on.

“We all have one [smart phone]."Bruce S.

Not all of us.

And, for those who do I try my best to limit the data spillage.

At home I use a steel pot to keep out neighbors kids from spying [a dual purpose faraday gage]. In the car I put my dumb phone in a RF bag. I don’t use a phone that one cannot remove the battery. I don’t need shiny bling like the Samsung Galaxy S7.

I Don’t have a FaceCrook account nor a pintrest account.

The way I look at it every “free thing” is a way of spreading disinformation. I am sure all of you can think of ways to do so. Turn a spy device or platform to a good purpose.

Excuse all of the mistakes. I am not at my best.

tyrMarch 29, 2018 9:16 PM


I just watched a UK commision questioning
Christopher Wylie who used to be with
Cambridge Analytica.

He is a gift that just keeps on giving as
he links them and the parent company to
massive election tinkering used to place
people in power who then collude with
corporations who have interests in the
looting of those countries resources.
Once you start down the rabbit hole of this
you are deep in Alice in Wonderland areas.

The links to FSB via a company who does
work for NATO. Nigerian president links
to various corporate looters. Working to
exert influence on the Brexit referendum.
The list goes on and on.

None of this is transparent to people who
are being datamined and targeted by this.

This crap isn't just Facebook, it is a
deep pool of data mining and massaging
that is invisible due to the nature of
globalization. Until someone makes it
explicit. But even then you only get a
view from their personal involvement in it.

In the background I imagine the politicos
and their croneys starting to scatter like
rabbits who have seen a hawk shadow. I'm
not sure that they will do anything except
make soothing noises about the extent until
someone holds their feet to the fire over
it.

I liked his hair as well.

@Clive

I'm sure your take on this will be worth a
reading. : ^ )

65535March 29, 2018 11:53 PM

Bruce S. brought phones so I‘ll mention an tangential situation with cell Phones, banking and Biometrics ID, trigger happy cops & possible a deadly crime.

“Since 2016, when an FBI agent first used a dead suspect's finger to unlock his phone, police forces across the USA have made a routine practice of unlocking phones using suspects and victims' dead fingers, saving big on buying cyberwar tools like Cellebrite's $1500-$3000 unlocker, or Grayshift's $30k/year Graykey.”- boingboing

https://boingboing.net/2018/03/27/no-privacy-in-death.html

It’s remote but possible a cop may think you are a drug dealer, shoot you and use your dead finger or face to unlock your phone in hopes of finding some remote evidence you were a drug dealer. That is unlikely.

But, criminals could do the same in hopes of gaining your banking credentials to empty your bank account. This may or may not work but could be a lucrative gamble. Soon or later this or any per mutation of the crime will probably happen. Beware of using finger prints or facial recognition to unlock your cell phone if you bank via your cell phone.

Excuse all of the mistakes.


Clive RobinsonMarch 30, 2018 1:09 AM

@ 65535,

It’s remote but possible a cop may think you are a drug dealer, shoot you and use your dead finger or face to unlock your phone in hopes of finding some remote evidence you were a drug dealer. That is unlikely.

Is it actually that unkikely?

Because of the US practice of plea barganing the whole "blue culture" has been alowed to keep growing. In the UK it was called the "Canteen culture" and arose for similar reasons but there were various attempts to curb it's excesses. The "culture" is a very "Them,-v- Us" tribal mentality and it's quite poisonous.

Put simply when a police officer does something wrong, the ranks close from bottom to top. And almost the first thing they do is look for anything to make their victim look bad... After all "defending themselves and society" is what their primary mission is supposedly about (though a court case in the UK made it clear that defending society was not actually a legal requirment...).

Now take a look at the current number of prisoners in a country as a fraction of the population. In the UK not so long ago it was one person in a thousand, with plans to build "Super Max Private Prisons". When you factor in a few other things like the length of the prison terms and parol times you learn that in some countries the number of criminals is rising not falling as it is in other countries.

It turns out that it is not to difficult to see a correlation between political grandstanding and the degree to which a countries guard labour can "get away" with their own criminal behaviour...

But there are other factors to consider. Perhaps worse the more prison cells a country builds with public money the more criminals they have as a result and the more it costs the citizens in their taxes.

Keeping prisoners is an expensive activity but it has side effects that have a baring on the "blue culture".

The way to fill prison cells is to lower the bar on the type of crime that earns custodial sentencing. Thus you get the political mantra of "keeping them away from society" for politicians to use. However what it actually does is lower standards across the board which means the number of mistakes goes up.

Those mistakes include "working the system" where criminals often violent and real dangers to society get out long before they should do as the checks get minimised to keep up with the vastly increased work load. And as the rehabilitation element is virtually non existant these days such prisoners are potentialy more dangerous than ever...

Thus the argument that gets put forward from the bottom to the top of guard labour that they need more resources. Which drives the "Them -v- Us" thinking process which excuses much that it should not in the name of "The greater good".

Then of course there is a newer preasure to be added of the "Private Prison" corps. They want low risk prisoners to have long prison terms as that is where the profit is. What they do not want is the type of criminal that should be on long prison terms as they represent both high cost and high risk thus little or no profit. In the US there have been cases where it has been found that those who decide the prison terms or who have input to the process have been "courted" by the private prison companies in various ways (what once used to be called giving a bribe).

Thus it becomes easier to see why what at first sight appears "unlikely" is realy not as unlikely as many might assume...

Clive RobinsonMarch 30, 2018 1:44 AM

@ Bruce,

A thought to ponder,

That phone is probably the most intimate surveillance device ever invented.

That is how short a time it has been for the word "mobile" to be dropped?

Back in the 1960's and 70's having a fixed line or "Plain Old Telephone Service" (POTs) in your home marked you out as upoer middle class or better, and was seen as a status symbol.

During the 1980's and 90's "Mobile Phones" were without doubt status symbols to be displayed ostentatiously, people would put them on tables during meetings, in the same way some would "shoot their cuffs".

I can remember walking into a --yuppie-- wine bar in the City of London and a Nokia mobile rang and seeing oh so many hands "reach" for their pockets, it was like being in a film version of a Wild West Saloon in Dodge City.

Now, having the Internet at home, nolonger requires a POTS landline phone, so having a landline in your home is becoming a status symbol yet again... Even business adverts you hear on the radio are pointing out how important a land line phone is to a small businesses credability in consumers minds...

As for the mobile, well you only have to look at the "cheap bling" accessories you can buy to realise just how little status the mobile has today.

Perhaps it's time for people to take the new "status" option and ditch the mobile and go back to landlines secretaries and pagers ;-)

WinterMarch 30, 2018 4:18 AM

@Clive
"Perhaps worse the more prison cells a country builds with public money the more criminals they have as a result and the more it costs the citizens in their taxes."

Which means that the people of Western Europe sans UK are quite well off. The usual suspects (Scandinavia et al) have close to only a third of the incarceration rate of the UK (10% of the USA). And the numbers are falling.

http://www.prisonstudies.org/highest-to-lowest/prison_population_rate?field_region_taxonomy_tid=14

I must say that the situation in the UK surprises me. It has incarceration rates like in Eastern Europe, much higher than, eg, Ireland.

echoMarch 30, 2018 4:32 AM

I wonder if there is a market for secure remotely stored encrypted covert survellience such as can be provided by devices like smartphones. It would be very handy for instances of workplace bullying or professional misconduct. This would turn the Facebook and Cambridge Analytica story on its head not to mention put the wind up a few puffed up job titles.

Wesley ParishMarch 30, 2018 5:03 AM

I think I've said it before, and so I will say it again: these companies' wealth is based on other people's data. They are only the custodians of these data, for the very simple reason that if fir example, you take out a hire purchase and you move without telling them, they have an almighty hissy fit. If they owned the data of your location, they would merely throw in alt-data and have done with it.

So they are custodians of your data, which they then trade in. Without informing you of that fact.

I think if they could be charged about 10 cents in the dollar for every time they use your data without your consent, to be paid within the month of such use, with compounding interest at 5 per cent charged on each day over that month that they do not pay you, they would soon see the light.

How long would it take for Facebook to be bulldozed and Zuckerburg to be classified as a beggar, if that was enacted on Facebook and all its concerns?

AlanSMarch 30, 2018 8:37 AM

The idea of "Surveillance Capitalism" is a cop-out. It nicely avoids of the fact that if we got rid of capitalism and replaced it with a socialist 'utopia' there would still be surveillance and it might not be more benign. Ask yourself, what would a socialist and non-capitalist government look like? Can you imagine such a thing? How would it govern?

Surveillance is a fundamental feature of the Enlightenment. When you give up on magic and religion what do you do? You collect and analyze data. You do this to understand the natural world and to govern human populations. There are enormous upsides to the age of reason but there is also a dark side that numerous philosophers, intellectuals and authors have agnonized over from the beginning. All that's new is the steady intensification enabled by the constant advance of technology. There's ever more data and ever power to analyze it. But instrumental reason as a value and end itself goes nowhere good. Without an ethics and a sense of value that exists outside instrumental reason, we are its victims.

For earlier comment on this see my 2014 comment in response to Bruce's Fearing Google blog post. I think Harcourt's writings on this are some of the interesting e.g. Exposed: Desire and Disobedience in the Digital Age. I also came across this essay from January 2015 the other day which is also an interesting read: William Davis, The Data Sublime.

WinterMarch 30, 2018 8:55 AM

" It nicely avoids of the fact that if we got rid of capitalism and replaced it with a socialist 'utopia' there would still be surveillance and it might not be more benign."

This is a rather stupid comment. We do not have to chose between US Corporatism and Stalinism, as you suggest. There are many more options.

The most important includes honnoring human rights and simply outlaw surveillance without effective oversight.

Strange that we hardly never seem to be given this choice by commenters from the USA.

The EU GDPR might turn out to be a step in the right direction. However, it is not clear yet whether "privacy" is the correct handle to keep unwanted intrusions in our lives in check. In most cases, the big companies do not need to know our identity to manipulate us with our own data.

Mike GerwitzMarch 30, 2018 9:22 AM

> That phone is probably the most intimate surveillance device ever invented. It tracks our location continuously, so it knows where we live, where we work, and where we spend our time.

It's important to understand that the phone itself is doing no such tracking. For example: Cell towers know our location, but the phone can be removed from the network (be it "airplane mode" if trusted; hardware switch if available; or in a suitable case/bag) and radio enabled when in a safe location. GPS tracking and other location services are because the _software_ cannot be trusted---GPS itself only broadcasts and has no idea who is using the network. Tracking using beacons or Wifi and such are also software issues with mitigations.

This distinction doesn't matter for most users, but it's important to recognize when considering mitigations and future direction.

VinnyGMarch 30, 2018 9:49 AM

@Clive re "Punishment and Crime" industry - very nicely developed - imo there could be a good novel in there (albeit not one that would be popular with the guardista guilds...)

vinnyGMarch 30, 2018 9:53 AM

@Alan S re "Surveillance Capitalism" - I agree that the term tends to imply certain debatable premises. Perhaps "Surveillance Economy" would be preferable?

AlanSMarch 30, 2018 10:10 AM

@Winter

We do not have to chose between US Corporatism and Stalinism, as you suggest. There are many more options.

I suggested no such thing. You miss the point of my post.

The most important includes honnoring human rights and simply outlaw surveillance without effective oversight.

Easy as pie. You can't get there when human values are constantly subjugated to instrumental rationality. Read Discipline and Punish. It's a history of reform, "honoring human rights" through surveillance and reason.

And for the record, I'm a British.

Clive RobinsonMarch 30, 2018 12:53 PM

@ Winter,

I must say that the situation in the UK surprises me.

Come and live in most sities outside of southern England for six months and I assure you the supprise will be gone (@echo might have something to say on the matter)

The simple fact is the UK has supposadly the fifth best economy in the world... However the reality is the majority in the UK are realy poorly paid with incomes below 14,000GBP (~20,000USD) due to "zero hours contracts" that have hidden zero pay on call / waiting hours and other tricks like having a delivery or care job where you have to supply the vehical and the milage rate does not even meet actuall expenditure in petrol let alone anything else.

The number of families that are below the real poverty line --not the UK Gov fiddle-- is running at over 50% in many city areas where rents are disproportionately high and keep rising. You only have to look at the numbers visiting food banks to see that things are very wrong. Likewise the reports from schools where pupils have not eaten since their last school meal the day before (some children get "free school meals" but they are not sufficient to live on).

Thus petty crime like shoplifting a can of baked beans or similar is not unknown by the desperate, and for some reason it is these often single parents that the Courts are used to persecute. Almost certainly on instructions from the current political encumbrants that are also doing everything they can to destroy the wealfare state that large employers have effectivly pushed people onto whilst "Austerity" has been in place, yet the senior managment have all been taking double digit percentage pay rises...

The reason many UK employers want Brexit is to carry on with the same policy. The point is that they appear to have forgotten that a large percentage of those who buy their products are also workers for them and similar companies so it's all rather self defeating...

echoMarch 30, 2018 2:17 PM

The Register covers UK politicians hypocrisy over data collection. This article also mentions Cambridge Analytica and issues with the legislative process.

http://www.theregister.co.uk/2018/03/30/politicians_pecr_data_protection_facebook_ico/
So politicians opining on the importance of data protection, people's right to privacy, their right to know what happens with their data, doesn't chime when the parties they represent are so willing to flout the rules when it suits them.

VMarch 30, 2018 3:09 PM

This is why it is critical to obfuscate, mislead, & lie early and often online.

(Full disclosure: My real name is not "V".)

Clive RobinsonMarch 30, 2018 4:42 PM

@ echo,

I have a lot to say! (Too much at times.)

A chance to air the old movie line of,

    You are not alone

;-)

65535March 30, 2018 5:05 PM

@ Clive Robinson

“Is it actually that unkikely?”

I don’t really know. I suppose it could happen. Now, proving it would be difficult.

“The way to fill prison cells is to lower the bar on the type of crime that earns custodial sentencing. Thus you get the political mantra of "keeping them away from society" for politicians to use.”

That is much more likely. It probably has happened over time. That is something to ponder.

just the facts, ma'amMarch 30, 2018 5:39 PM

@ Clive Robinson, Winter,

The simple fact is the UK has supposadly the fifth best economy in the world...

As Theresa May would have it, "bigger means bigger."

The UK became the sixth largest economy in the world by nominal GDP after the democratic vote for Brexit.

However the reality is the majority in the UK are realy poorly paid with incomes below 14,000GBP (~20,000USD) due to "zero hours contracts"

According to the HMRC[2], median total personal income for individuals liable to income tax was £23,200 before tax and £20,800 after tax in 2015–2016.

On the other hand, the most recent ONS data[3][4] indicates the median disposable household income (including, pensioners and others who don't work) is £27,300 and the average household size is 2.4. This works out to a median disposable income of £11,375 per person including any underage children, or £13,650 per person assuming two adults per household. (The inclusion of a figure for median disposable personal income would have been helpful.)

What is the source for your implausible figure?

The number of families that are below the real poverty line --not the UK Gov fiddle-- is running at over 50% in many city areas where rents are disproportionately high and keep rising.

According to the latest DWP data[5], relative poverty rates (income below 60% of the median) were 16% resp. 22% before resp. after housing costs.

As an example, according to Trust for London's Poverty Profile 2017[6], 27% of people live in poverty after housing costs, down from 29% in 2011.

What are the many UK cities where more than half the families live in poverty?

Thus petty crime like shoplifting a can of baked beans or similar is not unknown by the desperate

Theft from a shop (shoplifting) explains less than 15% of the UK prison population according to [7].

Your comment doesn't even begin to explain what @Winter observed.

[1] https://en.wikipedia.org/wiki/List_of_countries_by_GDP_(nominal)
[2] https://www.gov.uk/government/statistics/percentile-points-for-total-income-before-and-after-tax-1992-to-2011
[3] https://www.ons.gov.uk/peoplepopulationandcommunity/personalandhouseholdfinances/incomeandwealth/bulletins/householddisposableincomeandinequality/financialyearending2017
[4] https://www.ons.gov.uk/peoplepopulationandcommunity/birthsdeathsandmarriages/families/bulletins/familiesandhouseholds/2017
[5] https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/691917/households-below-average-income-1994-1995-2016-2017.pdf
[6] https://www.trustforlondon.org.uk/publications/londons-poverty-profile-2017/
[7] http://researchbriefings.files.parliament.uk/documents/SN04334/SN04334.pdf

Harry ShearerMarch 30, 2018 7:34 PM

A previous commenter wrote: "Ask yourself, what would a socialist and non-capitalist government look like? Can you imagine such a thing?"

Answer: It would look like Finland, or Sweden, or Norway, which coincidentally end up in the top 5 or 10 of almost every international index of citizens' well-being. Ask yourself why you don't know that.

just the facts, ma'amMarch 30, 2018 8:58 PM

@ Harry Shearer,

Ask yourself why you don't know that.

Because it's not true that Finland, Norway, and Sweden follow a socialist and non-capitalist model. You may want to ask yourself why you didn't know that.

Besides, the World Happiness Report[1], the Human Development Index[2], the Social Progress Index[3], the OECD Better Life Index[4], etc. show that the Nordic model[5] (which, I'll add, is quite different from one country to the next) is no way a prerequisite for citizens' well-being.

[1] https://en.wikipedia.org/wiki/World_Happiness_Report
[2] https://en.wikipedia.org/wiki/Human_Development_Index
[3] https://en.wikipedia.org/wiki/Social_Progress_Index
[4] https://en.wikipedia.org/wiki/OECD_Better_Life_Index
[5] https://en.wikipedia.org/wiki/Nordic_model

MIHMarch 31, 2018 2:56 AM

"We never lie to our search engines."

This is the part because of which all the marketing companies target their customers using services of peesonal data brokers derived from social networks with the will and consent of social media owners.

It is the same way, the way, i just filled in the form where my name and email were required to post my comment :)

AndersMarch 31, 2018 8:40 AM

http://www.thejakartapost.com/life/2018/03/31/facebook-gets-thumbs-down-for-handling-of-data-scandal.html


"Muzard was even more damning.

Zuckerberg was smart enough to hold up his hands up and try to offload some of the responsibility onto the researcher Aleksandr Kogan and Cambridge Analytica. Yet pleading naivety and saying that they never thought the data would be used to swing elections is very problematic.

"It is just not credible for a company as smart as Facebook to say that," she said.

"If we are to believe that it means that Zuckerberg has created a monster that he cannot control, like Frankenstein. And if we don't swallow that, it implies is that he may be lying," she added."

fooMarch 31, 2018 9:12 AM

I find it interesting that much of the media coverage refers to the users as Facebook's customers. Can you be a customer if you're the thing generating what they sell? I'm don't think dairy farmers would refer to their cows that way.

ERMarch 31, 2018 11:08 AM

This guy Kevin Matthew has created a script (available here) that replaces existing Facebook posts with randomly-generated nonsense.

Useful perhaps to run multiple times before deleting the Facebook account.

In my case though I have never been a heavy Facebook user because of the privacy concerns. When I did use it to check my relatives posts, it was under a fake name and with reasonably believable fake data scattered around my profile.

For example images copied from elsewhere on the internet, tagged as my pet dog (I don't have one) or aunts and uncles.

Keeping the fake data believable but false is IMHO much better than populating it with gibberish. But even gibberish is much better than providing them with any factual details.

Remember also that if you "delete" your data at Facebook it will likely not get deleted in the back end database. The only thing Facebook does is to mark that data as no longer visible to you.

That, and the fact that their DB admins need to have unrestricted access to all data to debug any issues that may appear in the DB. Regardless of if you think that you "only shared it with your friends".

AndersMarch 31, 2018 11:32 AM

There are numerous cases where FB account gets locked and FB is demanding official photo ID as a proof to unlock the account.

This is one of such cases:

https://www.facebook.com/help/community/question/?id=10202277362467822

This is a list of ID's FB accepts:

https://www.facebook.com/help/159096464162185

FB assures that after unlocking the photo ID copy gets deleted in 30 days.

https://www.facebook.com/help/155050237914643?helpref=related&ref=related

I seriously doubt that FB deletes those ID's as promised considering how eager he is to collect our data.

So among other thing this data kraken has lot and lot of peoples ID copies that can be used for ID theft if leaked.

I think this is very bad.

PeterMarch 31, 2018 2:12 PM

you may want to post one day about the pervasiveness of Google Analytics, I've seen it used on govt web sites, NGOs, etc.

AlanSApril 1, 2018 10:54 AM

@Harry Shearer

Me: "Ask yourself, what would a socialist and non-capitalist government look like?"

You: "It would look like Finland, or Sweden, or Norway, which coincidentally end up in the top 5 or 10 of almost every international index of citizens' well-being.

You forgot to include Iceland, Faroes, and Denmark. They are what are normally called social democracies. They are capitalist but with much stronger institutional and legal constraints such that the broader public interest tends (i.e. they have strong welfare states) to be served over private interests.

You: "Ask yourself why you don't know that."

As a Scot I am well-aware of the Nordic model as it is often discussed as a model for an independent Scotland, a small country of similar population size as Norway, with strong social democratic traditions stuck in a larger state that is heading in the opposite direction.

Sancho_PApril 1, 2018 11:16 AM

@Bruce wrote: ”Regulation is the only answer.”, but that’s an illusion.
We all (you and me) are not ready to curtail (our) business and economy.
We know that our (short term) future depends on growth,
we can’t stop that any more [1].

We also know (um, say, we have a slight feeling) that the whole “surveiilance capitalism” (thanks for the data producing amazon-link!) is not sound business model but a huge bubble, ready to burst within seconds, like facebloop.

Think of data collected and sold for the advertisement “business”:
What did you buy because of online ads, personalized or not, compared to the energy and muscles it takes to deliver (unwanted) ads to your PC, phone and TV?
Btw., were you looking for something or did you buy it just for fun?
-> It’s a scam, reactive power, delivering money but of no substantial worth.
But it is an important part of our economy, no doubt!

That said, instead of regulating, downsizing (surveillance) capitalism we must find a way to increase it.
What about Artificial Personas with Artificial Intelligence (APAI) using your Internet,
endlessly producing “data” to feed that beast and consuming it’s ads?

It’s easy to see a benefit in security, too:
Whenever data is stolen / abused, containing 3/4 APAIs renders the data set nearly worthless.

[1]
Our canoe will be soon too small, but that’s a different story for tomorrow.

Mr. Lucas BriceApril 1, 2018 1:34 PM

You want to buy a car, so you head out to your local Toyota dealer. If the Toyota dealer on the other side of town subscribes to the right service, he can geofence the dealer you’re visiting. They get an alert that you’re there. They know your name, address, age, spouse, income, occupation, number of vehicles you own, make and model of the vehicles, and more. If you look at your phone any time while you’re in the dealership, you’ll get an ad from the competitor, tailored just for you. All of this is accomplished with your permission, thanks to apps you downloaded and use. I mentioned Toyota to illustrate the point, it it could be any brand.

GrandalApril 2, 2018 10:58 AM

@Anders

most sites I ever used do not require a national ID card to unlock an account.

That FB is asking for it sounds ridiculous but I can see from the links you provided that that seems to be fairly frequent.

Considering what a lame site FB is - it is not a bank, credit card or investment site - it looks like as if they have some "other needs" to make sure that you are you.

The "other needs" here being things like a government domestic spying office wanting to make sure they have a correct individuals mapped to specific FB accounts.

GrandalApril 2, 2018 11:02 AM

@Mr. Lucas Brice
All of this is accomplished with your permission, thanks to apps you downloaded and use.

what apps would this be? like, e.g. Facebook perhaps?

HmmApril 2, 2018 11:25 PM

"Ask yourself why you don't know that."


It would break their ideology, the amygdala blocks it out in defense. Otherwise..

They'd have to admit some of the things they believed were wrong.

There'd be chaos.


Dave SillApril 3, 2018 3:52 PM

Facebook knows exactly what my data is worth. So why don't they offer to not record it for a fee?

EvilKiruApril 3, 2018 4:51 PM

Full Disclosure: I am non-involuntarily restricted from providing full disclosure!

Ari TrachtenbergApril 4, 2018 9:50 PM

The very same developers and marketers that are utilizing this data ... are, themselves, being analyzed and tracked by it. Why are there not more corporate leaks from people who find the uses of these analytics scary?

I see two main possibilities:

1. They buy the standard corporate li(n)e that this data is simply being used to give consumers what they want - more targeted ads and less time wasted on uninteresting advertising.

2. They feel that the genie is out of the box and, in the prescient words of Larry Ellison (from 1999!) "You have zero privacy anyway. Get over it."

Peter QuinceApril 7, 2018 6:50 AM

Mr. Schneier wrote another excellent article and got right to the point. We need transparency and regulation, and it has been a long time coming.

Zuckerberg's bambi-eyed prattle should come with a warning label, like rat poison.

PeterApril 7, 2018 6:04 PM

Cambridge Analytica, Facebook and the Trump-campaign stole the presidency from Saint Hilarry?
What a ridiculous conspiracy-theory,
everybody knows it was Putins army of evil hacked Selectrics who dunn'it..
Or have you completely and conveniently forgotten ?

Wesley ParishApril 11, 2018 5:27 AM

BTW, and possibly OT and all the rest of it: I've just been over at Huffingtonpost watching a video of Zuckerberg's Senate testimony, and I've never seen a man so pale:

https://www.huffingtonpost.com/entry/mark-zuckerberg-facebook-senate-testimony-memes_us_5acd0806e4b09212968c6193

If he'd been in a battle and looked that pale, I'd say he was dying of blood-loss.

If you want to see how Mark Zuckerberg looks terrified that his entire house of cards is going to start crashing down, grab your opportunity.

Gerard van VoorenApril 11, 2018 7:33 AM

@ Wesley Parish,

About Mark Sugarbelly: Just look at the stocks. They went up. I would say that the end of FB isn't gonna be over. They did hit a small push, but that's it.

Dirk PraetApril 11, 2018 8:53 AM

@ Wesley Parish

I've never seen a man so pale

True, but all things considered he didn't even do that bad and FB stock bounced right back. The real eye-opener here was the unbelievable ignorance of certain senators, some of which weren't even familiar with the FB ad based business model. What the hell were those people even doing there ?

For those wondering where I've been all this time: I'm currently dividing most of my time between my day job and a law study.

bttb April 11, 2018 8:13 PM

From https://www.emptywheel.net/2018/04/11/yet-more-proof-facebooks-surveillance-capitalism-is-good-at-surveilling-even-russian-hackers/ :

"I’ve long tracked Facebook’s serial admission to having SIGINT visibility that nearly rivals the NSA: knowing that Facebook had intelligence corroborating NSA’s judgment that GRU was behind the DNC hack was one reason I was ultimately convinced of the IC’s claims, in spite of initial questions.

Among all his evasions and questionably correct answers in Senate testimony yesterday, Mark Zuckerberg provided another tidbit about the visibility Facebook had on the 2016 attacks.

One of my greatest regrets in running the company is that we were slow in identifying the Russian information operations in 2016. We expected them to do a number of more traditional cyberattacks, which we did identify, and notified the campaigns, that they were trying to hack into them. But we were slow to identifying [sic] the type of new information operations.

Not only did Facebook see GRU’s operations in real time, but they notified “the campaigns” about them.

Note, Zuck didn’t describe the targets in any more detail than “campaigns.” That led Robby Mook to dispute Zuck, eliciting more details from Facebook CISO Alex Stamos." ...
https://mobile.twitter.com/alexstamos/status/983838255442345984

and two more links you might find interesting

By Zeynep Tufekci,the author of “Twitter and Tear Gas: The Power and Fragility of Networked Protest.”, an opinion piece:
https://www.nytimes.com/2018/04/09/opinion/zuckerberg-testify-congress.html
and
and from David Dayen and The Intercept:
https://theintercept.com/2018/04/10/facebook-the-senate-is-afraid-to-govern-thats-great-news-for-facebook/

grinApril 23, 2018 5:08 AM

Apart from being aware of the possible abuse of the data ("Companies that can understand it can use it against you.") I believe it is similarly wrong to act like all this has been purposefully created to abuse people.

People demand better service, smarter service, they want to get rid of annoying ads but require "notifications" of great stuff, they don't want to see "uninteresting ads" but in the same time they want to use "ways" to make other people know that they have a really useful and valuable product or service to sell. And no, not to spam everyone, just tell those who are interested. Fair.

Many companies (and it's an open debate whether they're the minority or not) start from here: they want to reach people who may be truly interested in an information, be that advertising, news or else. This is pretty hard nowadays, in the age of information explosion: you simply cannot expect people to find the ways to find what they want. So IT-using companies start to collect data to do better, more personalised services.

Some maybe remember how Google ads started: they wanted to create non-obtrusive(!), relevant(!) and useful ads (and be much better than others, of course), and connect the people with the right service instead of pouring random flashy trash on them (banner ads, anyone?). This obviously required data to operate on (as well as plenty of care designing ad guidelines to prevent visual annoyance, but that's a topic for another day). As they have gathered the data, people started to get better quality ads, better quality search replies. People were happy.

Now, we know they were oblivious about what kind of data collection have been present in the background, but it would be false to say that people did not want the results. It's just... they want results without providing their private data. They now demand magic: results without the data. It doesn't quite work (dunno about ads in Dumbledore).

When I look at Google and Facebook from a distance I see that "generally" they try to act fair, and really use the collected data for the purposes of better service (which in contrast means more income for them, and that's okay with me), and people actually find it useful and most often than not a fair exchange for the service. I mean real people out there.

Our problem (if I can be so not humble to count myself here :-)) seems to be that this data can be used by bad actors, too, and people do not have the power to prevent that. I am not sure what'd be your attitude when the data is "guaranteed" not to be misused and mishandled (and yes, that's a theoretical question).

What I mean is that maybe the problem is not the collection and use of the data, but the mishandling and abuse of them. EU GDPR actually works along this way, and allows data collection for _any_ purpose: as long as the purpose is clear and the handling of the data is well defined and reasonably secure. I support this approach, and always a pain to see when people believe that they can ban data collection without large collateral damage.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.