In computer security, every time machines become fast enough to breach the limits of an algorithm we invent something new so that “hard” problems remain “hard” and therefore encryption is still secure.
There has been no corresponding increase in the difficulty of invading privacy. 30 years ago, even though you probably “could” observe somebody for a long time and eventually connect some dots about them, it would not really have been worth your while (and you certainly wouldn’t have been able to do it for thousands or millions of people). Now, it is ridiculously easy for computers to dredge up information and instantly transmit it, slog through it and basically connect every imaginable dot. There needs to be a new standard for privacy: just like you want a 2048-bit key, you want the equivalent of a “make life a pain in the ass for Facebook” key on EVERY DETAIL of your life.
I would love if someone made a Chrome extension that encrypted all the posts and messages you put on Facebook. That is, any post you made would be made as a ciphertext, the extension would swap keys with all your friends in the background, and would decrypt their posts when displaying them to you.
Sure Marky Mark still sees when you post, who you send messages to, etc. but it's a much better situation than what's going on now. Plus it would probably put a dent in their bottom line, and so send them the message that privacy matters to people.
Security breaches are bad for one party's capital, good for another party's capital.
It's interesting to contemplate WHY is there a difference between the two. Security and Private both nasciently have something to do with "info I'd like to keep to myself", but I'm not sure I can come up with a hard delineation between the two, at least when you try to go above "A/S/L" and below "user/pass".
It terms of a hostile 3rd party and not an automated system? 5 times.
Snoopy relatives of women I have dated a couple times, a couple times by PIs paid to track me down, and a stalker once.
So...yeah. It's a real problem and none of these people had a legitimate cause to do so. Even beyond FB, etc. I don't post my face online because of shit like that.
Other people have stopped posting pics of me as well, a couple people have been called based on my name being tagged to things on social media.
I went in and untagged myself from a bunch of stuff my parents posted after my online friend commented on one of the pictures. It wasn't that it was super problematic, it's just I realized I really didn't want family pictures broadcast to my friends.
The main issue is that there is no reason for companies like Facebook to fully adopt it, since it doesn't benefit them and there is no outside pressure forcing them to do so.
The bigger problem for me is how facebook tracks and identifies even people who do not have a facebook account. They simply infer such a person exists from photograps, contacts and other one sided activity and can start to track that person, tie all this information together and then target them with ads even though they never signed up for Facebook.
Such shadow profiles are a much larger problem to me than people who are happy to fork over their private lives themselves.
Nothing will change until the law cracks down on this. The people who work on these systems are smart enough to comprehend the wider consequences, but they do it anyway because money. Without significant external pressure, there will always be a long line of engineers willing to dial their cognitive dissonance up to 11 and build software that is clearly unethical in exchange for a fat paycheck.
Moral: of, relating to, or concerned with the principles or rules of right conduct or the distinction between right and wrong
I think it is "clearly wrong" that Facebook creates shadow profiles, because it is violating the freedom of people who have not signed up for their service, in the same way that it is clearly wrong for me to take away your favorite pet for ritualistic sacrifice against your wishes, even if "everyone" in the community agrees that it has been a consistently effective method for pleasing the Gods.
Of course, you know these analogies are tenuous, and you will eventually go into very precise definitions of words (or worse, you will actually start taking my pet sacrifice analogy and dissecting it). Perhaps you could tell us about something you think is clearly unethical, and we will try and draw the connection for you.
I doubt that he doesn't understand what "unethical" means. The question is how does what Facebook is doing qualify? You've said it is because it violates the freedom of people Facebook is making inferences about who are not users of Facebook's services.
That just shifts the question to how does it violate their freedom? That is not at all obvious to me. (NOTE: this does not mean that I'm saying it is OK...just that I don't see how it is a freedom violation).
My computer desk at home is near a large window, which I often look out while I am using the computer. From this window I can see people from my street walking dogs. I can see kids going to and from school. I see cars coming and going. My street is a dead end street about 1 km long, and I'm about 200 meters in. The street bends a little way past my place, so the last 700 meters or so are not visible from my place.
By casually observing people walk by, I've gathered data to make several inferences about people who live beyond the bend. I've figured out when some people are having house guests (by seeing people I've never seen before walking dogs that I recognize).
I've inferred sibling relationships among some of the children who walk by (by noticing dress and equipment patterns that clearly indicate that the same person is shopping for both).
I've figured out what kind of cars the parents of the some of the children drive (by seeing those cars stop when passing the children on the way home, and the children getting in, or seeing a strong correlation between days when particular children who walked by to school in the morning do not walk by in the afternoon and days when particular cars drive by in the afternoon).
Am I violating these people's freedom by making these inferences from what I see out my window?
If not, what is the fundamental difference between what I'm doing by observing people that walk or drive by on my street and what Facebook does by observing what its users do on its site?
Not OP, but I think the fundamental difference is that you are, presumably, not selling everything you know to potential stalkers that wish to know everything about the people you mentioned.
I can't claim it's wrong because I'm not a good ethicist. But I can say anecdotally that I feel upset and disgusted by the idea that even though I don't have Facebook, they may have a dossier on me. Simply because friends use my name or share photos including me.
It's upsetting because I don't know what I can do about it. How do I protect my privacy in this world? Do I stop having friends? Do I wear a mask everywhere?
> I can't claim it's wrong because I'm not a good ethicist.
Even the best ethics expert in the world would just be one who knows how to describe a bunch of ethical systems and ideas that exist currently and historically. Other than that, they can help you exactly zilch with such decisions. I'm not a psychologist, but I'll claim if it makes you feel upset and disgusted, that means you did decide you consider it wrong. And if it helps, I agree.
As for how to change things, well, ask the EFF for example? There's things you can do which, apart from being a real help, also help you with the dread of this free floating vague blob of worries that you sometimes look at but as you said feel you can't do anything about.
One thing you can always do, is that not giving in. It just takes one person to prove the claim that everybody accepts or wants X wrong. When being that person seems scary, personally, when looking around, I'm not convinced at all that the people who fight no or trivial battles are less scared. It's not actually safer on the side of thugs, generally speaking, and life isn't more fun at mindless parties either, only those who don't have the comparison would think that. I'd rather say that's all built on sand, on holes that have to be temporarily filled with more and more material.
So keep on hanging on, because there might come a point where you feel less upset, more grounded, and the people who drift along will become more and more confused. Real things can hurt, sometimes badly, but real things also have longevity, they bring their own means and nutrients for growth.
At least, that's how I answer these questions for myself, that's how it ended up working out, and while I know that can't be generalized, sometimes it does get darkest before dawn. Don't let it drag you down (Sophie Scholl's outlook = best outlook).. but what you can shoulder, do shoulder. The only way out really is through, ultimately.
If worst comes to worst, don't get crushed when the screeching narcissism machine attempting to eat the planet drives itself and billions of people against the wall and implodes. Easier said than done, but change will come one way or the other. I'm not convinced it would leave spots of unscorched Earth, but that hope dies last, anyway.
> because it is violating the freedom of people who have not signed up for their service
That's your interpretation of their reasoning, Facebook's interpretation could assume that they haven't signed up for service yet.
Also, how exactly is their freedom violated? Let's say they could do a certain set of actions on a given day prior to Facebook violation. So if a government violated their freedom (e.g. by putting them under house arrest), a certain subset of those actions, like walking to a store or a park, would be impeded.
What would be an example of actions that would be impeded by Facebook's violation?
I think it is more likely that the market corrects this well before the law. How much longer can the status-quo of online advertising remain intact? Do these targeted ad's really work? There is a ton of time and talent being poured into hyper-advanced targeted advertising systems, how long can this be sustained?
Buyers have access to a detailed audit trail of their ads and campaign activities. They see where ads they bought ran, the number of people who were able to see their ads, and clicks and other interactions with their ads.
If "these ads are working" is defined as "these ads are accomplishing what they were intended to when purchased," peoples' spend is founded more in data than belief.
Buyers have access to ~2BN people and tools to target them by age, interest, and geography -- much of that demographic and psychographic data is explicitly and freely given by those people themselves; tons more are derived and inferred. Buyers repeat their buys because these ads accomplish what they intended at purchase -- they can effectively drive traffic or commerce or whatever else.
This real power to generate revenue makes the issues around privacy, security, transparency, awareness, responsibility, ethics, laws, oversight more important than if it was created by ignorant beliefs. The latter would be temporary; the former generally strengthens as more data gets into the system.
The law will not crack down on this. The politicians stand to gain too much. See The Dictator's Handbook (which is as relevant to democrats as autocrats).
That said, I'm personally certain the laws will evolve rapidly in a favorable manner. Privacy issues resulting from Facebook/Google and co are becoming increasingly unacceptable for the society.
I've just finished that and second the recommendation - while the ideas have been around for a while, the presentation of them in that book is outstanding.
Mentioned shadow profiles and some other of their shady practices to an acquaintance recently, he uses fb and wanted to stay in touch using it. He chose not to listen to my critique of fb calling me a "tinfoil hat" (whatever that even means).
An easy disarm is "You are confusing privacy with secrecy. It is no secret what happens in the bathroom. It doesn't mean we are going to remove the doors because people still want privacy"
There are ways to counter this. For example, it can be said that Facebook isn't your bathroom. (Yes, this isn't exactly solid argument, sure.)
Still, I'm absolutely sure it's best to keep private stuff to oneself, and parties you trust. With understanding of full consequences of doing so. If one trusts Facebook, they'd better think why do they do so, as their trust may be misplaced.
I think one of problems is that when users post data they don't even think they send it to Facebook - they believe they send it to their friends there.
Ha - if anybody says that, ask them if they can kindly lend you their phone for a few minutes, so you can browse through their photo gallery, browser history and emails.
"Oooh! How much do you make? How many sexual partners have you had? Have you ever cheated on any of your partners? Ever had an STD? Whom do you secretly dislike even though you don't show it? I've never met someone with nothing to hide before, this is so exciting!"
By law you should but it will be an uphill battle.
Technically each and every advertising agency that creates a profile on you, gives you a cookie and stores your IP address is in violation of the law. (IP addresses count as PII, Personally Identifiable Information).
I don't see the legal hammer coming down on the advertising industry (of which Facebook and Google are the major players) any time soon if ever.
>IP addresses count as PII, Personally Identifiable Information.
One way hashed (that can't be rainbow tabled) are not however PII afaik however, so it's quite easy to turn an IP address into a "net location ID" or something similar that can't be tracked back to a physical IP for analytics.
If you're going to add a unique salt every operation you just destroyed the value of that IP address for tracking purposes. Which was the whole point of the discussion to begin with. By your scheme you might as well store a random number. So, either you store the IP in such a way that you can later re-associate a new call with the previous IP or you might as well not have it.
> However at that point surely you just add a salt?
How would that work? You'd have to use the same salt for every IP (which completely negates any benefit of the salt), otherwise how do you know that bcrypt(salt_1, IP_1), which you stored in your database yesterday, refers to the same IP as bcrypt(salt_2, IP_1) that you stored a month ago?
It's enumeration through 32 bits of 0-4294967295. There are only so much IPv4 addresses.
If you add a salt, then that "net location ID" becomes of very limited use. You won't be able to grep through the logs for request from specific IP, you won't be able to tell how many distinct IPs are accessing your services, etc etc. The only use I can see is keeping it in the session to check if IP address had changed, as a security measure.
And how are they hitting that person with a tracking pixel and associating it with the pseudo-account?
It's still creepy, but it's likely more about determining knowledge of the friend graph (i.e. suggesting 2nd degree friends via a connecting pseudo-account) than about ad targeting.
Though yes, as soon as that pseudo-account could be tied to an actual account, Facebook could use passively gathered info to target you.
The creepiest part about Facebook is the sheer volume of facial data paired with social connection data. With access to that, even if you have never been online in your entire life, there's a good chance I could take your driver's license photo and know who you associate with.
> And how are they hitting that person with a tracking pixel and associating it with the pseudo-account?
That's the easy part. There are companies that specialize in this sort of thing, as well as in merging profiles from several devices (pc, tablet, smartphone), you can bet that if two-bit advertising technology companies know about these tricks that Facebook does too, and they probably know a trick or two that has not become mainstream yet.
If you want an explicit explanation of how such a link could be made it's a hard choice: too many possibilities.
I've done technical due diligence on about 10 advertising technology companies, node identification in a graph gets easier through two things:
- more known nodes in the graph (Facebook has many)
- more activity by the unknown node (just wait and track)
Sooner or later there is a moment where just for an instant that node can be strongly associated with a real world ID, for instance, a contact in someone's address book, a tag in a photograph and some shared online activity or something as simple as a phone call. At that point it is game over, the contact can now be associated with the device ID on the other side for instance through some running app.
Apropos games, many games monetize by embedding a library supplied by an advertising technology company that wishes to gain access to devices without waiting for the user to visit a website. These libraries leak information all over the net.
Is one example by FB, there are many more and some of those require permissions that make no sense at first sight until you realize what is happening under water. If you ever wondered why some shitty game requires access to your contacts, location and other interesting bits of data this is it.
It is very hard to stay off the radar of the likes of Google and Facebook, I have a pretty good idea of how this stuff works in the background and I have no clue how I could not leak enough bits for those two companies to tie my online activity to my real world identity in a single profile.
No idea, any evidence that Google uses email content do generate external profiles (vs. the user who received the message)?
If I write "Leroy Jenkins likes rushing" in an email, does Google create a persona called Leroy Jenkins, assigns a quality "likes rushing" to it and tries to match it to other data?
I always heard that user data is firewalled by default inside Google (PII data from one user isn't used on other users, unless explicitly shared).
Even on Photos Google seems to only allow you to appear as a suggestion on your contact's photos after you explicitly opt-in and explicitly selecting "which one is your face":
They can build up a graph and they'll see your emails when sent to a gmail recipient or from a gmail originator to you.
With a very large fraction of all email now passing through Google's servers you can expect them to be able to piece together the missing bits with high fidelity.
How come we have clowns getting elected, terrorism and financial meltdowns then? There are so many interesting things one can do with this power beyond monitoring what the plebs are upto. No great evidence exists that the power is being used despite the data and computing power having existed for 15 years now.
One small difference is that the activity on GMail or large email providers is generally two-way and it becomes clear when you understand that clicking "Send" sends your mail away to be stored in GMail forever unlike where photos somebody would be taking with their friends are not aware if it is put in Facebook or similar social places.
That isn't true. Many domains are routed through Gmail where you have absolutely no way of knowing up front that you are going to be sending that mail through Google. It looks like any other email address on a private server.
> Does Google use my organization’s data in G Suite services or Cloud Platform for advertising purposes?
> No. There are no ads in G Suite Services or Google Cloud Platform, and we have no plans to change this in the future. We do not scan for advertising purposes in Gmail or other G Suite services. Google does not collect or use data in G Suite services for advertising purposes.
> We do not scan for advertising purposes in Gmail or other G Suite services. Google does not collect or use data in G Suite services for advertising purposes.
You could drive several trucks sideways through the holes in that statement.
Right, what's the last time you checked the recipients domain MX record before sending an email?
That's just nonsense, nobody does this, people just send mail through some client and never ever check MX records by hand unless they are trying to debug some kind of problem, in fact, the vast majority of people have no clue that something like an MX record even exists. To them email is roughly equivalent to magic.
Perhaps its just the ex-sysadmin in me, but I've done it pretty frequently over the years. Pop open a terminal, host -t mx example.com, done. Mostly I do this when I think there's any chance that my email will get routed to a server in China (pipe the result of the host query through nslookup and eventually to a whois against ARIN to see whether the IP is allocated by APNIC), since I'd prefer to avoid that.
I get that it's not common or simple, but "absolutely no way" doesn't mean absolutely no way that's common and simple. It's doable and, if you want to avoid it, there's plenty of ways to ensure that you never send directly to a Google server.
you basically hit the nail on the head. And if Obama did nothing about it, you can sure expect Trump to follow suit with inaction as well. The consumer's only hope here is the EU.
That's actually why I gave up on avoiding it (after leaving my fb account dormant for ~5 years). If I'm being tracked anyway I might as well enjoy the social benefits of the platform, which are not insignificant.
FB absolutely knows more about me than any individual person at this point. I've decided, for good or ill, to accept that and leverage it; rather than feeling upset about my inability to enforce a right to privacy, I've decided it's more important that I should be able to enjoy being myself rather than having to hide everything. If powerful forces wish to abuse that, they can, but I'm happy to have that moral argument.
There is no way I will go down that route. That's defeat and it simply will not happen with me being an enabler. If that means I'll miss out on the occasional party then so be it.
How is that defeat? I have no desire to waste my precious time in an unwinnable arms race. My freedom of action and self-expression are my primary operational need, and I don't want to spend my life creeping around trying to conceal every fact about myself that might be employed as an attack vector. That's not liberty.
Facebook's dominance is even more pronounced in parts of the developing world. I've met people in Asia (Myanmar and Nepal) who have just accessed the internet for the first time in the past 12-24 months (through their Android smartphones).
But they don't know the true internet - they only know the internet through the Facebook app. They use it like we use Google and web browsers.
To them, Facebook is the internet. They don't have email accounts. They don't use the browser. They don't search. I met someone in a small town who never even used the maps feature. I tried to think of what value the true internet might bring them, but when I suggested that "you can search for news and read other things", the response was that they already did that with the Facebook App.
One guy handed me his phone, so I could add myself as a friend on his Facebook. While I started typing my name, I noticed his search history... and to him, Facebook was even a substitute for what people in the USA might use Incognito mode for!
I would call Facebook their internet portal, but it's not really a portal to anything - Facebook is just the entire internet to them.
Buzzfeed (yes, Buzzfeed) did an excellent writeup of Myanmar, that mirrors what I saw there:
“Nobody asks, they don’t care about the email,” he said, explaining that most don’t know that creating an email address is free, and easy. “No one is using that. They have Facebook.”
Email also isn't very popular in China. I'd surmise it has something to do with the popularity of instant messaging in the new generation internet users.
Using email feels cumbersome compared to WeChat. Of course, you pay the price of having a single app do everything but most people don't even register that as a potential threat.
Yes. Also the fact that half of the west's trigger-happy sysadmins banned all Chinese IP addresses from virtually any cross-border SMTP activity because 'spam'.
Google does some pretty scary stuff too.
I made a point of never giving them my mobile number or any "real information" about me.
When a friend of mine added me to his contacts, on his Android phone, he also added one of email addresses to the contact, which is the same one I used to register my Google account.
The phone automatically connected the mail address to my Google account and now every time I call him the (anonymous) picture of my Google profile shows up on his phone. Which I guess means that Google now also connected that phone number to the mail address/Google account.
Tbh that's really offputting: You can be as careful as you want and it will still be all for naught because friends&family just end up leaking your details everywhere without even noticing it.
The phone automatically connected the mail address to my Google account and now every time I call him the (anonymous) picture of my Google profile shows up on his phone.
That behavior doesn't require Google to have associated your phone number with your account; the mapping could be happening entirely on your friend's phone.
I had a similar realization when I found a private photo, so private that I had deleted it from everywhere in some Google's "backup" sites. I am very careful disabling every feature that could mean that personal images or text from my phone will end up "in the cloud" and still it got there through an accident... and a lot of Google's disregard for my wills. It's almost impossible to stop them.
The photo being private is most likely not what you think :)
I deleted it from the phone and my hard disk. I use to take photos with the phone, move through usb to the disk and never publish any photo anywhere.
Where I found it I don't remember because it was some Google site that I hadn't signed up for. I know, they're all connected, but I didn't even know it existed, much less that personal photos could go there.
My frustration comes from the fact that I had already visited several timesevery configuration and options page of the products that I use, choosing not to share anything anywhere with anyone and, god forbid, never backup phone and still it got there.
I have an idea why it could happen: a combination of "sync" option in the phone being activated by an accidental click with a lot of "creativity" in Google's part.
I'm done with this shit. When the time comes to buy a new phone, I will take some drastic measures. Maybe a dumbphone with tethering paired with a tablet, I'm not sure, but not this again.
Could you help me understand why you find that scary? It's not giving him any information which wasn't previously available to him. I think you're concerned that people are overlooking his screen, and you'd rather he explicitly choose everything that pops up when you call? Do you think he wouldn't have included any identifying information about you?
As a user, I'd rather have not only a name but also a picture of a person pop up when they call me, and I'd rather it happen with as little work as possible on my part.
(disclaimer: I work for Google, although I had nothing to do with how this works)
OP desired to keep his Google associated email and non Google associated phone number separate, and behaved as such. That's a very reasonable thing to want and do.
But Google used OP's friend's phone, bought from them, to surreptitiously acquire the connection between his email address and phone number.
That was against OP's desire, and his friend never explicitly agreed to provide that information. I fully understand why he would be upset.
Oh, yes, I missed a sentence: "Which I guess means that Google now also connected that phone number to the mail address/Google account." So I suppose freeflight's concern is what information the friend gave to Google, not what Google gave to the friend or what the friend's phone is displaying to onlookers.
This is how cloud services work. Google stores the friend's contact data, which has a contact with both freeflight's phone number and email address.
What is it you fear that Google is doing with this information? And what would it take for you to be comfortable?
I think everyone is misunderstanding the complaint. Google does not link phone numbers to accounts based on being added to he same contact. The poster is just complaining that it shows the photo from his Google profile (attached the the email his friend already knows) and shows that when he calls from his phone number (that his friend also already knows and added to the same contact).
It occurs to me that I'd like to see some reportage on which parts of the TOS cover these evergreen frustrations. Is it the "share your information with third parties" clause? Is it "to improve Google services?" Something else? Surely every element of surprise can be responded to with "Oh, well you gave them that permission in Section F, subsection 3(n)."
Usually its to the tune of 'by using this service you agree to grant Google a non-exclusive royalty-free worldwide license to reproduce and redistribute' etc.
I wonder if I could exploit this to make false associations, e.g. save an email address with someone else's number to make that profile pop up whenever that person calls someone.
Sure, I mean one way to combat this is through data warfare and sabotage. If enough people behave erratically and poison the well of data it will make it harder for these companies to infer as much as they do now.
For example, click, view, watch, like at random ads and if enough people do this inference will be harder.
On the other hand, whatever brings power away from large telecoms is good for all of us, even it means integration with Google makes calling simpler and easier.
It annoys me how much I want to leave Facebook (if only to stop them gathering MORE data on me - I can't erase what they have) but don't because of the convenience of getting in touch with or finding out more about whoever I meet in meatspace.
The fact that they try to force me to install their messenger app by making messaging through a mobile browser difficult is particularly infuriating and reveals how much they have their intentions at centre and not the benefit of their users/products/suckers (whatever you want to call us) now that they have the critical mass that people like me don't leave because everyone else is on it.
> The fact that they try to force me to install their messenger app
Treat it as asynchronous communication, using a client like Swipe for Facebook (for Android, don't know about iOS alternatives) to look at messages when you feel like doing it.
Use another app for synchronous purposes. Facebook's own WhatsApp is a lot more secure, for starters.
It doesn't read as sponsored, it'd be more circumspect. More like, the reporter found it and thought it was cool so he interviewed "Dr Julia Powles" about it so he could write an article on it. You can ask him on Twitter: https://twitter.com/joemillerjr
When Facebook has pwned everything that's left to pwn, are we going to look back and say, oh, we were warned, why didn't we heed the warning of all those writers... who had "like" links on their page before the content even started. No.
I signed up for facebook two years ago, didn't put any real information on there, then haven't touched it since. I still get emails about "people you might know" that they have absolutely no business knowing about and aren't in any way connected to my immediate family. It's creepy and I don't want them storing that information about me, but there's nothing I can do. I've been cautious about putting my information on the internet since I got my first computer in 1995. But that information got out there somehow anyway.
I created a Facebook account because I was doing something with a Facebook API, long enough ago that I have forgotten the details of the project. However, lurking in my spam folder there is always 'you have more friends than you might think' as a subject line in there somewhere, from Facebook, trying to lure me back in.
The thing I find funny about this is that they only send out emails with that one subject line. I don't open the emails so the suggested 'friends' might be different with each email, however I am curious why they don't change the subject line, to 'A/B test' me into being part of the known universe of Facebook. Clearly 'you have more friends than you think...' has not worked.
If they had bothered with the 'shadow account' then they would have targetted me a bit better, if they found a Facebook group that was likely to appeal to me then they could theoretically lure me in with 'Cats with Facebook accounts in your area' or 'Today's pictures of squirrels enjoying lunch...' but no, let's just try the email that didn't work last time or the time before.
Sure they have surreal algorithms that are totally creepy in a stalker way that is totally Peeping Tom and should gross people out, but, as per the dumb emails there is nothing that smart about what they are doing.
I read the Share Lab metadata report, based on an examination of the metadata in the headers of the emails exchanged between Hacking Team members. The level of detail this provides on the network and on the individual members of the team is extraordinary. Now in the case of Facebook, imagine that times 100, then add AI to slice and dice the data better than a team of the world's top 1000 data scientists working on the analysis of some tiny portion of the data for some particular purpose, for a year... Just one consequence: think of what Facebook and Google have on every politician in the United States, in the world.
I do not use any Facebook mobile app (may track my microphone, location, etc...terrible!). I use Facebook's site in a browser (usually Chromium) in which I don't otherwise browse the net or do anything else except email. For browsing, I use the Epic Privacy Browser.
They have shadow profiles of people not on the service. It's more like "don't like it hope nobody socially linked to you uses it" which is pretty much a zero percent chance unless you are a Sentinelese fisherman.
There has been no corresponding increase in the difficulty of invading privacy. 30 years ago, even though you probably “could” observe somebody for a long time and eventually connect some dots about them, it would not really have been worth your while (and you certainly wouldn’t have been able to do it for thousands or millions of people). Now, it is ridiculously easy for computers to dredge up information and instantly transmit it, slog through it and basically connect every imaginable dot. There needs to be a new standard for privacy: just like you want a 2048-bit key, you want the equivalent of a “make life a pain in the ass for Facebook” key on EVERY DETAIL of your life.
reply