The phonebook hypothesis seems most plausible to me (especially considering that WhatsApp is owned by facebook). All those apps gaining access to a phonebook is a privacy disaster.
You would be surprised just how few people know Facebook owns WhatsApp. When I mention it to my non-tech friends, they are first surprised, and then nod their heads like its no big deal, and then a few weeks later exclaim utter surprise at some new privacy intrusion.
Someone should start a project with the sole purpose of mining all kinds of personal data about FB employees from Facebook/Google and publish it as a Kaggle dataset for mining. Wonder how they would feel about that?
The main issue, which you and I both see, is the sheer asymmetry of the whole thing. We are in this weird situation where the individual, the typical cognitive miser who even on his/her best day cannot possibly take all the preventive actions, is up against tireless machines with perfect memory and ability to generate extraordinary pattern recognition working all day to mine just that little bit more information to then hand out to the advertisers.
But I see your point, and certainly would like to see more constructive suggestions than mine.
I see so many potential ways of aggregating this kind of information in massively privacy intrusive ways on a day to day basis. And it's terrifying how many of them are just stopped by my lack of willingness to sacrifice my morals over it.
Because I know very well how easy it is for people to think "oh, well, but that one little thing isn't so bad, when faced with bills to pay, or a raging boss. Many of which really aren't all that bad in isolation. Except it doesn't take all that many "one little things" before you have a total privacy disaster.
If employees are having trouble saying "no" to unsafe, unethical, or unlawful projects, then a professional association or union is needed. A professional association can create duty requirements external to a company; it's easier to say no to your boss is have the excuse that "as a member of $ORG, I have follow $ETHICS_RULE".
Alternatively a union can put pressure companies to never ask for certain things or to meet a standard for any privacy issues. Unions are usually seen with hostility in the tech industry, but they are just another tool; a union can be made for specific purposes, and ignore e.g. wage or anything else.
The problem is that it is not black and white. People will often get presented with some hair-raising proposition, turn it down, and later get presented with something slightly bad and go "well that's much better" and consider it acceptable even if perhaps it's pushing boundaries.
I agree with you, and e.g. in the UK we have the BCS, which does have ethical rules you are expected to know and apply (their membership is just a small proportion of the UK tech industry, though; in part because it is not prestigious enough for e.g. employers to ask for, while requirements for membership makes it a hassle to join for a lot of people), but at the same time it is not sufficient.
Especially give that a lot of things first become truly problematic in aggregate.
E.g. Developer #1 gets asked to ensure you pull in the phone contact list to tie your local contacts to your Facebook friends, to enable extra functionality (lets say a "call" button when you view their profile) that seems entirely benign.
Then developer #2 gets asked to match on phone numbers that have already been pulled in, possibly without even being aware that the phone numbers he is working on are not necessarily just phone numbers of Facebook friends but also unrelated contacts.
You can say that they should have verified, but often it is very easy to assume that it's fine, and not think about consequences. E.g. it doesn't seem so unreasonable to suggest friend-of-a-friend. The problem in the article is that it is not suggesting friend-of-a-friend but contact-of-a-contact, which is an entirely different relationship. But if you're told "here you can find a bunch of phone numbers for each user", build a "friend-of-a-friend" recommendation feature, it is not that strange if people assume it's actually "friend of a friend" - people like to assume the best.
Here's an example from my own past, that I did stop, but only at the last minute, when I realised what was about to happen:
And old boss asks me for a database dump from a "sort-of-still-client" that was leaving us. Nothing odd with that - they kept asking for more up to date copies to make their migration easier, and kept paying us for a year after they'd migrated their site in order to be able to continue to use their old reporting facilities.
So I prepared the database dump. Then I asked him how to deliver it, and he asked me to pass it to X. X was not the client, but someone in a new corporate parent. If my boss had instead asked me to deliver it to him instead of X, I'd have done it without further questions, and he would have passed it to X and the damage would have been done.
What X wanted to do was to mine it for potential customers. The almost-ex-client were not in any way competing with the new corporate parent, so it would not harm them was , but apart from likely violating our contracts with them, it was also a blatant Data Protection Act violation (UK).
My former boss thought this wasn't a problem because we were passing the data internally in the same company and we held the data in our system legally anyway. But the point is the data had been provided by the customers of our client for a specific purpose, and was handed to us for a specific purpose, and that purpose no longer existed. We certainly had not been given permission to use the data for sales. It was hair-raising when I realised what he wanted to do.
He accepted it when I explained why, but it was rather shocking that it took an explanation for him to realise it in the first place.
He was stupid to think his suggested use was remotely ethical, and that's the only reason I caught it: If he'd realised how unethical (and illegal) it was, and he still wanted to do it, he'd have asked me to provide the data to him, which I would have - that'd have been routine. If he'd asked me to put it up for download and provide a username and password, I also would have - assuming reasonably enough he was intending to pass that info to the client. Though after that incident I started being more sceptical about providing him with data without knowing the purpose first, and making sure the client had actually requested it.
I would like to have more constructive suggestions to offer, too. It's not a simple problem, though, and it will not be quickly solved. Threatening Facebook employees (doxing people is a threat) does not seem likely to make anything better.
Well, facebook is "doxing" non-members by virtue of shadow profiles and by encouraging to tag everybody in the pictures. Counterintelligence could be a valid way to keep democratic society.
The cases aren't parallel. A shadow Facebook profile exists that describes me, but it would be absurd to imagine that Facebook will use this information to, for example, send a SWAT team to my house to perform a forced entry - something which has been known to result from the kind of action here discussed. If you make available the necessary information for 4chan and like ilk to do such things, 4chan and like ilk may very well then do so, simply because to do so will briefly amuse them. Is that something for which you're comfortable with the idea of being responsible?
Don't get me wrong. I have no love whatsoever for Facebook, and I would very much like to see a world where no Facebook does or even can exist. But there's a difference between recognizing the problems that result from Facebook's existence, and imagining Facebook and its employees to be deliberately inflicting such problems on people and thus deserving of threatening, even violent, action in imagined response.
Your aversion to threatening employees reminds me a bit of the old "just following orders" canard.
Developers are not sweatshop workers beholden to the company store. They have a plethora of employment options. If they willingly choose to work for such a company, the case could be made that they have made themselves legitimate targets for having made this choice.
That case could indeed be made. It has been in the past, many times, with results whose nature I do not find an endorsement. But perhaps you feel differently. If so, I would urge you to consider the possibility that immoral actions, in response to immoral actions, do not themselves become more moral. There's also the more utilitarian concern that to threaten people in this fashion is not likely to engender sympathy among the undecided, or those who have simply not considered the question, and it most certainly will not engender sympathy among those whom you choose to target.
I might also counsel a certain restraint in your rhetoric, such that you fight shy of hyperbole such as likening Facebook to the NSDAP; ideally that would be your lookout and no one else's, but since we're arguing at least nominally on the same side of the issue, your statements reflect somewhat on mine, and I would prefer they not do so negatively.
Your aversion to threatening employees reminds me a bit of the old "just following orders" canard.
It's not that. It's that in this very short life we have, it's not only not helpful (in the longer run) to pursue actions which knowingly hurt people for the sake of some perceived greater good (unless absolutely necessary) -- it leads one down a very dark path.
My solution? I'd prefer to educate people about the simple fact that most of these social media sites just don't do very much to improve our lives, are a huge soul-suck and time sink generally, and basically not worth the gargantuan amounts of time and emotional energy we invest in them.
So that eventually FB, WhatsApp and all the others will hopefully just die of starvation without a single shot fired (or employee being threatened or doxxed).
It's a moral hazard¹, or possibly an externality; the people writing the algorithms that violate people's privacy are not themselves the victims.
Normally in a market system you want to keep the chain between cause and damage short enough to be comprehensible for the people causing it; otherwise, there's no good way to make them avoid it.
Of course they have FB accounts. That isn't the point. The authors of these algorithms introduce - often without conscious intent - their own biases. They bring their own background, morals, etc when they design an algorithm.
This is a general problem with creating an algorithm to supplement or replace anything previously done by humans. Even if the algorithm is given accurate and unbiased data (which is rare), the choice itself to use an algorithm in the first place and the design of the algorithm also contain bias.
Sometimes this bias is intentional such as "redlining" where housing loans were denied to blacks using various proxies for race. I suspect that in most cases the bias is accidental, which is why it is very important to check the results carefully for any unintended bias. In situations like Facebook, simply asking their users first (opt-in) if they would like to participate in "local friend discovery" would be a great start.
I mean, at this point you're asking Facebook to do something which is directly inimical to its interests, in that people opting out of "local friend discovery" truncates its social graph, or at least reduces the weights it can put on some edges, and thus makes its information less valuable for targeted advertising.
It would be nice to imagine that the people who make such decisions would make that one out of the goodness of their hearts. I do not think this likely. In the absence of a strong financial incentive to do otherwise, I would expect to see things go on pretty much as they have been, i.e., getting gradually worse over time. Threatening Facebook employees with physical harm seems like a severely counterproductive strategy toward applying such an incentive, but I'm not sure what to suggest in its place, because I've tended more in the direction of finding ways to convince people the problem actually exists - itself a regrettable necessity.
No they are not. For example, it is now common knowledge that Mark Z bought off all nearby houses in every direction to get more privacy. [1] Do you and I have similar access to resources?
Suppose your identity is stolen and you find yourself penniless because someone hacked into Facebook which also affected your friend who works at Facebook. Who is more likely to be in great financial distress the next day? Who is more likely to know the full impact of the situation?
Also, if someone in Facebook were to be negatively affected in some way, they probably have friends inside who can help them out. Do you and I have a direct line to a similar friend? In fact, we are likely to be the very last people to know of any such exploitation.
Besides, the closer you are to the algorithm, the more likely that you know how to circumvent it, even exploiting some simple bugs that others are not aware of.
And how about opting out? As a technologist, how hard do you think it would be for an insider to add himself/herself to the opt-out database, and also make sure that there were no hiccups in the process? Contrast that to something as simple as opting out of junk mail - have you been 100% successful?
I just made four observations about how you and I do not possess the same advantages as an insider at Facebook. What are the odds that, something can slip through four different test cases you set up and still turn into a bug in production? Minimal, don't you think?
You make really good points about not countering immoral action with more immoral action. But your notion that FB employees could somehow become unwitting victims of their own technology sounds seriously far-fetched to me.
I don't know that Mark Zuckerberg's access to resources typifies that of Facebook employees in general, but I see what you're saying, and you make good points here which I'll have to consider at leisure.
I recommend that we all add the office number of a health care professional we don't need to our phone book. It will muddy the water just a little bit.
It would be better if Facebook didn't hoover up data not explicitly entered into their app or website.
In fact I think that should be the basis of privacy laws everywhere: You can only use data that the user personally entered into your application or website. Data should only be available across your different "properties" it they are branded as being part of a single platform.
It would be much more in tune with the average persons understanding of something like Facebook.
Your suggestion might actually lead to something very interesting.
Once a day when someone logs into FB, they should be presented with a word problem asking if the data they have thus far submitted to Facebook can be used to mine such-and-such fact about them.
If they cannot answer correctly, FB should not do said type of mining. As their understanding of the potential for mining info increases, FB is also allowed to add that type of mining.
This would be a win-win. People would actually understand what is going on, and FB itself has something to fall back on when the day comes when people turn this into an inquest (more a question of when than if in my view).
And I wish all the big tech companies would do something like that.
>People would actually understand what is going on
I don't think that's in the interest of companies like Facebook or Google. If people understood how their data can be used, many would close their accounts immediately. Data mining companies, and their customers are best served by keeping the public in the dark as much as possible. Revealing how much they actually know about us would cause trouble, if nothing else then simply because it's creepy as hell to many of us.
The funny thing is that while I think all this data mining is creepy, I also believe it's useless in most cases. The only thing I've seen work well over time is Amazons recommendation of books.
Its also not in my interest to reduce my net worth by paying taxes. But it happens promptly each year. Maybe its time we demanded this from the companies.
Also, I would argue it is indirectly in the interest of said companies and their employees if they prefer that their legacy is to avoid being referred to in the same bracket as the Enrons and the Arthur Andersens of the world.
The trouble is, they are also too big to fail now. The thing that petrifies me more than a thriving Facebook is a Facebook on the brink of collapse and which has nothing to lose.
This is almost certainly the "phonebook" hypothesis.
If Lisa has her phone number associated with her Facebook account and either Lisa or the client has the others phone number in their smart phones contacts and the Facebook app installed that relationship can pop up in people you may know. If there aren't good "people you may know" suggestions the ones you get can end up being "people who may be known to people you know".
The reason I think this is because a therapist friend of mind had this exact problem and deleting her cell phone number from her Facebook profile made it stop.
What Lisa (and anyone else with a professional responsibility to protect client privacy) need to do is to stop associating the phone number they give to clients with Facebook or other social media.
> What Lisa (and anyone else with a professional responsibility to protect client privacy) need to do is to stop associating the phone number they give to clients with Facebook or other social media.
Understanding how Facebook connects different people might help prevent this from happening, but as Facebook's tech becomes more advanced/pervasive Facebook will need to provide an explicit feature to protect user privacy for situations like this. As it stands, the implications of sharing your phone number, location, etc are already far from explicit.
1. Sharing my mobile number via the Facebook app without my explicit consent or knowledge
2. Using my Whatsapp contact list to recommend people I might know
And now, I've recently started getting all sorts of arbitrary notifications even though I've stated several times I don't want to be notified of anything.
The only reason I still have a facebook account is so that I don't have to share stuff like my email address and phone number with people. But at this point it doesn't seem worth it any more.
Someone should start a project with the sole purpose of mining all kinds of personal data about FB employees from Facebook/Google and publish it as a Kaggle dataset for mining. Wonder how they would feel about that?