[stratelogical]

Unbelievable. When signing up for 2FA, FB never said what else it would be used for. From a legal standpoint, aren’t companies are supposed to say what the phone number will be used for when asking for phone number?

Somebody from FB - please tell us this is a bug.

[Meph504]

Well as far as legal protections go, nothing definitive, and they can always argue their statements about enhancing user experience would cover this.

Check westlaw on it https://content.next.westlaw.com/6-502-0467?transitionType=D...

I think the real issue, is people think they are doing one thing, but doing another.

depending on the age of your account, you'll notice that the notifications for SMS maybe defaulted on, this didn't matter if you didn't have a phone number associated with your account. When you add a phone number to your account, its not "solely" 2FA, you add the number to your account, and 2Fa is enabled, just like all the other default setting that apply to phone numbers.

which is why when people are responding to the SMS its posting on their wall, its because what their settings are set to do.

see the settings below where they can disable this. https://imgur.com/a/6pOHH

It's another case of people screaming to the heavens about evil megacorp. when in reality they can't be bothered to check their own settings.

[Slansitartop]

> It's another case of people screaming to the heavens about evil megacorp. when in reality they can't be bothered to check their own settings.

Facebook's settings are often opaque and unintuitive, and some of the stuff around notifications qualifies as dark patterns. Also, as you mentioned, Facebook has a history of using selfishly-chosen defaults which are often not what a user would likely want or expect.

I'm not going to fault people for complaining about getting tricked into settings they didn't want.

[Meph504]

I won't defend their practices in most cases, changing the news feed to recent for example is far more work than it should be, and reverts randomly.

but this setting is Settings>Notifications it's not really buried.

I suppose I'm not upset at people who discovered the issue, but I am annoyed at mashable.com for making it a specifical when it shouldn't be, quoting a "a self-described technosociologist, professor at UNC" and their uninformed statements.

[lozenge]

Another Facebook dark pattern: they hid everybody's email addresses from their profile and showed a new @facebook.com email address. They claimed they had simply introduced a new setting letting you show or hide email addresses individually. However, it was already possible to set the privacy on an email address to "only me", effectively hiding it.

[moonka]

Judging by how the response has been to companies leaking and abusing our data, I don't know that it will make a difference if it's a bug or intentional.

[PeterisP]

"aren’t companies are supposed to say what the phone number will be used for when asking for phone number"

Not yet. Can't wait for the EU general data protection regulation (GDPR) to come in effect, which includes such a requirement - it won't affect USA users directly, but hopefully it will force some companies to change their behaviour worldwide.

[GCU-Empiricist]

Sounds like a good reason to send the spam text message filing report. How much is the fine per incident?

[txsh]

$0 if you own enough lobbyists and congressmen.

[Slansitartop]

That kind of response is too cynical, and just discouragement from actually trying to fight the problem.

[twothamendment]

Cynical? I'd call it realistic. If anyone wants to fight the problem, delete your account. That is the only value that you can take away from that company.

[Slansitartop]

> Cynical? I'd call it realistic.

That's what all cynics say.

> If anyone wants to fight the problem, delete your account. That is the only value that you can take away from that company.

No, that's clearly false. You can use your account to spread an understanding that Facebook is bad (lots of stuff in the news to share, like this), or you could abandon your account but leave it up with a profile pic saying you don't use it anymore (sort of like a reverse take on broken-windows theory). Politics and lobbying representatives is slow, but does have results (all the lobbyists in the world can't counter steady constituent calls on a non-partisan issue). But you're a cynic, and probably gave up before giving much though about what could be done.