[marcell]

The pile on continues...

(1) This is probably a project by a small "research" group at Facebook. The goal of that group is probably to publish papers in a Psych journal or something like that about how they were able to correlate anonymized medical data with Facebook feed updates. Tech companies have these research groups for prestige, they are not central to the company mission.

(2) According to the article, the project was never actually started. So it sounds like a bit of a non-story.

[soziawa]

(1) Or it could have been just another way to add a little more data to your profile. And even if you are right, I don't think you are but if you were, do you really want a company to do psychological experiments with you without your knowledge?

(2) Yeah, but it wasn't started because of the pile on. You can't give Facebook credit for not starting this.

[dwighttk]

>do you really want a company to do psychological experiments with you without your knowledge?

too late[1] (2014)

https://www.theguardian.com/technology/2014/jul/02/facebook-...

[blub]

Facebook has been screwing with people's privacy for years, so it's only fair that they are now criticised for years on end.

This has got to be a new Facebook apology meme: the pile-on. Until Facebook and privacy is regulated in the US, like GDPR does it for the EU, the pile-on should continue. Must continue, no matter how uncomfortable it is for the pro-Facebook, pro-ads or pro-spyware people.

[Joeboy]

For me, the result of having HN filled with these Facebook non-stories is that I'm going to stop taking an interest in them. As far as I can tell the situation with Facebook is substantially the same as it's been since it started. Users willfully broadcast information using Facebook, and sometimes Facebook uses that information in ways its users didn't intend or expect. Among the recent slew of dramatic stories I haven't seen anything I found particularly surprising or shocking, so I've started to pattern match anti-Facebook stories as fluff. One day something actually shocking will happen, like Facebook leaking people's private messages or browsing histories. Hopefully when that happens we won't all have reached the point of ennui, boiling frog-style.

[tjoff]

What makes you think this is a non-story? It is yet another example of a culture that feeds on lack of empathy and respect of peoples lives.

Yes, it is boring, yes it is repetitive. And it will continue to be that way until facebook gains a shred of decency. But I guess that we should just forgive and ignore because there are too may of them?

Maybe you are not the target of these stories, the public at large do feel that they are surprising and shocking.

[philipodonnell]

> the result of having HN filled with these Facebook non-stories is that I'm going to stop taking an interest in them.

> the public at large do feel that they are surprising and shocking.

Not OP, but I don't think the point is that its a non-story to the public at large, I think the point is that its a non-story to anyone reading HN, which is decidedly not the public at large.

I get where they're coming from. If I go to reddit or local news and see a bunch of Facebook non-stories I would tend to discount that as the public finally waking up to this. When I come here and see a Facebook article I immediately assume it is important and I need to pay attention because the audience here is so different than reddit/local news. If I can't trust HN to filter for only truly important stories then I'll start to treat it like Reddit and look for a better source for truly important news, which would be a shame.

[chickenfries]

> If I can't trust HN to filter for only truly important stories

The HN frontpage is a pretty poor proxy for "importance." It's simply whatever the users of HN find interesting. AFAIK, there is no "only upvote truly important" stories rule.

[philipodonnell]

That's fair. I was using important to mean "worth spending the time to read" as my interests are fairly well aligned with the HN community (at least as far as my interest in Facebook-related news). Though over time audiences change, so as more of these non-stories continue to proliferate, perhaps HN is becoming more targeted to the interests of the general public and I should accept that or move on.

[camillomiller]

I don’t know why you’ve been downvoted, you actually posed a serious point. Two days ago, Facebook’s CTO admitted that the search-by-phone-number functionality has been used by bad actors all over to rake in public profile information from potentially all users. We all barely flinched.

Facebook PR strategy is now coming straight out of the Trump’s PR book.

[Joeboy]

> I don’t know why you’ve been downvoted

I'm guessing for being a pro-Facebook shill and/or an anti-Facebook zealot.

[a-priori]

Is it not shocking to you how blatantly Facebook breaches people's expectations about the use of their data?

People share data with Facebook for a particular, immediate benefit to themselves. I share my location so my friends can see where I am, I post my photos so my friends can see what I'm doing and who I'm with, I share my contacts so I can find my friends, etc. In and of itself, this should be fine and safe to do. The problem comes when Facebook takes the data that was given to them for one purpose, in one context, and they use it for another purpose now or in the future.

I can't make informed consent when it comes to data, because the real value of data only comes from when it's aggregated with other data -- either my own over time, or other peoples'. I can't know what incremental effect this datum has when it's combined with everything else Facebook knows about me, and all their other users, and run through their current or future machine learning algorithm. So, it's impossible to know whether it's in my interest to disclose any particular bit of information to them.

Details that are innocuous to human eyes can be very salient to algorithms. I might disclose a set of data points and never make any connection between them. I might mention I feel tired on one day, and write with a negative tone on a few other days, and wake up (i.e, open Facebook for the first time in the morning) later than usual. Without knowing this, that's enough information for Facebook to make a confident inference that I'm depressed, an inference that amounts to discovering private information I never intended to reveal. Of course, they don't disclose that they know that about me, but they do use it against me. They may target ads for anti-depressant drugs, or they may invisibly bias my news feed to have more negative content.

That's even assuming I'm aware that I'm disclosing information at all. If I log into Facebook to see what my friends are up to, then close the tab and start browsing the web, Facebook knows where I go on the web any time I visit a page with Facebook comments even if I don't post any comments. The content of the page, combined with other data they know about me and the other visitors to the site, can be combined to make inferences about me, my interests and hobbies, my sex or sexual orientation, race, socioeconomic class, medical conditions, vices, and so on.

We can't expect every person to become experts on data analysis so they can fully understand the implications of disclosing their data.

[lallysingh]

They're hardly alone, just the most visible. Let's remember that many of our fellow hackers are likely Facebook engineers doing regular work, and are probably feeling pretty bad right now, even though the decisions behind what's going on is way above their pay grade.

Yes there's some responsibility due them as well, but perhaps we can remain civil to our silent peers?

[sincerely]

>Let's remember that many of our fellow hackers are likely Facebook engineers doing regular work, and are probably feeling pretty bad right now, even though the decisions behind what's going on is way above their pay grade.

Didn't we establish that "just following orders" doesn't cut it decades ago?

[lallysingh]

The second paragraph that you didn't quote covered that

[leesalminen]

Barely. I think FB engineers deserve more than “some” of the blame here. Surely they could see the negative consequences of linking health data into their graph.

[LinuxBender]

The ones I know are proud of the fact they can pull in thousands of data sources. They will show off what they can do using big data, AI and other bingo terms with your data.

[nealdt]

I think this story could appear harmless - or perhaps not. The potential gold mine of information that insurers and the health industry could get from this kind of data could be staggering, particularly when we think about claims or the price of the insurance policy.

This is what many of us have been suspecting for some time so this confirms our suspicions. I don't think it's a non-story.

I feel that if such research was genuine, I see no reason why medical professionals couldn't get this information in a wholly transparent manner without a middle man selling your data about potentially sensitive issues.

Quite telling that it has been 'put on hold'. That in itself is a story.

[downandout]

Quite telling that it has been 'put on hold'. That in itself is a story.

It's been put on hold because Facebook PR knows that people don't read the details of stories. By and large, they read headlines - and many of those are misleading at best. The issue with CA, for example, wasn't a data breach - the data they had was collected in compliance with Facebook's rules at the time. Yet many headlines and soundbites have used the term "data breach" throughout this incident.

So, when 90% of the population incorrectly believes, based on some soundbites and a couple of headlines, that Trump hired CA to hack into Facebook and steal their data, read their minds, and steal the election, you don't want to go forward with something else that might sound scary in yet another mischaracterized headline or soundbite. If putting this project on pause is a story, that story is that Facebook has a PR department that understands its audience....I don't think it says anything one way or another about this project.

[IAmEveryone]

This again...

"Data breach" means an unauthorised access or use of data. Cambridge Analytica was not authorised to access or use the users' data. Therefore, it's a data breach.

It makes no difference if the breach uses a zero-day exploit to access FB's database, or if it uses social engineering to get someone at Facebook to send them a hard drive, or if it's some researcher being given access under false pretences.

"Data breach" is a catch-all like "homicide": that term encompasses murder but also involuntary manslaughter, euthanasia, and capital punishment.

[downandout]

>It makes no difference if the breach uses a zero-day exploit to access FB's database, or if it uses social engineering to get someone at Facebook to send them a hard drive

It makes an enormous difference because it affects what the public should reasonably be afraid of in the future.

Scenario 1 (what actually happened): Facebook used to have bad app policies that were too permissive, and political candidates like Obama and Trump abused data obtained under those policies. They were changed 4 years ago, and this behavior has not been possible since then.

Scenario 2 (what the media is implying to get clicks): Breach! Breach! We have a breach! Highly paid hackers are breaking into Facebook, stealing your data, and using it to brainwash you! Facebook is incapable of securing your information and therefore we must ensure that they never get any information about anyone ever again!

So, your personal definition of a “data breach” notwithstanding, it is both alarmist and inaccurate to use that term in describing the CA situation. Where news headlines are concerned, the most commonly accepted definition of that phrase, which is being intentionally used to conjure up false images of scenario 2 above, is the only thing that matters.

[nealdt]

Maybe, maybe not, but either way I don't want to give them the benefit of doubt for my reasons mentioned above. Cheers!

[jakewins]

On the one hand, I'm rather happy about this sudden outpouring of anger; FB has fundamentally corrupted the public square, scrutiny is appropriate.

On the other hand, it's hard not to get conspiratorial, given https://www.cnbc.com/2018/02/12/facebook-rupert-murdoch-thre...

[tjoff]

> (2) According to the article, the project was never actually started. So it sounds like a bit of a non-story.

According to the article the reason for why it was never actually started was because of the "Cambridge Analytica data leak scandal". Very important distinction.

[vinhboy]

It sounds to me like the researcher wanted to use this data to identify at-risk groups and get them preventive care.

I don't mean "identify" as in, de-anonymize them, but to use data to figure who may need help (or advertised to -- same difference really).

This actually sounds like a good idea if that's the purpose.

It's not any different than retailers identifying cohorts they can sell to.

It also sounds very similar to what a lot of AI research does (in my limited understanding of it). Take known samples and use that to identify/predict other things...

[tjoff]

Sure, all I see is that insurance companies will be the ones with the most to gain (economically) from this information, and thus the ones that will pay the most for it.

[RoyTyrell]

Insurance companies already have tons of relevant medical data on their clients, there's no reason why whatever FB can provide them is going to be miraculously more telling than actual medical data such as their current and past diagnoses and medical conditions.

[sidlls]

Insurance companies are perhaps surprisingly often ignorant about their own medical data and what it means for their clients or patients (except for what it means in terms of revenue). Entire profitable businesses (who aren't insurers) sell analytics products based on these data to companies because insurers don't have the means or know how to.

[RoyTyrell]

> Insurance companies are perhaps surprisingly often ignorant about their own medical data and what it means for their clients or patients (except for what it means in terms of revenue).

You may very well be correct, but how do you know that?

> because insurers don't have the means or know how to.

Again, where do you get your insight on the inner-workings of insurance companies in general from?

I'm not disagreeing with you outright. I just wondering if you're guessing or you have actual knowledge to the one or more health insurance companies and their actuarial and analytics processes.

[LinuxBender]

It could be useful additional data for detecting insurance fraud.

[908087]

Yes, I'm sure Facebook's goals are entirely altruistic just as they were when they performed psychological experiments on hundreds of thousands of people without consent.

Why are we still giving this company the benefit of the doubt after years of blatant abuse?

Advertising corporations shouldn't be anywhere near my medical records, period.

[jamra]

Although I agree that it’s a non issue, it is a big deal to identify patients against their permission. It’s also illegal.

[gethesmane]

(1) This is probably a project by a small "research" group at Facebook.

With blessings from on high, no doubt.

(2) According to the article, the project was never actually started.

Oh yes it was -- the FB spokesperson said it was in the "planning stages". That's quite definitely a form of "starting" (especially for large companies).

If a local waste disposal company were to acknowledge that it was in the "planning" stages of, say, a major incineration facility on that vacant lot down the street your kids used to play in... you wouldn't say this was "a bit of a non-story", now would you?

[411mrc]

"Hey, major waste company, how about you partner with Facebook and let us sift through people's trash using AI robots before it goes in the landfill? It's for....uhhh, science...yeah, thats the ticket"

[craftyguy]

I dislike/disagree with facebook more than most folks, but even I can smell a dead horse being beaten.

[apotheothesomai]

For years privacy-minded people have complained about the lack of recognition of privacy issues among the masses. Suddenly, story after story about aspects of Facebook's anti-privacy practices are being read by the public. This will lead to more stories about other data mining entities as well.

The more this keeps up, the more concrete privacy issues will be in the minds of many.

And yet, HN is full of dismissals. I've decided that to many here, the idea of being in an "elite", informed group is more important than the actual issues.

Given that you are not the target audience of these stories, are you really in a position to judge whether they have reached "dead horse" status?

[908087]

HN is full of dismissals because many on HN work at Facebook and other companies that rely on being able to continue abusing our privacy.

They want the stories to stop because they fear the general public may finally be gaining awareness of the abuse they're being subjected to.

[wu-ikkyu]

The hubristic disconnect between the technical minded people here on HN and the general masses of users is startling and indicative of the problem.

[fricat1ve]

>the idea of being in an "elite", informed group is more important than the actual issues.

Do you mean to say it's voyeurism, i.e. the draw of being "informed"? Sitting in the eye of the panopticon?

I think people just have a tendency to focus on the positive things that might be gained from data mining. There's just a lot of naivete about how compromised an ad-supported business ultimately is.

[Joeboy]

> Given that you are not the target audience of these stories

Isn't that an argument for not having HN filled with these articles?

[rainbowmverse]

Only if the subgroup "people who are tired of all this privacy stuff" is representative of HN's readership. There are more people reading than will ever comment. That's true of any community.

[ccccccccccccc]

I find it funny how we complain so often of the news moving too fast and major stories becoming irrelevant in a day or two, yet when a something stays in the news for more than a week people gripe over how much attention we give the topic.

[craftyguy]

many posts on HN about facebook are not even from within the last few months. some of them are from several years ago, but are only being reposted now for sweet internet points and bandwagoning.

[Slansitartop]

> many posts on HN about facebook are not even from within the last few months. some of them are from several years ago

HN is just for "breaking news." It has an established culture of re-posting "old" stories if they're interesting or informative in the context of more recent events.

[telchar]

The situation regarding Facebook and privacy is very much unresolved. How can you call it a dead horse? Facebook is very much a large, living, dangerous horse. I think we shouldn't let up until the horse changes its spots or dies.

[fwdpropaganda]

> (2) According to the article, the project was never actually started. So it sounds like a bit of a non-story.

I don't think it's a non-story.

At least for me it reinforces my reading of this company's attitude and hangling of their user's (and the population's) privacy.

It's a datapoint. It's not everything, but it's not nothing either.

[StreamBright]

How long do you think it would take to de-anonymize this data for a somebody who specialized in this?

[codedokode]

Both parties have hashes and source data. If they are able to match people in their lists, then they can find out who they are. So it is a matter of seconds I think.

[flokie]

It seems like some are forgetting the near 6000 word 'manifesto' where this was all outlined by Mark.

"In times like these, the most important thing we at Facebook can do is develop the social infrastructure... "

"For the past decade, Facebook has focused on connecting friends and families. With that foundation, our next focus will be developing the social infrastructure for community -- for supporting us, for keeping us safe, for informing us, for civic engagement,"

" I have long expected more organizations and startups to build health and safety tools using technology, and I have been surprised by how little of what must be built has even been attempted. There is a real opportunity to build global safety infrastructure, and I have directed Facebook to invest more and more resources into serving this need."

This is barely a year old. Did he not lay out a vision where FB powered our civic, social & community services?

link: https://www.facebook.com/notes/mark-zuckerberg/building-glob...

[itbeho]

They deserve a pile on. I don't want any social media company having any access to my health data, especially if I haven't authorized it.

(1) There is no guarantee they will accurately associate that "anonymized" data with my profile.

(2) There is no guarantee they will "do no harm" with that data. It's a way to run-around existing HIPAA protection and something a lot of organizations would pay for if they could.

[firstplacelast]

I agree it's terrible, people should really look out for these multi-billion dollar companies more.

[mapster]

How did the public get wind of it if it was an internal research project?

[Irishsteve]

Unless of course, the research is promising and can be integrated into the product somehow.