I wish there was information about who at Facebook received this information and “used” it. I suspect it was mixed in with 9 million other sources of information and no human at Facebook was even aware it was there.
I’m not the OP but no, I think their point is if you tell people that this data will be used for X, and not to send sensitive data that way and they do it anyway you can’t really be responsible for it - the entity who sent you the data and ignored your terms should be
Not at Facebook, but I used to work on an ML system that took well-defined and free-form JSON data and ran ML on it. Both were used in training and classification. Unless a human looked, we had no idea what those custom fields were. We also had customers lie about what the fields represent for valid and less valid reasons.
Without knowing how it works at Facebook, it's quite possible the data points got slurped in, the models found meaning in the data and acted on it, and no human knew anything about it.
How it happened internally is irrelevant to whether Facebook is responsible. Deploying systems they do not properly control or understand does not shield against legal or normal responsibilities!
There is a trail of people who signed off on this implementation. It is the fault of one or more people, not machines.
>Deploying systems they do not properly control or understand does not shield against legal or normal responsibilities!
We can argue the "moral" aspect until we're both blue in the face, but did facebook have any legal responsibilities to ensure its systems didn't contain sensitive data?
I think their argument is that FB has a pipeline that processes whatever data you give it and the idea that a human being made the conscious decision to use this data is almost certainly not what happened.
"This data processing pipeline processed the data we put in the pipeline" is not necessarily negligence unless you just hate Facebook and couldn't possibly imagine any scenario where they're not all mustache-twirling villains.
We're seeing this broad trend in tech where we just want to shrug and say "gee wiz, the machine did it all on its own, who could've guessed that would happen, it's not really our fault, right?"
LLMs sharing dangerous false information, ATS systems disqualifying women at higher rates than men, black people getting falsely flagged by facial recognition systems. The list goes on and on.
Humans built these systems. Humans are responsible for governing those systems and building adequate safeguards to ensure they're neither misused nor misbehave. Companies should not be allowed to tech-wash their irresponsible or illegal behaviour.
If Facebook did indeed built a data pipeline and targeting advertising system that could blindly accept and monetize illegally acquired without any human oversight, then Facebook should absolutely be held accountable for that negligence.
What does the system look like where a human being individually verifies every pieces of data fed into an advertising system? Even taking the human out of the loop, how do you verify the "legality" of one piece of data vs. another coming from the same publisher?
None of your example have anything to do with the thing we're talking about, and are just meant to inflame emotional opinions rather than engender rational discussion about this issue.
If Facebook chooses to build a system that can ingest massive amounts of third party data, and cannot simultaneously develop a system to vet that data to determine if it's been illegally acquired, then they shouldn't build that system.
You're running under the assumption that the technology must exist, and therefore we must live with the consequences. I don't accept that premise.
Edit: By the way, I'm presenting this as an all-or-nothing proposition, which is certainly unreasonable, and I recognize that. KYC rules in finance aren't a panacea. Financial crimes still happen even with them in place. But they represent a best effort, if imperfect, attempt to acknowledge and mitigate those risks, and based on what we've seen from tech companies over the last thirty years, I think it's reasonable to assume Facebook didn't attempt similar diligence, particularly given a jury trial found them guilty of misbehaviour.
> None of your example have anything to do with the thing we're talking about, and are just meant to inflame emotional opinions rather than engender rational discussion about this issue.
Not at all. I'm placing this specific example in the broader context of the tech industry failing to a) consider the consequences of their actions, and b) escaping accountability.
I often think about what having accountability in tech would entail. These big tech companies only work because they can neglect support and any kind of oversight.
In my ideal world, platforms and their moderation would be more localized, so that individuals would have more power to influence it and also hold it accountable.
It's difficult for me to parse what exactly your argument is. Facebook built a system to ingest third party data. Whether you feel that such technology should exist to ingest data and serve ads is, respectfully, completely irrelevant. Facebook requires any entity (e.g. the Flo app) to gather consent from their users to send user data into the ingestion pipeline per the terms of their SDK. The Flo app, in a phenomenally incompetent and negligent manner, not only sent unconsented data to Facebook, but sent -sensitive health data-. Facebook they did what Facebook does best, which is ingest this data _that Flo attested was not sensitive and collected with consent_ into their ads systems.
You're absolutely right, a human being didn't make the conscious decision to use this data. They made a conscious decision to build an automated pipeline that uses this data and another conscious decision not to build in any checks on the legitimacy of said data. Do we want the law to encourage responsibility or intentional ignorance and plausible deniability?
It is necessarily negligence if they are ingesting a lot of illegal data, right? I mean, it could be the case that this isn’t a business model that works given typical human levels of competence.
But working beyond your competence when it results in people getting hurt is… negligent.
A human was involved somewhere, maybe they made the pipeline.
You can't, or shouldn't, outsource responsibility to computers. You can give them tasks. But if computers fail the tasks you give them, that's your responsibility. Because code doesn't have a conscious or an understanding of morality.
In my opinion, that isn't something that should be allowed or encouraged.