Tag Archives: facebook

Is Europe closing in on an antitrust fix for surveillance technologists?

Is Europe closing in on an antitrust fix for surveillance technologists?

               11303034873_8c5ee2b8c5_o

The German Federal Cartel Office’s decision to order Facebook

to change how it processes users’ personal data this week is a sign the antitrust tide could at last be turning against platform power. One European Commission source we spoke to, who was commenting in a personal capacity, described it as “clearly pioneering” and “a big deal”, even without Facebook being fined a dime.

The FCO’s decision instead bans the social network from linking user data across different platforms it owns, unless it gains people’s consent (nor can it make use of its services contingent on such consent). Facebook is also prohibited from gathering and linking data on users from third party websites, such as via its tracking pixels and social plugins. The order is not yet in force, and Facebook is appealing, but should it come into force the social network faces being de facto shrunk by having its platforms siloed at the data level.

To comply with the order Facebook would have to ask users to freely consent to being data-mined — which the company does not do at present. Yes, Facebook could still manipulate the outcome it wants from users but doing so would open it to further challenge under EU data protection law, as its current approach to consent is already being challenged. The EU’s updated privacy framework, GDPR, requires consent to be specific, informed and freely given. That standard supports challenges to Facebook’s (still fixed) entry ‘price’ to its social services. To play you still have to agree to hand over your personal data so it can sell your attention to advertisers. But legal experts contend that’s neither privacy by design nor default.

The only ‘alternative’ Facebook offers is to tell users they can delete their account. Not that doing so would stop the company from tracking you around the rest of the mainstream web anyway. Facebook’s tracking infrastructure is also embedded across the wider Internet so it profiles non-users too. EU data protection regulators are still investigating a very large number of consent-related GDPR complaints.

But the German FCO, which said it liaised with privacy authorities during its investigation of Facebook’s data-gathering, has dubbed this type of behavior “exploitative abuse”, having also deemed the social service to hold a monopoly position in the German market. So there are now two lines of legal attack — antitrust and privacy law — threatening Facebook (and indeed other adtech companies’) surveillance-based business model across Europe. A year ago the German antitrust authority also announced a probe of the online advertising sector, responding to concerns about a lack of transparency in the market. Its work here is by no means done.

Data limits

The lack of a big flashy fine attached to the German FCO’s order against Facebook makes this week’s story less of a major headline than recent European Commission antitrust fines handed to Google — such as the record-breaking $5BN penalty issued last summer for anticompetitive behaviour linked to the Android mobile platform. But the decision is arguably just as, if not more, significant, because of the structural remedies being ordered upon Facebook. These remedies have been likened to an internal break-up of the company — with enforced internal separation of its multiple platform products at the data level.

This of course runs counter to (ad) platform giants’ preferred trajectory, which has long been to tear modesty walls down; pool user data from multiple internal (and indeed external sources), in defiance of the notion of informed consent; and mine all that personal (and sensitive) stuff to build identity-linked profiles to train algorithms that predict (and, some contend, manipulate) individual behavior. Because if you can predict what a person is going to do you can choose which advert to serve to increase the chance they’ll click. (Or as Mark Zuckerberg puts it: ‘Senator, we run ads.’)

This means that a regulatory intervention that interferes with an ad tech giant’s ability to pool and process personal data starts to look really interesting. Because a Facebook that can’t join data dots across its sprawling social empire — or indeed across the mainstream web — wouldn’t be such a massive giant in terms of data insights. And nor, therefore, surveillance oversight. Each of its platforms would be forced to be a more discrete (and, well, discreet) kind of business. Competing against data-siloed platforms with a common owner — instead of a single interlinked mega-surveillance-network — also starts to sound almost possible. It suggests a playing field that’s reset, if not entirely levelled.

(Whereas, in the case of Android, the European Commission did not order any specific remedies — allowing Google to come up with ‘fixes’ itself; and so to shape the most self-serving ‘fix’ it can think of.) Meanwhile, just look at where Facebook is now aiming to get to: A technical unification of the backend of its different social products. Such a merger would collapse even more walls and fully enmesh platforms that started life as entirely separate products before were folded into Facebook’s empire (also, let’s not forget, via surveillance-informed acquisitions).

Facebook’s plan to unify its products on a single backend platform looks very much like an attempt to throw up technical barriers to antitrust hammers. It’s at least harder to imagine breaking up a company if its multiple, separate products are merged onto one unified backend which functions to cross and combine data streams. Set against Facebook’s sudden desire to technically unify its full-flush of dominant social networks (Facebook Messenger; Instagram; WhatsApp) is a rising drum-beat of calls for competition-based scrutiny of tech giants. This has been building for years, as the market power — and even democracy-denting potential — of surveillance capitalism’s data giants has telescoped into view.

Calls to break up tech giants no longer carry a suggestive punch. Regulators are routinely asked whether it’s time. As the European Commission’s competition chief, Margrethe Vestager, was when she handed down Google’s latest massive antitrust fine last summer. Her response then was that she wasn’t sure breaking Google up is the right answer — preferring to try remedies that might allow competitors to have a go, while also emphasizing the importance of legislating to ensure “transparency and fairness in the business to platform relationship”.

But it’s interesting that the idea of breaking up tech giants now plays so well as political theatre, suggesting that wildly successful consumer technology companies — which have long dined out on shiny convenience-based marketing claims, made ever so saccharine sweet via the lure of ‘free’ services — have lost a big chunk of their populist pull, dogged as they have been by so many scandals.

From terrorist content and hate speech, to election interference, child exploitation, bullying, abuse. There’s also the matter of how they arrange their tax affairs. The public perception of tech giants has matured as the ‘costs’ of their ‘free’ services have scaled into view. The upstarts have also become the establishment. People see not a new generation of ‘cuddly capitalists’ but another bunch of multinationals; highly polished but remote money-making machines that take rather more than they give back to the societies they feed off.

Google’s trick of naming each Android iteration after a different sweet treat makes for an interesting parallel to the (also now shifting) public perceptions around sugar, following closer attention to health concerns. What does its sickly sweetness mask? And after the sugar tax, we now have politicians calling for a social media levy.

Just this week the deputy leader of the main opposition party in the UK called for setting up a standalone Internet regulatory with the power to break up tech monopolies. Talking about breaking up well-oiled, wealth-concentration machines is being seen as a populist vote winner. And companies that political leaders used to flatter and seek out for PR opportunities find themselves treated as political punchbags; Called to attend awkward grilling by hard-grafting committees, or taken to vicious task verbally at the highest profile public podia. (Though some non-democratic heads of state are still keen to press tech giant flesh.)

In Europe, Facebook’s repeat snubs of the UK parliament’s requests last year for Zuckerberg to face policymakers’ questions certainly did not go unnoticed. Zuckerberg’s empty chair at the DCMS committee has become both a symbol of the company’s failure to accept wider societal responsibility for its products, and an indication of market failure; the CEO so powerful he doesn’t feel answerable to anyone; neither his most vulnerable users nor their elected representatives. Hence UK politicians on both sides of the aisle making political capital by talking about cutting tech giants down to size. The political fallout from the Cambridge Analytica scandal looks far from done.

Quite how a UK regulator could successfully swing a regulatory hammer to break up a global Internet giant such as Facebook which is headquartered in the U.S. is another matter. But policymakers have already crossed the rubicon of public opinion and are relishing talking up having a go. That represents a sea-change vs the neoliberal consensus that allowed competition regulators to sit on their hands for more than a decade as technology upstarts quietly hoovered up people’s data and bagged rivals, and basically went about transforming themselves from highly scalable startups into market-distorting giants with Internet-scale data-nets to snag users and buy or block competing ideas.

The political spirit looks willing to go there, and now the mechanism for breaking platforms’ distorting hold on markets may also be shaping up. The traditional antitrust remedy of breaking a company along its business lines still looks unwieldy when faced with the blistering pace of digital technology. The problem is delivering such a fix fast enough that the business hasn’t already reconfigured to route around the reset. Commission antitrust decisions on the tech beat have stepped up impressively in pace on Vestager’s watch. Yet it still feels like watching paper pushers wading through treacle to try and catch a sprinter. (And Europe hasn’t gone so far as trying to impose a platform break up.)  But the German FCO decision against Facebook hints at an alternative way forward for regulating the dominance of digital monopolies: Structural remedies that focus on controlling access to data which can be relatively swiftly configured and applied.

Vestager, whose term as EC competition chief may be coming to its end this year (even if other Commission roles remain in potential and tantalizing contention), has championed this idea herself. In an interview on BBC Radio 4’s Today program in December she poured cold water on the stock question about breaking tech giants up — saying instead the Commission could look at how larger firms got access to data and resources as a means of limiting their power. Which is exactly what the German FCO has done in its order to Facebook. 

At the same time, Europe’s updated data protection framework has gained the most attention for the size of the financial penalties that can be issued for major compliance breaches. But the regulation also gives data watchdogs the power to limit or ban processing. And that power could similarly be used to reshape a rights-eroding business model or snuff out such business entirely. The merging of privacy and antitrust concerns is really just a reflection of the complexity of the challenge regulators now face trying to rein in digital monopolies. But they’re tooling up to meet that challenge.

Speaking in an interview with TechCrunch last fall, Europe’s data protection supervisor, Giovanni Buttarelli, told us the bloc’s privacy regulators are moving towards more joint working with antitrust agencies to respond to platform power. “Europe would like to speak with one voice, not only within data protection but by approaching this issue of digital dividend, monopolies in a better way — not per sectors,” he said. “But first joint enforcement and better co-operation is key.” The German FCO’s decision represents tangible evidence of the kind of regulatory co-operation that could — finally — crack down on tech giants.

Blogging in support of the decision this week, Buttarelli asserted: “It is not necessary for competition authorities to enforce other areas of law; rather they need simply to identity where the most powerful undertakings are setting a bad example and damaging the interests of consumers.  Data protection authorities are able to assist in this assessment.” He also had a prediction of his own for surveillance technologists, warning: “This case is the tip of the iceberg — all companies in the digital information ecosystem that rely on tracking, profiling and targeting should be on notice.” So perhaps, at long last, the regulators have figured out how to move fast and break things.

Article Produced By
Natasha Lomas


Writer

Natasha is a senior reporter for TechCrunch, joining September 2012, based in Europe. She joined TC after a stint reviewing smartphones for CNET UK and, prior to that, more than five years covering business technology for silicon.com (now folded into TechRepublic), where she focused on mobile and wireless, telecoms & networking, and IT skills issues. She has also freelanced for organisations including The Guardian and the BBC. Natasha holds a First Class degree in English from Cambridge University, and an MA in journalism from Goldsmiths College, University of London.

https://techcrunch.com/2019/02/09/is-europe-closing-in-on-an-antitrust-fix-for-surveillance-technologists/

 

TP

Facebook is still trying to figure out what teens are interested in

Facebook is still trying to figure out what teens are interested in

Facebook is restructuring its “youth team,” shutting down its new teen meme app LOL, and doubling down on Messenger Kids.

        

Facebook is still trying to figure out what kind of apps

young people want to use. Meme apps? Not so much. Messaging apps for elementary school kids? Yes, apparently so. At least, that’s what we’ve deduced from Facebook’s decision to restructure its “youth team,” the organization of more than 100 employees specifically tasked with building products and features for young people.

The team was alerted late last week that multiple projects — including a meme app called LOL aimed at high school kids — will be shuttered, and many members of Facebook’s youth team will instead start working on Messenger Kids, according to two sources. Messenger Kids is Facebook’s year-old messaging app for children who are under 13 and therefore too young to sign up for Facebook’s regular service. LOL never got much traction. Facebook described it a few weeks back as a “small scale test,” and TechCrunch reported that it only had around 100 beta users. Also going away: An early version of a high school communities feature that would let teens find and connect with classmates, a nod to Facebook’s earliest days when it was a directory for colleges and universities.

The company’s “youth team,” though, is not going away, according to a Facebook spokesperson. The plan is to cut down on a number of smaller projects that the group is testing and instead focus on stuff that Facebook believes is more successful. Messenger Kids, despite all kinds of privacy concerns from outside organizations, appears to fall into that category. “The youth team has restructured in order to match top business priorities, including increasing our investment in Messenger Kids,” a Facebook spokesperson confirmed in a statement sent to Recode.

It’s always interesting to understand how Facebook is targeting teens — a valuable demographic with advertisers and a group generally lauded for identifying “the next big thing.” (Facebook, you’ll remember, started with college students. So did Snapchat.) Many believe that Facebook has lost touch with teens — data shows that teenage users are leaving Facebook for other services — which is why the company has more than 100 employees focused on building products exclusively for that demographic.

Facebook even made headlines last week for paying some users, including teenagers, as much as $20 per month to use an app that collected data on how they used their smartphone. Facebook called it “market research.” That data collection actually violated an agreement Facebook had with Apple and led to a chaotic day at Facebook’s Menlo Park headquarters after Apple blocked the special Facebook apps that are used by internal employees. The apps were restored less than 48 hours later. A Facebook spokesperson says the youth team restructuring is “unrelated” to the company’s “market research” project. Asked if the research app was a youth team project, the same spokesperson said, “No.”

Facebook’s youth team was created back in early 2016 and has seen a number of projects come and go since then. A Snapchat-style competitor called LifeStage, which was limited to teens, was a youth team project until it was pulled from the App Store in August 2017. Last July, Facebook also shut down TBH, another app for teens that let users anonymously answer questions about themselves and their friends. Facebook will continue to build other teen-focused products besides Messenger Kids, though it hasn’t yet shared those plans publicly. Other than Instagram, which it acquired, and Stories, which it copied from Snapchat, Facebook hasn’t had a breakout hit with teens since, well, Facebook.

Article Produced By
Kurt Wagner
Senior Editor, Social Media

Kurt Wagner has been a business and tech journalist since 2012 and was previously reporting for Mashable. He also covered general tech and Silicon Valley news in his first job as a tech reporter with Fortune magazine, based in San Francisco.
Originally from the Seattle area, Kurt graduated from Santa Clara University with a B.S. in communication and political science. He served as Editor-in-Chief of The Santa Clara, the university newspaper, for two years.

https://www.recode.net/2019/2/7/18215832/facebook-shutting-down-lol-restructure-messenger-kids

TP

Apple is punishing Facebook big-time for breaking its rules

Apple is punishing Facebook big-time for breaking its rules

Apple moved fast and broke Facebook.

               

Facebook is in crisis.

Stop us if you’ve heard that one before. That’s been the general state of the company for almost two years now, ever since it became clear that so-called fake news and Russian election meddling on the social network may have influenced the result of the 2016 presidential election. In that time, Facebook has dealt with unflattering press, security breaches, congressional testimonies, and government investigations. Each week seems to add a new chapter to the madness. This week was no different, but it also brought on a new enemy: Apple. And Apple, it turns out, may be as dangerous as anything else Facebook is up against right now.

The quick backstory: Facebook is part of one of Apple’s special enterprise developer programs that allows companies to publish apps specifically for their own employees; these apps don’t go through the public App Store. Facebook uses that program to share beta versions of its own apps with employees so it can test new features or new code. It also uses the program to create apps for in-house purposes, like Facebook’s shuttle bus schedules or lunch menus.

On Tuesday, TechCrunch reported that Facebook has been abusing its role in Apple’s enterprise program by using it to distribute an app to non-employees. The app, which Facebook says was for “market research,” was used to gather personal data about the phone habits of the users who downloaded it. (Facebook paid these people to download the app, TechCrunch says.) An app like that would have violated Apple’s App Store guidelines, but Apple doesn’t review apps that are part of the developer program. It looks as though Facebook took advantage of the program to distribute the app without Apple’s knowledge.

Apple was upset. On Wednesday, the company announced that it was forcing Facebook to stop distributing the research app, calling it a “clear breach of their agreement with Apple.” But that wasn’t all: Apple also appears to have stopped Facebook from distributing all apps associated with its enterprise developer program, according to a source. This means the special versions of Facebook, Instagram, Messenger, and WhatsApp that Facebook employees use aren’t working on iPhones. It also means that other internal Facebook apps aren’t working in iOS, including Facebook’s Slack competitor, Workplace.

Essentially, Apple forced Facebook employees to download the public version of all of these apps, given that most of the company’s employees use iPhones. A Facebook spokesperson confirmed that its internal apps have been impacted by Apple’s decision to revoke its publishing abilities and that it is working with Apple to resolve the issue. It’s hard to overstate how big an issue this could be for Facebook. Not only does it completely disrupt all kinds of productivity, but if Facebook’s product teams can’t ship internal beta versions of its apps, it could seriously hinder Facebook’s product development. Don’t forget: This is a company that spent its first decade preaching the mantra, “Move fast, break things.”

Apple has shown that it isn’t just capable of stopping Facebook from moving fast — it might be capable of stopping Facebook altogether, at least temporarily. It’s unclear how long Apple will restrict Facebook from pushing updates, but it’s not the kind of enemy Facebook needs right now. The two companies have developed a bit of a rivalry. Apple CEO Tim Cook said last year that Facebook’s privacy issues could have been solved with “self-regulation,” but Facebook missed its chance. When asked what he would do in Facebook’s shoes, Cook replied pointedly, “I wouldn’t be in this situation.”

Facebook CEO Mark Zuckerberg later called the criticism “extremely glib.”

Facebook seems to have picked up in 2019 right where it left off in 2018. This Apple drama comes less than two weeks after a report in the Washington Post said that the Federal Trade Commission, which is investigating Facebook, is considering slapping Facebook with a “record-setting” fine for privacy violations.

Article Produced By
Kurt Wagner
Senior Editor, Social Media

Kurt Wagner has been a business and tech journalist since 2012 and was previously reporting for Mashable. He also covered general tech and Silicon Valley news in his first job as a tech reporter with Fortune magazine, based in San Francisco.
Originally from the Seattle area, Kurt graduated from Santa Clara University with a B.S. in communication and political science. He served as Editor-in-Chief of The Santa Clara, the university newspaper, for two years.

https://www.recode.net/2019/1/30/18204001/facebook-apple-punishment-internal-apps-not-working

TP

Everything you need to know about Facebook Google’s app scandal

Everything you need to know about Facebook, Google’s app scandal

              

Facebook and Google landed in hot water with Apple this week

after two investigations by TechCrunch revealed the misuse of internal-only certificates — leading to their revocation, which led to a day of downtime at the two tech giants. Confused about what happened? Here’s everything you need to know.

How did all this start, and what happened?

On Monday, we revealed that Facebook was misusing an Apple-issued enterprise certificate that is only meant for companies to use to distribute internal, employee-only apps without having to go through the Apple App Store. But the social media giant used that certificate to sign an app that Facebook distributed outside the company, violating Apple’s rules. The app, known simply as “Research,” allowed Facebook unparalleled access to all of the data flowing out of a device. This included access to some of the users’ most sensitive network data. Facebook paid users — including teenagers — $20 per month to install the app. But it wasn’t clear exactly what kind of data was being vacuumed up, or for what reason.

It turns out that the app was a repackaged app that was effectively banned from Apple’s App Store last year for collecting too much data on users. Apple was angry that Facebook was misusing its special-issue enterprise certificates to push an app it already banned, and revoked it — rendering the app unable to open. But Facebook was using that same certificate to sign its other employee-only apps, effectively knocking them offline until Apple re-issued the certificate. Then, it turned out Google was doing almost exactly the same thing with its Screenwise app, and Apple’s ban-hammer fell again.

What’s the controversy over these enterprise certificates and what can they do?

If you want to develop Apple apps, you have to abide by its rules — and Apple expressly makes companies agree to its terms. A key rule is that Apple doesn’t allow app developers to bypass the App Store, where every app is vetted to ensure it’s as secure as it can be. It does, however, grant exceptions for enterprise developers, such as to companies that want to build apps that are only used internally by employees. Facebook and Google in this case signed up to be enterprise developers and agreed to Apple’s developer terms. Each Apple-issued certificate grants companies permission to distribute apps they develop internally — including pre-release versions of the apps they make, for testing purposes. But these certificates aren’t allowed to be used for ordinary consumers, as they have to download apps through the App Store.

What’s a “root” certificate, and why is its access a big deal?

Because Facebook’s Research and Google’s Screenwise apps were distributed outside of Apple’s App Store, it required users to manually install the app — known as sideloading. That requires users to go through a convoluted few steps of downloading the app itself, and opening and trusting either Facebook or Google’s enterprise developer code-signing certificate, which is what allows the app to run. Both companies required users after the app installed to agree to an additional configuration step — known as a VPN configuration profile — allowing all of the data flowing out of that user’s phone to funnel down a special tunnel that directs it all to either Facebook or Google, depending on which app you installed.

This is where the Facebook and Google cases differ.

Google’s app collected data and sent it off to Google for research purposes, but couldn’t access encrypted data — such as the content of any network traffic protected by HTTPS, as most apps in the App Store and internet websites are. Facebook, however, went far further. Its users were asked to go through an additional step to trust an additional type of certificate at the “root” level of the phone.

Trusting this Facebook Research root certificate authority allowed the social media giant to look at all of the encrypted traffic flowing out of the device — essentially what we call a “man-in-the-middle” attack. That allowed Facebook to sift through your messages, your emails and any other bit of data that leaves your phone. Only apps that use certificate pinning — which reject any certificate that isn’t its own — were protected, such as iMessage, Signal and additionally any other end-to-end encrypted solutions.Facebook’s Research app requires Root Certificate access, which Facebook gather almost any piece of data transmitted by youone.Google’s app might not have been able to look at encrypted traffic, but the company still flouted the rules — and had its separate enterprise developer code-signing certificate revoked anyway.

What data did Facebook have access to on iOS?

It’s hard to know for sure, but it definitely had access to more data than Google. Facebook said its app was to help it “understand how people use their mobile devices.” In reality, at root traffic level, Facebook could have accessed any kind of data that left your phone.

Will Strafach, a security expert with whom we spoke for our story, said: “If Facebook makes full use of the level of access they are given by asking users to install the certificate, they will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed.” Remember: this isn’t “root” access to your phone, like jailbreaking, but root access to the network traffic.

How does this compare to the technical ways other market research programs work?

In fairness, these aren’t market research apps unique to Facebook or Google. Several other companies, like Nielsen and comScore, run similar programs, but neither ask users to install a VPN or provide root access to the network. In any case, Facebook already has a lot of your data — as does Google. Even if the companies only wanted to look at your data in aggregate with other people, it can still hone in on who you talk to, when, for how long and, in some cases, what about. It might not have been such an explosive scandal had Facebook not spent the last year cleaning up after several security and privacy breaches.

Can they capture the data of people the phone owner interacts with?

In both cases, yes. In Google’s case, any unencrypted data that involves another person’s data could have been collected. In Facebook’s case, it goes far further — any data of yours that interacts with another person, such as an email or a message, could have been collected by Facebook’s app.

How many people did this affect?

It’s hard to know for sure. Neither Google nor Facebook have said how many users they have. Between them, it’s believed to be in the thousands. As for the employees affected by the app outages, Facebook has more than 35,000 employees and Google has more than 94,000 employees.

Why did internal apps at Facebook and Google break after Apple revoked the certificates?

You might own your Apple device, but Apple still gets to control what goes on it. Apple can’t control Facebook’s root certificates, but it can control the enterprise certificates it issues. After Facebook was caught out, Apple said: “Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

That meant any app that relied on Facebook’s enterprise certificate — including inside the company — would fail to load. That’s not just pre-release builds of Facebook, Instagram and WhatsApp that staff were working on, but reportedly the company’s travel and collaboration apps were down. In Google’s case, even its catering and lunch menu apps were down. Facebook’s internal apps were down for about a day, while Google’s internal apps were down for a few hours. None of Facebook or Google’s consumer services were affected, however.

How are people viewing Apple in all this?

Nobody seems thrilled with Facebook or Google at the moment, but not many are happy with Apple, either. Even though Apple sells hardware and doesn’t use your data to profile you or serve you ads — like Facebook and Google do — some are uncomfortable with how much power Apple has over the customers — and enterprises — that use its devices. In revoking Facebook and Google’s enterprise certificates and causing downtime, it has a knock-on effect internally.

Is this legal in the U.S.? What about in Europe with GDPR?

Well, it’s not illegal — at least in the U.S. Facebook says it gained consent from its users. The company even said its teenage users must obtain parental consent, even though it was easily skippable and no verification checks were made. It wasn’t even explicitly clear that the children who “consented” really understood how much privacy they were really handing over.

That could lead to major regulatory headaches down the line. “If it turns out that European teens have been participating in the research effort Facebook could face another barrage of complaints under the bloc’s General Data Protection Regulation (GDPR) — and the prospect of substantial fines if any local agencies determine it failed to live up to consent and ‘privacy by design’ requirements baked into the bloc’s privacy regime,” wrote TechCrunch’s Natasha Lomas.

Who else has been misusing certificates?

Don’t think that Facebook and Google are alone in this. It turns out that a lot of companies might be flouting the rules, too.According to many finding companies on social media, Sonos uses enterprise certificates for its beta program, as does finance app Binance, as well as DoorDash for its fleet of contractors. It’s not known if Apple will also revoke their enterprise certificates.

What next?

It’s anybody’s guess, but don’t expect this situation to die down any time soon. Facebook may face repercussions with Europe, as well as at home. Two U.S. senators, Mark Warner and Richard Blumenthal, have already called for action, accusing Facebook of “wiretapping teens.” The Federal Trade Commission may also investigate, if Blumenthal gets his way.

Article Produced By
Zack Whittaker


Security editor

Zack Whittaker is the security editor at TechCrunch.

https://techcrunch.com/2019/02/01/facebook-google-scandal/

TP

Facebook pays teens to install VPN that spies on them

Facebook pays teens to install VPN that spies on them

             

Desperate for data on its competitors,

Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms.

Since 2016, Facebook has been paying users ages 13 to 35 up to $20 per month plus referral fees to sell their privacy by installing the iOS or Android “Facebook Research” app. Facebook even asked users to screenshot their Amazon order history page. The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.

Seven hours after this story was published, Facebook told TechCrunch it would shut down the iOS version of its Research app in the wake of our report. But on Wednesday morning, an Apple spokesperson confirmed that Facebook violated its policies, and it had blocked Facebook’s Research app on Tuesday before the social network seemingly pulled it voluntarily (without mentioning it was forced to do so). You can read our full report on the development here. An Apple spokesperson provided this statement. “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

Facebook’s Research app requires users to ‘Trust’ it with extensive access to their dataWe asked Guardian Mobile Firewall’s security expert Will Strafach to dig into the Facebook Research app, and he told us that “If Facebook makes full use of the level of access they are given by asking users to install the Certificate, they will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed.” It’s unclear exactly what data Facebook is concerned with, but it gets nearly limitless access to a user’s device once they install the app.

The strategy shows how far Facebook is willing to go and how much it’s willing to pay to protect its dominance — even at the risk of breaking the rules of Apple’s iOS platform on which it depends. Apple may have asked Facebook to discontinue distributing its Research app.

A more stringent punishment would be to revoke Facebook’s permission to offer employee-only apps. The situation could further chill relations between the tech giants. Apple’s Tim Cook has repeatedly criticized Facebook’s data collection practices. Facebook disobeying iOS policies to slurp up more information could become a new talking point. “The fairly technical sounding ‘install our Root Certificate’ step is appalling,” Strafach tells us. “This hands Facebook continuous access to the most sensitive data about you, and most users are going to be unable to reasonably consent to this regardless of any agreement they sign, because there is no good way to articulate just how much power is handed to Facebook when you do this.”

Facebook’s surveillance app

Facebook first got into the data-sniffing business when it acquired Onavo for around $120 million in 2014. The VPN app helped users track and minimize their mobile data plan usage, but also gave Facebook deep analytics about what other apps they were using. Internal documents acquired by Charlie Warzel and Ryan Mac of BuzzFeed News reveal that Facebook was able to leverage Onavo to learn that WhatsApp was sending more than twice as many messages per day as Facebook Messenger. Onavo allowed Facebook to spot WhatsApp’s meteoric rise and justify paying $19 billion to buy the chat startup in 2014. WhatsApp has since tripled its user base, demonstrating the power of Onavo’s foresight.

Over the years since, Onavo clued Facebook in to what apps to copy, features to build and flops to avoid. By 2018, Facebook was promoting the Onavo app in a Protect bookmark of the main Facebook app in hopes of scoring more users to snoop on. Facebook also launched the Onavo Bolt app that let you lock apps behind a passcode or fingerprint while it surveils you, but Facebook shut down the app the day it was discovered following privacy criticism. Onavo’s main app remains available on Google Play and has been installed more than 10 million times.

The backlash heated up after security expert Strafach detailed in March how Onavo Protect was reporting to Facebook when a user’s screen was on or off, and its Wi-Fi and cellular data usage in bytes even when the VPN was turned off. In June, Apple updated its developer policies to ban collecting data about usage of other apps or data that’s not necessary for an app to function. Apple proceeded to inform Facebook in August that Onavo Protect violated those data collection policies and that the social network needed to remove it from the App Store, which it did, Deepa Seetharaman of the WSJ reported. But that didn’t stop Facebook’s data collection.

Project Atlas

TechCrunch recently received a tip that despite Onavo Protect being banished by Apple, Facebook was paying users to sideload a similar VPN app under the Facebook Research moniker from outside of the App Store. We investigated, and learned Facebook was working with three app beta testing services to distribute the Facebook Research app: BetaBound, uTest and Applause. Facebook began distributing the Research VPN app in 2016. It has been referred to as Project Atlas since at least mid-2018, around when backlash to Onavo Protect magnified and Apple instituted its new rules that prohibited Onavo. Previously, a similar program was called Project Kodiak. Facebook didn’t want to stop collecting data on people’s phone usage and so the Research program continued, in disregard for Apple banning Onavo Protect.

Ads (shown below) for the program run by uTest on Instagram and Snapchat sought teens 13-17 years old for a “paid social media research study.” The sign-up page for the Facebook Research program administered by Applause doesn’t mention Facebook, but seeks users “Age: 13-35 (parental consent required for ages 13-17).” If minors try to sign-up, they’re asked to get their parents’ permission with a form that reveal’s Facebook’s involvement and says “There are no known risks associated with the project, however you acknowledge that the inherent nature of the project involves the tracking of personal information via your child’s use of apps. You will be compensated by Applause for your child’s participation.” For kids short on cash, the payments could coerce them to sell their privacy to Facebook.

“By installing the software, you’re giving our client permission to collect data from your phone that will help them understand how you browse the internet, and how you use the features in the apps you’ve installed . . . This means you’re letting our client collect information such as which apps are on your phone, how and when you use them, data about your activities and content within those apps, as well as how other people interact with you or your content within those apps. You are also letting our client collect information about your internet browsing activity (including the websites you visit and data that is exchanged between your device and those websites) and your use of other online services. There are some instances when our client will collect this information even where the app uses encryption, or from within secure browser sessions.”

Meanwhile, the BetaBound sign-up page with a URL ending in “Atlas” explains that “For $20 per month (via e-gift cards), you will install an app on your phone and let it run in the background.” It also offers $20 per friend you refer. That site also doesn’t initially mention Facebook, but the instruction manual for installing Facebook Research reveals the company’s involvement.

Facebook seems to have purposefully avoided TestFlight, Apple’s official beta testing system, which requires apps to be reviewed by Apple and is limited to 10,000 participants. Instead, the instruction manual reveals that users download the app from r.facebook-program.com and are told to install an Enterprise Developer Certificate and VPN and “Trust” Facebook with root access to the data their phone transmits. Apple requires that developers agree to only use this certificate system for distributing internal corporate apps to their own employees. Randomly recruiting testers and paying them a monthly fee appears to violate the spirit of that rule. Once installed, users just had to keep the VPN running and sending data to Facebook to get paid. The Applause-administered program requested that users screenshot their Amazon orders page. This data could potentially help Facebook tie browsing habits and usage of other apps with purchase preferences and behavior. That information could be harnessed to pinpoint ad targeting and understand which types of users buy what.

TechCrunch commissioned Strafach to analyze the Facebook Research app and find out where it was sending data. He confirmed that data is routed to “vpn-sjc1.v.facebook-program.com” that is associated with Onavo’s IP address, and that the facebook-program.com domain is registered to Facebook, according to MarkMonitor. The app can update itself without interacting with the App Store, and is linked to the email address PeopleJourney@fb.com. He also discovered that the Enterprise Certificate first acquired in 2016 indicates Facebook renewed it on June 27th, 2018 — weeks after Apple announced its new rules that prohibited the similar Onavo Protect app.

“It is tricky to know what data Facebook is actually saving (without access to their servers). The only information that is knowable here is what access Facebook is capable of based on the code in the app. And it paints a very worrisome picture,” Strafach explains. “They might respond and claim to only actually retain/save very specific limited data, and that could be true, it really boils down to how much you trust Facebook’s word on it. The most charitable narrative of this situation would be that Facebook did not think too hard about the level of access they were granting to themselves . . . which is a startling level of carelessness in itself if that is the case.”

“Flagrant defiance of Apple’s rules”

In response to TechCrunch’s inquiry, a Facebook spokesperson confirmed it’s running the program to learn how people use their phones and other services. The spokesperson told us “Like many companies, we invite people to participate in research that helps us identify things we can be doing better. Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate. We don’t share this information with others and people can stop participating at any time.”

Facebook’s spokesperson claimed that the Facebook Research app was in line with Apple’s Enterprise Certificate program, but didn’t explain how in the face of evidence to the contrary. They said Facebook first launched its Research app program in 2016. They tried to liken the program to a focus group and said Nielsen and comScore run similar programs, yet neither of those ask people to install a VPN or provide root access to the network. The spokesperson confirmed the Facebook Research program does recruit teens but also other age groups from around the world. They claimed that Onavo and Facebook Research are separate programs, but admitted the same team supports both as an explanation for why their code was so similar.

However, Facebook’s claim that it doesn’t violate Apple’s Enterprise Certificate policy is directly contradicted by the terms of that policy. Those include that developers “Distribute Provisioning Profiles only to Your Employees and only in conjunction with Your Internal Use Applications for the purpose of developing and testing”. The policy also states that “You may not use, distribute or otherwise make Your Internal Use Applications available to Your Customers” unless under direct supervision of employees or on company premises. Given Facebook’s customers are using the Enterprise Certificate-powered app without supervision, it appears Facebook is in violation.

Seven hours after this report was first published, Facebook updated its position and told TechCrunch that it would shut down the iOS Research app. Facebook noted that the Research app was started in 2016 and was therefore not a replacement for Onavo Protect. However, they do share similar code and could be seen as twins running in parallel. A Facebook spokesperson also provided this additional statement:

“Key facts about this market research program are being ignored. Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms.”

Facebook did not publicly promote the Research VPN itself and used intermediaries that often didn’t disclose Facebook’s involvement until users had begun the signup process. While users were given clear instructions and warnings, the program never stresses nor mentions the full extent of the data Facebook can collect through the VPN. A small fraction of the users paid may have been teens, but we stand by the newsworthiness of its choice not to exclude minors from this data collection initiative.

Facebook disobeying Apple so directly and then pulling the app could hurt their relationship. “The code in this iOS app strongly indicates that it is simply a poorly re-branded build of the banned Onavo app, now using an Enterprise Certificate owned by Facebook in direct violation of Apple’s rules, allowing Facebook to distribute this app without Apple review to as many users as they want,” Strafach tells us. ONV prefixes and mentions of graph.onavo.com, “onavoApp://” and “onavoProtect://” custom URL schemes litter the app. “This is an egregious violation on many fronts, and I hope that Apple will act expeditiously in revoking the signing certificate to render the app inoperable.”

Facebook is particularly interested in what teens do on their phones as the demographic has increasingly abandoned the social network in favor of Snapchat, YouTube and Facebook’s acquisition Instagram. Insights into how popular with teens is Chinese video music app TikTok and meme sharing led Facebook to launch a clone called Lasso and begin developing a meme-browsing feature called LOL, TechCrunch first reported. But Facebook’s desire for data about teens riles critics at a time when the company has been battered in the press. Analysts on tomorrow’s Facebook earnings call should inquire about what other ways the company has to collect competitive intelligence now that it’s ceased to run the Research program on iOS.

Last year when Tim Cook was asked what he’d do in Mark Zuckerberg’s position in the wake of the Cambridge Analytica scandal, he said “I wouldn’t be in this situation . . . The truth is we could make a ton of money if we monetized our customer, if our customer was our product. We’ve elected not to do that.” Zuckerberg told Ezra Klein that he felt Cook’s comment was “extremely glib.” Now it’s clear that even after Apple’s warnings and the removal of Onavo Protect, Facebook was still aggressively collecting data on its competitors via Apple’s iOS platform. “I have never seen such open and flagrant defiance of Apple’s rules by an App Store developer,” Strafach concluded. Now that Facebook has ceased the program on iOS and its Android future is uncertain, it may either have to invent new ways to surveil our behavior amidst a climate of privacy scrutiny, or be left in the dark.

Article Produced By
Josh Constine

Editor-At-Large

Josh Constine is a technology journalist who specializes in deep analysis of social products. He is currently an Editor-At-Large for TechCrunch and is available for speaking engagements. Previously, Constine was the Lead Writer of Inside Facebook through its acquisition by WebMediaBrands, covering everything about the social network. Constine graduated from Stanford University in 2009 with a Master's degree in Cybersociology, examining the influence of technology on social interaction. He researched the impact of privacy controls on the socialization of children, meme popularity cycles, and what influences the click through rate of links posted to Twitter. Constine also received a Bachelor of Arts degree with honors from Stanford University in 2007, with a concentration in Social Psychology & Interpersonal Processes.

Josh Constine is an experienced public speaker, and has moderated over 120 on-stage interviews in 15 countries with leaders including Facebook CEO Mark Zuckerberg, whistleblower Edward Snowden (via on-stage video conference), and U.S. Senator Cory Booker. He is available to moderate panels and fireside chats, deliver keynotes, and judge hackathon and pitch competitions. Constine has been quoted by The Wall Street Journal, CNN Money, The Atlantic, BBC World Magazine, Slate, and more, plus has been featured on television on Good Morning, America, The Today Show, China Central Television, and Fox News. Constine is ranked as the #1 most cited tech journalist on prestigious news aggregator Techmeme.

[Disclosures: Josh Constine temporarily advised a college friend's social location-sharing startup codenamed 'Signal' that was based in San Francisco before dissolving in 2015. This advising role was cleared with AOL and TechCrunch's editors and has concluded. Constine's fiancée Andee Gardiner co-founded startup accelerator Founders Embassy. Constine's cousin Darren Lachtman is the founder of influencer advertising startup Niche that was acquired by Twitter, and he's since left and founded teen content studio Brat. Constine does not write about Founders Embassy or Brat. Constine has personal acquaintances stemming from college housing circa 2007 with founders at Skybox Imaging (now Terra Bella), Hustle, Snapchat, and Robinhood, but does not maintain close social ties with them nor does that influence his writing. Constine occasionally does paid speaking engagements at conferences, but only those funded by companies he does not cover. Constine owns a small position in Ethereum and Bitcoin cryptocurrencies, does not day-trade, and discloses his positions directly in articles where appropriate. Constine does not do consulting, angel investing, or public stock trading beyond public stock invesments by his parents' estate that he has no role in managing or advising.]

https://techcrunch.com/2019/01/29/facebook-project-at las/

TP

Apple bans Facebook’s Research app that paid users for data

Apple bans Facebook’s Research app that paid users for data

  

In the wake of TechCrunch’s investigation yesterday,

Apple blocked Facebook’s Research VPN app before the social network could voluntarily shut it down. The Research app asked users for root network access to all data passing through their phone in exchange for $20 per month. Apple tells TechCrunch that yesterday evening it revoked the Enterprise Certificate that allows Facebook to distribute the Research app without going through the App Store.

TechCrunch had reported that Facebook was breaking Apple’s policy that the Enterprise system is only for distributing internal corporate apps to employees, not paid external testers. That was actually before Facebook released a statement last night saying that it had shut down the iOS version of the Research program without mentioning that it was forced by Apple to do so.

TechCrunch’s investigation discovered that Facebook has been quietly operated the Research program on iOS and Android since 2016, recently under the name Project Atlas. It recruited 13 to 35 year olds, 5 percent of which were teenagers, with ads on Instagram and Snapchat and paid them a monthly fee plus referral bonuses to install Facebook’s Research app, the included VPN app that routes traffic to Facebook, and to ‘Trust’ the company with root network access to their phone. That lets Facebook pull in a user’s web browsing activity, what apps are on their phone and how they use them, and even decrypt their encrypted traffic. Facebook went so far as to ask users to screenshot and submit their Amazon order history. Facebook uses all this data to track competitors, assess trends, and plan its product roadmap.

Facebook was forced to remove its similar Onavo Protect app in August last year after Apple changed its policies to prohibit the VPN app’s data collection practices. But Facebook never shut down the Research app with the same functionality it was running in parallel. In fact, TechCrunch commissioned security expert Will Strafach to dig into the Facebook Research app, and we found that it featured tons of similar code and references to Onavo Protect. That means Facebook was purposefully disobeying the spirit of Apple’s 2018 privacy policy change while also abusing the Enterprise Certificate program.

Sources tell us that Apple revoking Facebook’s Enterprise Certificate has broken all of the company’s legitimate employee-only apps. Those include pre-launch internal-testing versions of Facebook and Instagram, as well as the employee apps for coordinating office collaboration, commutes, seeing the day’s lunch schedule, and more. That’s causing mayhem at Facebook, disrupting their daily work flow and ability to do product development. We predicted yesterday that Apple could take this drastic step to punish Facebook much harder than just removing its Research app. The disruption will translate into a huge loss of productivity for Facebook’s 33,000 employees.

For reference, Facebook’s main iOS app still functions normally. Also, you can’t get paid for installing Onavo Protect on Android, only for the Facebook Research app. And Facebook isn’t the only one violating Apple’s Enterprise Certificate policy, as TechCrunch discovered Google’s Screenwise Meter surveillance app breaks the rules too. This morning, Apple informed us it had banned Facebook’s Research app yesterday before the social network seemingly pulled it voluntarily. Apple provided us with this strongly worded statement condemning the social network’s behavior:

“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

That comes in direct contradiction to Facebook’s initial response to our investigation. Facebook claimed it was in alignment with Apple’s Enterprise Certificate policy and that the program was no different than a focus group. Seven hours later, a Facebook spokesperson said it was pulling its Research program from iOS without mentioning that Apple forced it to do so, and issued this statement disputing the characterization of our story:

“Key facts about this market research program are being ignored. Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms.”

We refute those accusations by Facebook. As we wrote yesterday night, Facebook did not publicly promote the Research VPN itself and used intermediaries that often didn’t disclose Facebook’s involvement until users had begun the signup process. While users were given clear instructions and warnings, the program never stresses nor mentions the full extent of the data Facebook can collect through the VPN. A small fraction of the users paid may have been teens, but we stand by the newsworthiness of its choice not to exclude minors from this data collection initiative.

Senator Mark Warner has since called on Facebook CEO Mark Zuckerberg to support legislation requiring individual informed consent for market research initiatives like Facebook Research. Meanwhile, Senator Richard Blumenthal issued a fierce statement that “Wiretapping teens is not research, and it should never be permissible.”

The situation will surely worsen the relationship between Facebook and Apple after years of mounting animosity between the tech giants. Apple’s Tim Cook has repeatedly criticized Facebook’s data collection practices, and Zuckerberg has countered that it offers products for free for everyone rather than making products few can afford like Apple. Flared tensions could see Facebook receive less promotion in the App Store, fewer integrations into iOS, and more jabs from Cook. Meanwhile, the world sees Facebook as having been caught red-handed threatening user privacy and breaking Apple policy.

Article Produced By
Josh Constine

Editor-At-Large

Josh Constine is a technology journalist who specializes in deep analysis of social products. He is currently an Editor-At-Large for TechCrunch and is available for speaking engagements. Previously, Constine was the Lead Writer of Inside Facebook through its acquisition by WebMediaBrands, covering everything about the social network. Constine graduated from Stanford University in 2009 with a Master's degree in Cybersociology, examining the influence of technology on social interaction. He researched the impact of privacy controls on the socialization of children, meme popularity cycles, and what influences the click through rate of links posted to Twitter.

Constine also received a Bachelor of Arts degree with honors from Stanford University in 2007, with a concentration in Social Psychology & Interpersonal Processes. Josh Constine is an experienced public speaker, and has moderated over 120 on-stage interviews in 15 countries with leaders including Facebook CEO Mark Zuckerberg, whistleblower Edward Snowden (via on-stage video conference), and U.S. Senator Cory Booker. He is available to moderate panels and fireside chats, deliver keynotes, and judge hackathon and pitch competitions. Constine has been quoted by The Wall Street Journal, CNN Money, The Atlantic, BBC World Magazine, Slate, and more, plus has been featured on television on Good Morning, America, The Today Show, China Central Television, and Fox News. Constine is ranked as the #1 most cited tech journalist on prestigious news aggregator Techmeme.

[Disclosures: Josh Constine temporarily advised a college friend's social location-sharing startup codenamed 'Signal' that was based in San Francisco before dissolving in 2015. This advising role was cleared with AOL and TechCrunch's editors and has concluded. Constine's fiancée Andee Gardiner co-founded startup accelerator Founders Embassy. Constine's cousin Darren Lachtman is the founder of influencer advertising startup Niche that was acquired by Twitter, and he's since left and founded teen content studio Brat. Constine does not write about Founders Embassy or Brat. Constine has personal acquaintances stemming from college housing circa 2007 with founders at Skybox Imaging (now Terra Bella), Hustle, Snapchat, and Robinhood, but does not maintain close social ties with them nor does that influence his writing. Constine occasionally does paid speaking engagements at conferences, but only those funded by companies he does not cover. Constine owns a small position in Ethereum and Bitcoin cryptocurrencies, does not day-trade, and discloses his positions directly in articles where appropriate. Constine does not do consulting, angel investing, or public stock trading beyond public stock invesments by his parents' estate that he has no role in managing or advising.]

https://techcrunch.com/2019/01/30/apple-bans-facebook-vpn/

TP

Facebook may proactively close Pages and Groups before they’re in violation of policy

Facebook may proactively close Pages and Groups before they’re in violation of policy

Facebook today announced changes

to the way it handles the removal of content from Facebook Pages that’s in violation of the social network’s Community Standards, as well as when the Page has posted items that are rated false by a third-party fact-checking service. It says it will also make it harder for those whose Pages have been shut down for violations to return with new Pages featuring the same, duplicated content by proactively banned other Pages and Groups, in some cases.

To address the first two issues, Facebook says it’s introducing a new tab on Facebook Pages — the “Page Quality” tab — which will inform those who manage the Page which content has been removed for violating standards and what was rated “fake news.” The section will explain if content was removed for being “hate speech, graphic violence, harassment and bullying, and regulated goods, nudity or sexual activity,” or being “support or praise” of people and events that are not allowed to be on Facebook, the company explained today in a blog post detailing the upcoming changes.

The “people or events” not allowed on Facebook are those associated with real-world harm. This could include people associated with hate groups, terrorist activity, mass or serial murder, human trafficking or organized crime or violence. Facebook also removes any content that expresses praise or support for those involved in such activities. The tab will also inform Page managers which content may have been demoted by Facebook algorithms, if not removed entirely. This includes content that has been found to be false news by independent fact-checking organizations. Facebook began taking action against clickbait several years ago, then later began to flag and down-rank fake news, as that essentially became the new clickbait.

But those who distributed fake news headlines weren’t necessarily aware that their content’s distribution was being reduced as a result. This tab will now inform them. Facebook says it will identify several types of down-ranked news items, including content recently rated “False,” “Mixture” or “False Headline” by third-party fact-checkers. However, it won’t actually show those items it deemed “clickbait,” or those that it removed for being spam or due to an IP violation.

In other words, the new Page Quality tab isn’t a full window into everything being removed or down-ranked, only those areas that are today of utmost importance to Facebook to get under control. (Facebook disputes this characterization: “There’s not necessarily a direct connection between what we can currently share in the tab and overall harm/priority,” it tells us. “All of our policies within our Community Standards are important to us in our efforts to keep our community safe.” The company also says that it will add more policy violation types to this area in time.)

“We hope this will give people the information they need to police bad behavior from fellow Page managers, better understand our Community Standards, and, let us know if we’ve made an incorrect decision on content they posted,” the company explained in its announcement.

Proactive bans

Related to this, Facebook says it’s seen an increase in people using their existing Pages to duplicate the content that had been pulled down from Pages that were banned for violating Facebook’s Community Standards. While it had policies that prohibited people from creating new Pages (or groups, events, accounts, etc.) for this purpose, it hadn’t been proactively policing the use of existing Pages — and that, effectively, became a loophole for the violators to abuse. Now, Facebook says when it removes a Page or Group for policy violations, it may also remove other Pages and Groups — even if the other Pages and Groups haven’t “met the threshold to be unpublished on its own.”

In other words, if Facebook believes the other Pages and Groups will be used as the new home for the content found to be in violation, it will proactively remove them… before they actually do so. (That’s likely to cause some debate.) Facebook says it will make this determination based on a broad range of factors — like if the other Pages or Groups have the same admins or a use similar name, for example. The new “Page Quality” tab will launch tomorrow, while the proactive removals will begin in the weeks ahead.

Article Produced By
Sarah Perez

Writer

Sarah currently works as a writer for TechCrunch, after having previously spent over three years at ReadWriteWeb. Prior to her work as a reporter, Sarah worked in I.T. across a number of industries, including banking, retail and software.

https://techcrunch.com/2019/01/23/facebook-may-proactively-close-pages-and-groups-before-theyre-in-violation-of-policy/

TP

Not Too Big to Fail: Why Facebook’s Long Reign May Be Coming to an End

Not Too Big to Fail: Why Facebook's Long Reign May Be Coming to an End

Sears and Blockbuster fell because neither was able to adapt and grow with its consumer base. Is Facebook making the same mistakes?

  

Over the last several years,
Facebook has gone from facilitating the free flow of information

to inhibiting it through incremental censorship and account purges. What began with the ban of Alex Jones last summer has since escalated to include the expulsion of hundreds of additional pages, each political in nature. And as more people become wary of the social media platform’s motives, one thing is absolutely certain: we need more market competition in the realm of social media.

Facebook might seem too big to fail, but rest assured it is not. Unless it is protected by a government monopoly, every single product and service is vulnerable to market forces, even those considered too powerful. Just a few weeks ago, the once-mighty Sears announced its plans to file for bankruptcy and close 142 of its department store locations. It also wasn't so long ago when Blockbuster Video, a staple of weekend fun in the 90s, announced its closure, as well. These institutions were at the top of their games at one point but were each unable to satisfy their customers as they once did. And both were inevitably replaced by better services like Amazon Prime and Netflix.

Facebook might seem different from other traditional market entities since it technically doesn’t sell anything to the bulk of its users. But just like Sears and Blockbuster, its success relies on its ability to attract and maintain its customers. And in the wake of the recent purges—and its recent security breaches—it is quite possible that, like Myspace and Friendster, Facebook is not long for this world.

The Situation

When it was announced that Facebook, YouTube, iTunes, and eventually Twitter had banned the accounts associated with Alex Jones, it elicited mixed reactions from the public. On one hand, Alex Jones is infamously known for building his career on being an instigator and a “troll,” rendering him an unsympathetic character to most of the American public. On the other hand, the sweeping ban of Jones was concerning as it threatened the future of independent media. After all, if this could happen to Jones, who would be next? To be sure, Facebook is privately owned and is allowed to curate its own content as it sees fit. However, just because someone can do something doesn’t necessarily mean that they should.

To be sure, Facebook is privately owned and is allowed to curate its own content as it sees fit. However, just because someone can do something doesn’t necessarily mean that they should. And it most certainly doesn’t mean that, as users of this platform, we should not voice our concerns. As the summer droned on, independent media held its breath waiting to see how the “Jones” decision would impact their own accounts.  A few weeks ago, the situation escalated when Facebook went one step further and announced it would be deleting nearly 800 pages it said violated its terms of service. Specifically, these pages were accused of “spamming” users, though Facebook’s use of the word was not clearly defined.

However, the fact remains that many of the deleted pages were right-leaning and libertarian, leading many to assume that these purges were politically motivated. And given the prior accusations made against Facebook in regards to suppressing conservative-leaning links and news stories, these assumptions did not seem off-base even if Zuckerberg claimed that content was not a contributing factor.

Carey Wedler, editor-in-chief of Anti-Media, an independent news platform that just had its page deleted by Facebook, told FEE:

According to Facebook, we were not suspended for our content but for “spamming” and using “misleading” practices, but these are tactics we have never employed, and other large pages that employ posting strategies like ours, such as Occupy Democrats (also known to share fake news), were not removed. Curiously, in July, Facebook assigned us a representative to help us manage our page. They also gave us $500 in free advertising to boost our content in September, and these actions seem to imply they had no issues with either our content or our practices.

Even though the purge’s proximity to the approaching midterm elections appears suspect, Facebook maintains that its decision to delete these accounts was purely the result of spam violations and not because of the actual page content. This allowed Zuckerberg to hold firm to his claims that Facebook was not practicing censorship but was instead just enforcing policies that already existed in the user terms of service. However, last week the popular libertarian Facebook account “Liberty Memes” had its page deleted, adding more fuel to the fire. Unlike the previous purge, Liberty Memes was not deleted under the guise of spamming its users like the others. Instead, Facebook openly admitted that the page was being deleted directly because of its content.

In the digital age, it is highly probable that at some point you will come into contact with content you find offensive or untrue. While offensive content can simply be ignored and dismissed, ideally, each individual should be responsible for determining whether or not the information they are exposed to is credible. But with the “fake news” hysteria we are currently experiencing, Facebook has taken it upon itself to protect its users from potentially misleading or even offensive content. And even if these decisions were made in an attempt to appease the many users who would like to see all opposing thought suppressed, this may inevitably come back to haunt the company.

Facebook has not had a great couple of years. In addition to being blamed for both the suppression of conservative links and Trump being elected to office, the popular social media site was also found to have compromised its users’ data on more than one occasion. And while the decision was voluntary, Zuckerberg also found himself testifying in front of Congress just a few months ago. And on the business side of things, market shares have slumped 7.5 percent over the year. In fact, over the past year, Facebook use has also been dwindling, and over 44 percent of young users have admitted to deleting the app off of their phones entirely. In droves, young people are flocking to sites like Snapchat, Instagram, YouTube, and Twitter, instead. And without this younger crowd, Facebook could soon find itself desperate for users.

As written in INC:

Recent findings make it clear that a large number of users have changed their relationship with Facebook over the past year following the company's privacy and security scandals. With ripple effects still being felt over six months after Cambridge Analytica, it's unlikely migration from the app will slow down any time soon.

So, what does this mean for those of us who are dissatisfied with the behavior of Zuckerberg and Facebook? It means the situation is ripe for new platforms to rise up and take its place. And we should be diligently searching for its replacement or replacements.

Voice and Exit

Voting with our dollars is one of the most powerful actions we can take as consumers. While we might not be paying for Facebook memberships, each time we log-on to the site and actively engage with other users, we are voting in favor of the social media company. And for many of us, we feel as though we have no other choice. As a writer, I will be the first to admit that I personally rely on Facebook as a means of sharing my work with others. In fact, the thought of deleting my account fills me with unease and isolation. After all, if I am not on Facebook, how can I stay connected to all my contacts around the globe? And since many of us are so hesitant to leave, Facebook has maintained its power in the social media space. But this can easily change.

In order for the market to work, consumers must diligently vote with their feet and their money in order to prop up the brands and products they prefer. There is a grave misconception that the market process is passive when quite the opposite is true. In order for the market to work, consumers must diligently vote with their feet and their money in order to prop up the brands and products they prefer. If a company does something a consumer is opposed to, the consumer can decide to take their business elsewhere or, in extreme conditions, turn to protests and boycotts as we have seen recently with brands like Nike. Consumers have substantial potential to cause financial harm to these companies, they just have to choose to use this power.

We are living in an era of disruption. Just a few years ago, the potential for Bitcoin and other cryptocurrencies to compete with global currencies seemed unfathomable. And while we are still years away from a full-fledged monetary revolution, crypto has proved itself to be a force to be reckoned with in the finance world. If anyone has any doubt of this, just look at how many governments and Keynesian economists fear its widespread adoption.

In the earlier days of Bitcoin, users were small in number as the network was still in its infancy and needed to grow. But over the last couple of years, more and more users have been flocking to cryptocurrencies after becoming disenchanted with centralized financial institutions. The very same thing could happen to Facebook. And speaking of the world of cryptocurrencies, many of the platform alternatives to Facebook that are popping up are utilizing blockchain technology.

Minds, Telegram, Steemit, Mastadon, and other burgeoning social media companies are looking to blockchain to not only keep private user data safe but also to keep the networks decentralized and safeguarded against the same type of censorship we have seen coming from the authority figures in charge of Facebook. But in order for any of these platforms to take off, they will need early adopters and users willing to build a modern social network that has learned from the errors of its predecessors. Sears and Blockbuster fell because neither was able to adapt and grow with its consumer base. Facebook has routinely gone against the wishes and needs of its users and is just now starting to face the consequences.

As Wedler says:

Just as people across the political spectrum are fed up with the current system, so, too, are social media users frustrated with the major platforms currently dominating the market. In both cases, it seems not only obvious but also vital that instead of simply tolerating the current paradigms, individuals must take tangible action to make their preferences known. With respect to social media, if enough people walk their increasingly dissatisfied talk, there is huge potential to spark an exodus towards platforms that better meet their demands and expectations.

Article Produced By

Brittany Hunter

Brittany is a writer and editor for the Foundation for Economic Education. Additionally, she is a co-host of Beltway Banthas, a podcast that combines Star Wars and politics. Brittany believes that the most effective way to promote individual liberty and free-market economics is by telling timely stories that highlight timeless principles.

TP

BREAKING NEWS: Facebook Uncovers Political Influence Campaign

Facebook Uncovers Political Influence Campaign Ahead of Midterms.

San Francisco (AFP) – Facebook said Tuesday it shut down more than 30 fake pages and accounts involved in what appeared to be a "coordinated" effort to stoke hot-button social issues ahead of November midterm US elections, but cannot identify the source despite hints Russia was involved.

It said the "bad actor" accounts on the world's biggest social network and its photo-sharing site Instagram could not be tied to Russian actors, who US officials say used the platform to spread disinformation ahead of the 2016 presidential election in the United States.

But the tech giant did say "some of the activity is consistent" with that of the Saint Petersburg-based Internet Research Agency (IRA) — the Russian troll farm that managed many false Facebook accounts used to influence the 2016 vote.

"We have found evidence of connections between these accounts and previously identified IRA accounts, but we don't believe the evidence is strong enough at this time to make public attribution to the IRA," Facebook chief security officer Alex Stamos said during a conference call with reporters.

"We can't say for sure if this is the IRA with improved capabilities or a different organization."

The investigation is at an early stage, revealed now because one of the pages being covertly operated was orchestrating a real-world counter-protest to a "Unite the Right" event in Washington, DC, on August 10.

Facebook is sharing information about the pages and accounts with intelligence officials, and planned to notify members of the social network who expressed interest in attending the counter-protest.

Facebook said it is shutting down 32 pages and accounts "engaged in coordinated inauthentic behavior" even though it may never be known for certain what group or country was behind them.

"Attribution is not necessary for us to find and stop this behavior," Stamos said.

– Russian Trolls Eyed –

Facebook has briefed US law enforcement agencies, Congress and other tech companies about its findings.

"Today's disclosure is further evidence that the Kremlin continues to exploit platforms like Facebook to sow division and spread disinformation, and I am glad that Facebook is taking some steps to pinpoint and address this activity," US Senator Mark Warner, the Senate intelligence committee's ranking Democrat, said in a statement.

"I also expect Facebook, along with other platform companies, will continue to identify Russian troll activity and to work with Congress on updating our laws to better protect our democracy in the future."

The company said those behind the campaign had been "more careful to cover their tracks, adding: "We've found evidence of some connections between these accounts and IRA accounts we disabled last year (…) but there are differences too."

Some of the most-followed pages that were shut down included "Resisters" and "Aztlan Warriors."

The "Resisters" page enlisted support from real followers for an August protest in Washington against the far-right "Unite the Right" group.

Stamos confirmed that pages also played into immigration issues with references to the Immigration and Customs Enforcement agency.

Inauthentic pages dating back more than a year organized an array of real world events, all but two of which have taken place, according to Facebook.

The news comes just days after Facebook suffered the worst single-day evaporation of market value for any company, after missing revenue forecasts for the second quarter and offering soft growth projections.

Mark Zuckerberg's firm says the slowdown will come in part due to its new approach to privacy and security — one which helped experts uncover these so-called "bad actors."

"We face determined, well-funded adversaries who will never give up and are constantly changing tactics. It's an arms race and we need to constantly improve too," Facebook said.

"It's why we're investing heavily in more people and better technology to prevent bad actors misusing Facebook — as well as working much more closely with law enforcement and other tech companies to better understand the threats we face."
 

From article:
https://www.yahoo.com/news/facebook-uncovers-political-influence-campaign-ahead-midterms-173305780.html

By Author:
  Glenn CHAPMAN, AFP • July 31, 2018

TP

First Suit Filed re: Facebook’s Stock Plunge

First Suit Over Facebook's Stock Plunge Is Filed in Manhattan Federal Court

The first shareholder suit was filed Friday against Facebook in the Southern District of New York over the erasure of $100 billion in value just one day after the social media giant's stock plunged. The 24-page complaint was filed by Pierce Bainbridge Beck Price & Hecht in New York, on behalf of a proposed class defined as people who bought stock in the social media company from Oct. 1, 2017, through July 26, 2018. Facebook Inc. as well as its founder and CEO, Mark Zuckerberg, Chief Financial Officer David Wehner and Chief Operating Officer Sheryl Sandberg are named defendants.

The plaintiffs' lawyers allege that throughout the months leading up to Thursday, Facebook and its top executives "made materially false and misleading statements regarding Facebook’s business and operations," including its adaptation to the European Union's new GDPR data protection requirements, its platform use and revenue growth. The "decline in Facebook’s Platform use and the increase in costs as a result of complying with the GDPR had a materially adverse effect on Facebook’s financial health, including its revenue and projected growth," the complaint states, with the impact of making statements from the company "materially false and misleading."

On Thursday, after Facebook issued a statement the day before about its second-quarter 2018 results, the company's stock price plummeted from $217.50 per share, its closing price on Wednesday, to $174.97 as markets opened Thursday. By the end of the trading week, the price was $174.89. The plunge wiped out more than $100 billion in stock value. Zuckerberg's and Wehner's statements about the GDPR transition—admitting that the service lost 1 million users in Europe—"had a devastating impact on Facebook's stock price," according to the complaint.

"This is a new age," said name partner John Pierce. "We didn't start working on this until yesterday afternoon after I saw news of the stock drop on Fox News during a break in trial prep. No firm can replicate our speed and lethality." David Hecht, a partner at Pierce Bainbridge, said teams on both coasts worked through the night to develop the complaint. It was filed at roughly 4 p.m. Friday, he said. Hecht said the effort involved 3 a.m. handoffs from East Coast-based attorneys to their West Coast colleagues. "It has really been an incredible ride." In addition to "bragging rights," being first to the courthouse offered some tactical benefit, Hecht said.

"There is an advantage in filing first," Hecht said, particularly in engaging with institutional investors that may be substituted as lead plaintiff in the case. The case is captioned Helms v. Facebook. It was not assigned to a judge by late Friday afternoon. A spokeswoman for Facebook said the company was declining to comment.

 

From article:    ALM Media   July 27, 2018
https://finance.yahoo.com/news/first-suit-over-facebook-apos-110014833.html

TP