Google must be sweating bullets right now. Every single Android app seems to require access to every single thing, and there are hundreds of thousands of them with a significant user base. Some do most certainly misuse the data they collect. Maybe a small percentage, but a small percentage of 100k is still a large number.
Google is in a bit of a different position. The most information that a malicious app on my friend's phone can access about me is what my friend has stored on their phone about me.
Personal things like messaging history and contact information are certainly enough to build a 'social graph', but what Google does not let apps do is access the information that Google stores about me on their servers just because my friend has both my number and a greedy app on their phone.
CA was able to extract a personality profile from just likes.
Imagine what an app could do if they had access to your entire message history! (Why would anyone give apps access to their messages? So that they can send / receive special emoji, for example.)
Well, messaging history is just an example; I'm not actually sure if that is something which apps are allowed to lift, but I figured I'd err on the extreme end.
Either way, discrete and easy-to-digest information like 'likes' are exactly what they wouldn't have access to from Google, and honestly it seems like automated sentiment analyses are still very error-prone; large corpuses of text don't seem ideal for this sort of targeting.
Graphs that connect users are not all the same. For example, it's much more common to follow relatives and people you know in real life on Facebook than on Twitter. (This is one of the reasons Google tried to build Google+: they were worried that not having a real social network would put them at a disadvantage.)
It's all privacy leakage but it's not at all the same data. Facebook's graph is still noisy but it's better or at least different data than other companies have.
Seems to me they could make more fine grained permissions. E.g., I don't like that my javascript disabler Firefox plugin has permissions to 'Access data for all websites', 'Access browser tabs'.
I'm not an Android user, but I feel there's way more data accessible on Android for app developers than many people realize.
Photos (on Android and iOS) contain a wealth of information, and any app having access to photos, can clearly figure out where you have been (based on photo's metadata containing GPS location), what you like to eat (if you take a lot of photos of food), where you like to hangout, time of day/week you do certain activities, purely based on image recognition.
Any wonder why Google Lens is integrated in the Google Photos app?
Add to that, the ability of identifying people from photos (Apple, Facebook and Google do it very well) and you can easily connect the dots, and it'll be hard to escape this kind of data digging, even if you are Jack Reacher.
Even pro-privacy Apple doesn't do much in terms of access to photos on iOS. If I want to share one image on Whatsapp on iOS, I have to give Whatsapp access to Photo Album. And once the access is given, a superficial scan can provide WhatsApp full info of locations from my photos, in a few seconds (even if it is 20 GB of photos).
Privacy on iOS in this aspect is bad. I can only imagine that Android is much worse.
That's simply not true. Apps aren't allowed to access photos without permission on modern Android (6.0+) and you don't need to grant the app full access to photo album just to share an image. Androids intent system always handled these use cases better than iOS did.
the information that Google stores about me on their servers
I've not seen anyone address this, but reading between the lines, many people seem to hold a view that the existence of these finely-grained personal data profiles at this massive scale is fine so long as they exist only on the servers of fb and goog, but why? What makes that acceptable or reasonable, besides the persuasiveness of large amounts of money?
I think the clearest path forward is that no one should be creating these kinds of data profiles.
I don't think a bot learning my route to work, or a doctor's appt(along with a swath of more "monetizable" personal info) so it can alert me to potential traffic delays is a reasonable trade-off for the massive societal problems the behaviour of creating these data profiles poses.
If this data is such a monumental danger when it escapes the permeable confines of the fbs and the googs, then it shouldn't exist within these companies either, not just because as we've seen the confines are quite permeable, but also because the potential for negative use of the data doesn't change depending on who has access to it.
It can be persuasively argued that simply creating and collecting these data profiles is itself a negative use of the data.
I don't think it's acceptable, I just realize that I am powerless to stop it beyond supporting sweeping new regulatory frameworks, which I write to my Congresspeople about but what do you think they're going to do about it?
Nothing. And for now, Google's services are worth the data they collect. Facebook's value proposition is comparatively laughable, which might be why so many people are so upset with the scope of how their data was used.
And don't even get me started on how users, including those who have not signed up for the service, get tracked on massive swaths of 3rd-party sites if they don't take pains to prevent it - that's downright sinister.
It might not be okay but it is different. At least in a technical discussion, we should be able to make distinctions rather than treating all data or all breaches the same.
Different, but not better IMO, since Facebook solved the friend access problem in 2014 but Google apps still have this issue today. Moreover, Facebook can push updates instantly since it's a web API-- I hope Google has some way of changing this without requiring a full OS update.
Also worth considering, Facebook is all about social and preference ("like") data, but live location is something you can get as a mobile app and a lot of stuff can be inferred from where you live/work/visit.
They could extract pictures. In the future, once more devices have AI chips on board and maybe there's an API for seeing what's in the pictures, too, with ML, I could see developers abuse that, and extract all sorts of relevant info from people's phones.
Regardless of how dangerous Android permissions are or aren't, I do agree with the larger point that Google is scared about what will happen to Facebook, because it knows those regulations or even a "privacy revolution" that may come in the wake of this will impact it, too.
It's probably not even just this one event that will hurt Google. This sentiment has been growing over the past few years. If Google hasn't noticed it growing, then they are out of touch. If the anti-privacy trend continues, it will be bad news for Google, Amazon, Microsoft, and even Apple (which seems to be backtracking on some privacy features lately).
I do hope that at the very least the anti-privacy trend pushes companies to limit data gathering and use new privacy-preserving tech that doesn't allow them to look at the data at all. And I hope they do that before it's too late (for them).
The whole recent scandal is based around the fact that the FB API does allow apps to download all kinds of user information, and used to let them download data about their friends.
Not “all kinds”. Users routinely approve the use of their friends list, and in this case, this is what was downloaded and data mined, in addition to user’s own profile information. I know this is too much nuance for a lay person to handle, but I expect more from HN readers.
The scummy part was that the data was obtained using an app that’s unrelated to what the data was eventually used for, but Android is totally ripe for that as well.
"all kinds" isn't exactly a scientifically defined term. Friends list an "profile information" is still very broad.
The additional scummy part was that you could authorize FB to download that data for your friends as well as yourself, so your data might be consumed without you ever being aware of, or giving permission for it. As far as I'm aware Android has no such equivalent.
>> could authorize FB to download that data for your friends
I don’t believe this is true. You could authorize apps to download a very limited amount of info about your friends. If you have a reference to some authoritative source that proves the opposite, do share.
Extraordinary claims demand extraordinary evidence, and all that.
They definitely did. That's a core part of the current controversy, I shouldn't have to dig up the evidence to prove this to you. The docs are on archive.org somewhere, but this TechCrunch article was more easily found, and covers the details:
Did it include information about a user's friends that the user themself didn't have access to? I think one can see one's friend's photos, checkins, and posts, so it makes sense that you would be able to forward that information (not that you should...). I think the grandparent was claiming that you weren't able to share any information about friends that you didn't already have access to.
Google might know a lot about you but they have never exposed that to third party apps. Facebook's data is much more personal. With a user's "Like" stream it's possible to build a surprisingly accurate personality profile.
The worst Android offenders, as always, are the big ad libraries that are installed across a lot of apps. They're able to build a rough personality profile based on the types of apps someone has installed. So they can generally say if a user is into categories like music or politics or comedy. But that problem exists on iOS and the web.
Android has also tightened up its permission model considerably over the last several years.
> Google might know a lot about you but they have never exposed that to third party apps
It depends on what you mean by exposed. In the context of Cow Clicker (or even the CA stuff) the data wasn't really exposed, it was shared. Google shares your private data all the time. Ex 1. Google+ APIs. Ex 2. Android APIs. Ex 3. Gmail API.
Allowing app developers access to information about a user is standard procedure (because otherwise apps would be terrible).
Many of these platforms (Android, Facebook, etc.) have, over time, tightened up the access to this information.
Remember the 2013 Snowden leaks? Google doesn’t have to knowingly expose their info on you, it may happen against their will. Or unknown to them. Even if Google is an altruistic organization, it’s dangerous to have that profile data remote.
I hope that local computing can get strong enough to do the same types of assistant type usefulness through local AI and peer to peer sharing. This will also estimate travel time, recognize appointments, etc etc. Open source to the rescue.
What about platforms like Win32, pre-sandboxing MacOS, non-SE Linux where all apps run with full user privileges and the concept of requiring permissions to access sensitive data doesn't even exist?
You can certainly install malware or something like a toolbar that may do nefarious things.. data and ad profiling are the cost of free it seems. Google could vet the apps but they won’t. I’m sure census demographics and your address are predictive enough for a lot of marketing and business related activities. You can also do the hyper ad targeting based on people who live in X and at what age. So the voter profile of CA may not have been specifically more useful than voter registration and demographics. Using Facebook and YouTube was essential though. That allowed them to optimize the content campaigns with real-time feedback.
Forget about Android apps, I had to grant a Chrome extension access to everything on every website (seemingly the only ACL level for extensions..) so I could get navigate back with backspace...
"Access all data on all websites" isn't the only permission level. However, there are a lot of things extensions do that can only be implemented as hacks within the page the user is viewing, and if you want to run a script in a webpage -- even if it's just `document.addEventListener('keypress', function (e) { if ( e.key == 8 ) history.go(-1) });` -- the browser has to assume it could be reading all the data it wants.
You could argue that "adding a browser keybinding" should be a separate API. You're not wrong (I'd love an extension like this to replace Ctrl+Q with Ctrl+Shift+Q), but browser vendors (at least Mozilla) seem to be very reluctant to add more APIs.
I was going to mention how I've been confused by people having overreactions like "it's just an extension to rewrite 'millenials' to 'snake people', why is it stealing all of my data?", equating the permission to read data from webpages with an implication that it will steal all your data. This never made much sense to me, since it seemed obvious to me that the required permissions for those things would have to be the same. In light of the Cambridge Analytica situation, though, I realize these fears were very well-founded.
Android is a mess, but the really big issue lurking is GSuite OAuth. The "Google Docs" fiasco [1] is proof that for a long time they didn't even prevent impersonation of Google functionality on the platform. The only options for GMail seem to be "access everything" so all the apps do that. It doesn't even seem to be a terms violation to use data for other purposes, I couldn't find that at all for the unenroll.me story. [2]
They do have the technical means to offer more nuanced permissions. Things like "send emails and read replies on email threads it creates" or "access to emails matching this kind of search where new search terms would require a re-auth". It's not a priority though.
In their defense, millions of people were giving away their passwords to a bunch of external apps and the current situation is better than that.
Well, there's nothing stopping my friends from mailing their personal address books to ads companies.
I assume that my name and date of birth are already public domain. They are listed publicly when you register a company. Insurance companies already share that information around anyway.
My issue is when Facebook sells my entire internet browsing history.
I doubt that very much. You also seem to ignore the lack of runtime permissions in desktop OS's such as Windows and Mac OS that could easily do the same thing.
>Every single Android app seems to require access to every single thing
This is a lie. The majority of apps ask for only the runtime permissions they need to work. Regardless, you're still in control of the permissions you grant and if you believe an app is asking for permissions which it shouldn't have then you shouldn't grant it.
Older, incompatible apps still default to asking for permissions at install time. There are two problems with this - first, I suspect most folks won't know that you can go back and turn those off. That's a relatively new feature, and not really something people will explore on their own.
. Second - if it's an app you already installed that has required new permissions, that app can run (via BroadcastReceiver) when it is updated and before you have a chance to alter the fine-grained permissions.
Separately, the interface for managing fine-grained permissions in Android is weird. You get most of them in one place, but then it seems you have to check a couple of other places for 'special' permissions?
edit: never mind this - it seems like the old version is the one that will get notified, and the permission change only applied ot the new one.
This whole scandal is very weird to me. Everybody has known this about Facebook forever. Most people have gotten bit at one time or another with apps that spam their friends or do something else shady. And most people have learned to be wary of Facebook apps.
Not that we shouldn't be outraged. I'm glad we finally have outrage. We should have all been outraged a long time ago.
> Everybody has known this about Facebook forever.
This is not even remotely true, especially when it comes to the general population. I'm not trying to slam you here, I was of same mindset too, since at least 2009 (I stopped using API in 2013 and assumed things were clamped down).
I don't want to be a nag on his, e.g. Mustnt assume everyone knows what you know! Rather, I think this is an advantageous mindset to have. Anything you know in your profession, especially when it comes to tech or data, you can assume plenty of people (including future customers) don't have a damn clue.
I think the point here is that the media has failed in its responsibility to inform. If we knew, they knew, and the reason the public didn't know is because they media didn't turn this into prime time news, the way the Cambridge Analytica story has been positioned. That matters.
Did the media know? The attention being given to the Cambridge Analytica story by the media suggests that this is a new finding to them.
I think one of the societal problems we have right now is an overwhelming lack of tech literacy. It affects the media but also (and more importantly) government. People simply don't understand this stuff, and the problem isn't going to go away, because if you do have tech knowledge you can make far more money as a developer than you can as a journalist or politician.
> Barack Obama's re-election team are building a vast digital data operation that for the first time combines a unified database on millions of Americans with the power of Facebook to target individual voters to a degree never achieved before.
Also
> Consciously or otherwise, the individual volunteer will be injecting all the information they store publicly on their Facebook page – home location, date of birth, interests and, crucially, network of friends – directly into the central Obama database.
> "If you log in with Facebook, now the campaign has connected you with all your relationships," a digital campaign organiser who has worked on behalf of Obama says.
This attention is too close after the moment when fb decided to promote your friends posts instead of media posts.
Media knew about this, reported on it at the time, but since they were making money, they didn't give a shit. Now, since fb switched the news feed algorithm, they are not making that much money anymore and are using whatever means they have to "fix" this. This is not about media caring about the general population, this is about media wanting revenge.
How many people, let's say specifically 18-29-year-old in America, keep up on national and/or world news every day? Consider that just about 100M of 236M eligible voters did NOT bother to vote [0][1]; that is 42% of the eligible electorate who either didn't care at all, or figured that Trump and Hillary were the same, or that it didn't matter to their own lives, or that elections are a sham, or that their own district or state would go a certain way no matter what. But from my own experience, the first of those reasons is the most common; anyone I know who doesn't care about political news (even while they may avidly follow sports news or entertainment news or human-interest news about the latest viral YouTube video) responds to me bringing up politics, whether face-to-face or online, with a comment like "Who cares."
[0] Washington Post: About 100 million people couldn’t be bothered to vote this year
Great privacy is already here...it's just not evenly distributed yet.
I think that sort of statement applies here. Some people have known about what this data can be used for and truly understood the implications of it for a long time. Those people are also the type of people that have stopped using Facebook years ago. Most others are just now starting to realize it.
I think the point is that users had to consent with Facebook. Maybe they didn’t read or understand. Maybe Facebook should directly ad “this will fuck you” to the consent form. But people would still ignore.
My issue is that they’ve always been transparent about collecting and sharing data. They just say it in a friendly way.
There’s a whole episode of South Park with the Eula. And people stil don’t read before clicking.
I think the big shift happening now was about this. People realized they shared there information when THEY played a stupid app game like Candy Crush.
But almost no one realized that there employment history was being shared with the Trump Campagin, because THEIR GRANDMA took a personality quiz to find out "Which Golden Girl She Was Most Like".
And where did we consent to this actually? When I signed up for Facebook 3rd party apps didn't exist. When my friends started installing them, I thought I was protected because I stayed away. I consented to sharing my information with Friends obviously, but with 3rd party apps they install???
I'd really like to see how that language was written, for a condition that didn't even exist yet.
Nerd trying to look non-nerdy: Nerds say this, but ordinary people don't care! So Foo will win, get used to it.
This scandal however, makes it seem more like ordinary people would care, except they don't know about the terribleness of Foo.
Actually I think the it's a confusing mishmash of the two. People don't learn about stuff because they don't care. And its rational not to care about something if there isn't something you can do about it.
But when a scandal like this hits, more people decide to care because "join the bandwagon of protest" becomes a thing you can do. And that makes more people know about it, which make the potential bandwagon bigger, etc.
I have family members who think that fb is the operating system of their ipads, and that google search is the same thing as a URL on a browser. And when you say targeted ads is a problem, they think of focus groups and demographics a la Mad Men, not natural language processing on everything you've ever posted, analysis of every app you've ever used either on your phone or in fb app marketplace, tracking URLs across the web to track non logged in fb users and non users, and social login providing even deeper analysis of your content habits through partnerships with various media companies.
I think people are familiar with the idea of a company taking their own data to advertise to them. But what might be new to people who haven't gone out of their way to know about it is that the data gets shared, sold, and bundled to this extent. If I sign up on a website for email update, they could now know the contents of my facebook messages from 5 years ago. Then they could correlate what I buy with things I mention in messages, and use that to advertise to someone who publicly likes certain things even if they don't have access to that person's messages. That's pretty surprising.
I am all for taking a look at these privacy issues and seeing if we can develop some new regulations to address these concerns but the way the media covers this story is a complete joke. Obama was labeled a political geniuses who was truly in-touch with the young generation when he used the Facebook graph api to micro target ads but when Trump campaign uses the exact same approach to micro target ads it is a despicable act that assisted in "theft" of the election.
EDIT: In an attempt to protect my karma from those who have drunk far to much kool-aid I should point out I did not vote for Trump and I think he is a total clown. I just think the current clickbait/outrage media culture is far more a danger to the american values I cherish then 3 more years of this ass-hat.
You don’t think there’s a difference between people who signed up/registered/interacted with Obama and just buying 50 million records from a personality quiz that was on FB 4+ years before?
The idea that Obama only collected data from people who signed up and registered is total nonsense. See the comments from Obama's media director in the below article or go back and read the news articles on the topic from 2010-2013 back then they did not even pretend like they were only collecting data from people who signed up.
I personally used the OFA Facebook application and the intent is incredibly different. Notably, the folks who authorized the OFA application knew that the data about their friends was being collected. Because that was entirely the point! We were using it to send out requests to our friends to persuade to them to vote/register to vote.
If you'd like a more in-depth explanation, I found this post by the former Chief Scientist of Obama For America campaign (2012) that goes into the key differences between how the data was collected & used compared to Cambridge Analytica: https://medium.com/@rayid/why-what-cambridge-analytica-did-w...
Their friends didn't, though, that's why it's comparable and the intent is irrelevant. A small number of willing users fans out to a massive number of unwitting ones.
I don't think it's a fair comparison, people weren't (or at least, fewer people were) screaming fake news back then. It's not micro-targeting or advertising that has people riled up, it's the way it is being been used.
Exactly my point! People are not upset by "psychometric advertising" they are upset that the other side making use of the technique. If you honestly think both sides don't use the technique to engage in despicable disinformation campaigns you've probably already drank a fatal dose.
The people seemingly screaming "fake news" the most in recent times are the same people vanattab is referring to as being misleading. People have always been screaming something synonomous to "fake news" against the other side.
Hence my first sentence. I am not opposed to topic but I am opposed to the media bending over backwards to pretend like this totally different then what Obama did.
The Obama app was clearly a political campaign app
They did not use fake quizzes to steal user data
they asked supporters to contact their friends explicitly
they did not download friend of friend data surreptitiously
they did not buy or re-sell data in violation of FB's TOS
they did not lie and claim to have deleted it when required
they used user submitted data to build a database of potential supporters and contacted them to encourage them to vote
they did not engage in psychometrics to spread fear and fake news
they did all this domestically with US residents
I'd be shocked, shocked to hear of any companies that didn't take data against Facebook's tos. I did a few Facebook integrations back in those days and none of my employers have one fuck about us violating tos. This wasn't exclusive to Facebook integrations either.
This goes beyond Facebook too. Any service where a TOS can be violated gets violated. Every company I’ve been in has violated some TOS before to access or do things that were not allowed. It’s just the way things are in this industry.
I worked at a large, well-known, consumer tech company on its Facebook integration.
It absolutely did care about the Facebook TOS, had a contract with Facebook about what data could and could not be used and retained, and didn't share Facebook data beyond aggregated demographic information (age, gender, region). We were very careful not to do anything even remotely sketchy with the data.
But this is the sort of company with a brand and something to lose, and a relationship with Facebook.
I implemented some of the TOS requirements at Zynga, and we did a lot of TOS vetting with the legal team. I personally nulled out some fields that TOS changes forbade, and AFAIK Zynga never had any interest in sharing or selling the data.
However Facebook itself seemed willing to expand the TOS to extremes. At one point it was possible to get games that the user's friends were playing; I was amazed at whoever got them to agree to that.
How exactly does one enforce in the code a policy of "you can use the data you've collected for the purpose you stated, but you can't use it for any other purpose, nor share it"?
The news title finally mentioned "brokers."Much have been talked about the ease of collecting and extracting data, I'm wondering when it comes to SELL data, how easy would that be and through what process a developer could find a broker? And at what price? Is there a way to find a list of these brokers?
Would it be difficult for facebook to be aware all data brokers in the market and also at what price point, under what agreement and and estimated transactions volume?
More importantly, can we have a rallying cry to regulate these data brokers? Often they aren’t even attempting to ask users permission, or even notify users of their existence in any way, before harvesting and repackaging data about them.
There's no 'adblock wall' if you have a script blocker such as NoScript, even with scripts from 'theatlantic.com' allowed.
It is a bit tedious to manually allow js on websites to get them to work properly but...gee, just refer to the article's topic. Scripts from 'facebook.net' are somewhat ironically, but predictably, loaded with the page.
Facebook's officially stated approach of "it's the user's decision" is right, in my view.
The problem is that they were, and are, insincere in saying that. The user has no option to say NOPE I'm not giving you, that, that, that and that. No way to see what something does before giving them anything at all.
If that was done right users would have the choice.
Failing that Facebook is culpable.
The trouble with the culpable or "rule of law" approach though is that it's up to politicians, maybe bored law enforcement people, maybe some bribery and corruption. i.e. it generally works poorly if at all, all too often it achieves the opposite.
I say avoid legislation and give individuals their own control. Real control.
"For years, these transmissions were even conducted unencrypted, until Facebook required apps to communicate with its service over a secure connection."
The day I discovered all Likes were public I went and deleted all of them. God knows who got them before I did that (and I’m sure Facebook still uses them).
This website redirects away from the article after a short while if you run an ad blocker. I won't turn mine off, for reasons that ironically have to do with a distrust of third party tracking networks.
I see this comment all the time, what people often fail to realize is that if you won't turn off your ad-blocker, the website doesn't want you. You cost them a small amount of money to deliver the content (bandwith) and they invest a modest capital into creating the content (paying writers, etc), and you offer nothing in return.
This doesn't mean you have to stay; if this behavior annoys you, don't read their content. But don't complain that their website is "sending you away", because that's exactly what they want. You laid out your demands (ignore the fact that I'm using an ad-blocker), and they're showing you the door.
And that's just fine too; there was an internet before these guys, there will be one after.
But, it would be nice if there were some way to filter out sites like this one, and others that have interstitials or the infamous "Forbes Thought Of The Day" and all the other nuisances.
Because I don't want to be on their site any more than they want me on their site. They just keep showing up in my various news feeds.
I think people are fully aware, but they're claiming that sites do not have unique content or provide other value that would be enough to justify display of the ads, or they think that all sites should always find non-ad based revenue streams yet provide open access.
Personally, I make a judgement call. On the Atlantic I got the ad block message recently and decided to switch it off as I find the content unique and well-written. They're not a news-aggregator or a spammer, their ads aren't that intrusive... I think it's a fair-call.
That's not a "class" of customer, that's a status of being/not being a customer.
Class of customer, in the sense of the question, is a visual attribute of a customer making them unwelcome due the low probability of them being profitable for the store.
I can imagine businesses simply prohibiting the use of the toilets to people who don't buy things (“restrooms for customer use only”), which is a closer analogy: it's not about a retail store where you are browsing and may or may not buy, it's a place where you “buy” or not (by accepting ads) when you enter, and your access to other facilities is conditioned on that decision.
