Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Facebook Social Networks

Facebook and Its Executives Are Getting Destroyed After Botching the Handling of a Massive Data Breach (businessinsider.com) 187

The way Facebook has disclosed the abuse of its system by Cambridge Analytica, which has been reported this week, speaks volumes of Facebook's core beliefs. Sample this except from Business Insider: Facebook executives waded into a firestorm of criticism on Saturday, after news reports revealed that a data firm with ties to the Trump campaign harvested private information from millions of Facebook users. Several executives took to Twitter to insist that the data leak was not technically a "breach." But critics were outraged by the response and accused the company of playing semantics and missing the point. Washington Post reporter Hamza Shaban: Facebook insists that the Cambridge Analytica debacle wasn't a data breach, but a "violation" by a third party app that abused user data. This offloading of responsibility says a lot about Facebook's approach to our privacy. Observer reporter Carole Cadwalladr, who broke the news about Cambridge Analytica: Yesterday Facebook threatened to sue us. Today we publish this. Meet the whistleblower blowing the lid off Facebook and Cambridge Analytica. [...] Facebook's chief strategy officer wading in. So, tell us @alexstamos (who expressed his displeasure with the use of "breach" in media reports) why didn't you inform users of this "non-breach" after The Guardian first reported the story in December 2015? Zeynep Tufekci: If your business is building a massive surveillance machinery, the data will eventually be used and misused. Hacked, breached, leaked, pilfered, conned, "targeted", "engaged", "profiled", sold.. There is no informed consent because it's not possible to reasonably inform or consent. [...] Facebook's defense that Cambridge Analytica harvesting of FB user data from millions is not technically a "breach" is a more profound and damning statement of what's wrong with Facebook's business model than a "breach." MIT Professor Dean Eckles: Definitely fascinating that Joseph Chancellor, who contributed to collection and contract-violating retention (?) of Facebook user data, now works for Facebook. Amir Efrati, a reporter at the Information: May seem like a small thing to non-reporters but Facebook loses credibility by issuing a Friday night press release to "front-run" publications that were set to publish negative articles about its platform. If you want us to become more suspicious, mission accomplished. Further reading: Facebook's latest privacy debacle stirs up more regulatory interest from lawmakers (TechCrunch).
This discussion has been archived. No new comments can be posted.

Facebook and Its Executives Are Getting Destroyed After Botching the Handling of a Massive Data Breach

Comments Filter:
  • A lesson (Score:5, Insightful)

    by burtosis ( 1124179 ) on Sunday March 18, 2018 @10:09AM (#56279361)
    For people who didn't see why they should care about who uses thier data or how it's used, thinking they had noting to hide and it wouldn't affect them, I hope you learned a lesson.
    • Lesson duly learned.

    • by Anonymous Coward

      *shrug* My data and any of our data have already been compromised from a multitude of non-Facebook sources so does it really matter that this has happened? It just made it easier for them to get the information on people at that particular moment instead of taking a longer time accumulating the same info.

      • Re: (Score:2, Offtopic)

        by burtosis ( 1124179 )
        Yes, data is everywhere, just like child porn. We don't just give up and legitimize child porn, turning it into a legal multi billion dollar industry. Make it the same criminal offense to even have in your possession, use, or even access and we will see a vast reduction in the collection, use and distribution of private data. Further treat data breaches in a similar matter and criminally prosecute those responsible instead of doing absolutely nothing.
        • by postbigbang ( 761081 ) on Sunday March 18, 2018 @11:38AM (#56279697)

          Child porn and privacy violations aren't synonymous. One is not the other. Your data is vacuumed everywhere, including this site, where there are eight different trackers. Unless you stop them, they'll count you, track you, and get into your social business.

          That data in turn, becomes easily personally identifiable, thence characterized, and worse.

          It's an industry-wide, Internet-wide problem. It won't be prosecuted because: profit. Until it's not profitable or satisfy their seemingly endless curiosity (for profit), it'll continue. Corporate immunity means that breaches are highly unlikely to be prosecuted, because: lobbying and expense in prosecution.

          Face this reality and vote until they get it right.

    • Re:A lesson (Score:5, Interesting)

      by PolygamousRanchKid ( 1290638 ) on Sunday March 18, 2018 @10:56AM (#56279509)

      For people who didn't see why they should care about who uses thier data or how it's used, thinking they had noting to hide and it wouldn't affect them, I hope you learned a lesson.

      I highly doubt that anyone has learned a lesson:

      "No one in this world, so far as I know ... has ever lost money by underestimating the intelligence of the great masses of the plain people." -- H. L. Mencken.

      Often paraphrased as:

      "Nobody ever went broke underestimating the intelligence of the American public."

      Why did the Facebook execs take their story to Twitter . . . ?

      Easy they want to calm the great masses of their user base, whose reading comprehension can't deal with anything longer than a Twitter message. The Facebook execs don't care about what other, more intelligent, folks think. They are a lost cause for Facebook anyway.

      But most folks would react:

      "Facebook was hacked? No, it wasn't . . . their management said so on Twitter!"

      "Oh, look! Facebook! Baby pictures and ponies!"

      Do most folks in the US care about what Facebook is up to . . . ? Or do they want to know what the Kardashians are up to . . . ?

    • Re: (Score:2, Insightful)

      by Anonymous Coward
      The only problem is that they were looking for (and found) dumb people. Then they targeted those dumb people with fake news. I did not say all conservatives are dumb - clearly they aren't. Just that dumb people are easily swayed by things like "lock her up" and "but those emails!" and "that pizza place where they do x, y, z to the children". So they used this to find enough of those people to help the Russian's sway the election. Now, are those dumb people going to change their data sharing habits? Not like
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      No one will learn a lesson. They're blaming Cambridge Analytica for doing what Facebook and advertisers and dataminers are doing as you read this. The only difference is that the Trump campaign apparently commissioned the data.

      As the Facebook brass said, it wasn't a data breach. It was, in every respect, business as usual. And the public don't get that. The MA attorney general is making a big show of cracking down. Cracking down on what? Online spying? Great! But she probably has no idea that a dozen datami

      • The difference here is people are starting to more clearly see the harm, whereas people didn't get it with targeted advertising. I also agree, we will see change when these politicans and judicial branch members realize that all thier dirty secrets can be leveraged against them, unless it's too late and they are all blackmailed already. Take out the profit by leveling criminal and civil charges and actually following through on prosecution.
    • by Anonymous Coward

      I suspected this is what they could do for a long time. Zippo to hide but facebook is in ublock and in noscript. These companies are advertising platforms. Advertising is *wildly* different than what it used to be. Now they want to track the metrics. The only way to do that is to record what I do.

      That they track their employees is not surprising at all. These people are no longer the underdogs. They are the overlords. Treat them with suspicion and a wide berth. They are looking to monetize you at a

    • For people who didn't see why they should care about who uses thier data or how it's used, thinking they had noting to hide and it wouldn't affect them, I hope you learned a lesson.

      Pffft. That's awfully optimistic, now isn't it? They'll just find someone else to blame, or do basically anything that absolves them of any kind of self-responsibility, like always.

  • by Anonymous Coward on Sunday March 18, 2018 @10:13AM (#56279373)

    Dear Slashdot, please knock it off with the hyperbole in the headline. Unless the Facebook executives are literally being torn limb from limb or being ground into dust, I don't really find the over top headline informative or useful.

  • Destroyed (Score:4, Insightful)

    by 110010001000 ( 697113 ) on Sunday March 18, 2018 @10:17AM (#56279387) Homepage Journal
    I'm sure their tens in millions in stock options will soothe them. Give me a break.
  • by blogagog ( 1223986 ) on Sunday March 18, 2018 @10:31AM (#56279425)
    I'm confused. The only thing they did was view 40 Million profiles on Facebook? Google, Bing, and DuckDuckGo do more than that every single day.
    • by Zocalo ( 252965 ) on Sunday March 18, 2018 @10:49AM (#56279479) Homepage
      No, it's not a breach, Facebook is correct on that point. The real issue here, and one that Facebook seems to be pulling off successfully judging by some of the replies so far, is that Facebook's response to 50m user profiles being harvested and abused is to turn it into a discussion about semantics through misdirection. That's *exactly* what Facebook wants the discussion to be on, because it puts them in a favourable light, rather than the real point of TFS, which is that their business model is not only based almost entirely on sharing user data with third parties, but also has no controls or policies in place to effectively govern what happens when they get a bad actor like Cambridge Analytics in the mix.

      tl;dr: it's not just about "All your data belong to Facebook (and the rest)", it's that they'll freely share that data with third parties and don't give a fuck what happens when someone abuses their access to it.
      • by Entrope ( 68843 ) on Sunday March 18, 2018 @11:09AM (#56279573) Homepage

        You are almost right. Facebook isn't upset that this company got so much information about Facebook users. They are upset that this company didn't pay Facebook for that information, and that the company didn't pay them more to used Facebook's targeting services.

      • by I'm New Around Here ( 1154723 ) on Sunday March 18, 2018 @12:53PM (#56279983)

        No, it's not a breach, Facebook is correct on that point. The real issue here, and one that Facebook seems to be pulling off successfully judging by some of the replies so far, is that Facebook's response to 50m user profiles being harvested and abused is to turn it into a discussion about semantics.... a bad actor like Cambridge Analytics in the mix.
         

        It seems like you are lost in the same fight against semantics. User profiles were harvested, because that is what they are there for. But how are the users abused, other than receiving campaign attention? And how do you judge that Cambridge Analytics is a bad actor in establishing that attention?

        These people were not scammed of their life savings, no one opened credit cards in their names, and no one lost their house over this. But because it favored one political candidate, it causes outrage. Why?

        • by Zocalo ( 252965 )
          I didn't say the users were abused, I said their profile data was, although there's a pretty good case for both since what they do with that data is to allow the users to be profiled, filtered, and the more susceptible recipients targetted with information (often fake, or at least misleading) that is designed to push buttons and sway opinions. It also seems highly likely that Cambridge Analytics may have gone a bit further than just accessing the information that Facebook made available to them and also de
          • by Rob Y. ( 110975 ) on Sunday March 18, 2018 @03:14PM (#56280571)

            The kind of targeted advertising that was delivered via Facebook (outright falsities and incitements to violence, etc) would be illegal on just about any other medium. Certainly on Television, and certainly as relates to electioneering rules. That it wasn't illegal in 2016 - and that it was so widespread - is just more indication that Facebook needs to be regulated as an advertising medium. Ads and other commercial items clearly labeled as such - with their sponsors identities either shown or made available.

            "Hi, I'm Vladimir Putin, and I approve this message"

          • It does seem CA got the data through violating FaceBook's TOS, but as far as harvesting your friends and targeting ads...that's what FaceBook does. And political ads are no different, and Obama did the same thing in 2012 and it was lauded as breaking new ground in political engagement [theguardian.com].

            Every time an individual volunteers to help out – for instance by offering to host a fundraising party for the president – he or she will be asked to log onto the re-election website with their Facebook credentials. That in turn will engage Facebook Connect, the digital interface that shares a user's personal information with a third party.

            Consciously or otherwise, the individual volunteer will be injecting all the information they store publicly on their Facebook page – home location, date of birth, interests and, crucially, network of friends – directly into the central Obama database.

            "If you log in with Facebook, now the campaign has connected you with all your relationships," a digital campaign organiser who has worked on behalf of Obama says.

    • No, that is not what they did. RTFA. They used malware to gain access to the entire user profile, including every Facebook link clicked on. Everything Facebook stores on you. Including in the closed and secret groups. Every click, time spent viewing something, everything.

      By going through the UK, it wouldn't matter, malware is covered by the computer misuse act, personally identifying information (even if public) is covered by the data protection act.

      It's no wonder such lunacy happens, if nobody bothers to u

      • by Entrope ( 68843 )

        Which FA calls it malware? Or is that your embellishment?

        • by jd ( 1658 )

          The report in the Observer by the person who actually discussed the software by one of its authors and saw the internal documents. You know, the FA that you're always supposed to go to, the source. Use the source, Luke.

          • by Entrope ( 68843 )

            I haven't seen a link to a single article from the Observer. I've seen links to articles on this subject by Carole Cadwalladr, who is described as a reporter for the Observer, but (as far as I've seen) those haven't used the term "malware". So, again, which FA are you talking about?

      • by Anonymous Coward

        But they didn't use malware. People downloaded themselves and gave consent. Again semantic.

        It's no different than millions of user give consent over access their information with android or apple apps. Nothing really prevent the app developer to harvest the information and sell it to another party other than a written rule.

  • Whiner (Score:2, Interesting)

    by Anonymous Coward

    I think its hilarious that Zuckerberg hates Trump and pulls this 'oh yeah well I'm gonna..' stunt and now it has drawn attention to what Facebook has become: Ugly and intrusive.

    I want a Ferrari, but I'm not about to help the US Government nor a private company [insert terrible babies and pitchforks jokes here] to get one.

    Does no one else think twice about this?

    """Facebook insists that the Cambridge Analytica debacle wasn't a data breach, but a "violation" by a third party app that abused user data."""

    So, wh

  • by Anonymous Coward

    Because Trump's campaign did it and Hillary didn't?

    • No, multiple European laws were violated, malware was used, and the military's psychological warfare division attempted to rig an election (aka a military coup).

      • by Mitreya ( 579078 ) <mitreya&gmail,com> on Sunday March 18, 2018 @12:12PM (#56279823)

        multiple European laws were violated, malware was used, and the military's psychological warfare division attempted?

        Yes, and Facebook is being "destroyed" as we speak.
        They might even pay a small fine when this is all over. Or not.

        Equifax is still standing, and that was financial, non-voluntarily given data, and on a far larger scale.

    • by Anonymous Coward

      Hillary's campaign was very proud of their use of social media platforms to harvest votes. Obama's campaign bragged about their efficiency at doing so.
      Trump hires advisors who beat them and suddenly it's a breach?

      That Facebook decides its response based on the politics of their customer tells us all we need to know about their lack of values

  • Color me surprised (Score:5, Insightful)

    by quonset ( 4839537 ) on Sunday March 18, 2018 @10:42AM (#56279455)

    Who would have thought that a company founded on collecting people's personal data and selling it to third parties would be involved in a scandal about the collection of people's personal data without those people's permissions?

    It's almost as if the people using FB had no clue what was going on.

    • by Anonymous Coward

      Yes, people that use FB are clueless.

  • And get on with our lives? Or how about we create a pros and cons list, I'll start...

    Pros: Well nothing really comes to mind.

    Cons: Where do I start?

  • Using Facebook as intended doesn't make it a data breach, as facebook quite clearly told everyone.

    The "other" political party using facebook for their own ends is the reason for this autistic screeching.

    • If malware is used to download FB's internal profile of you using your credentials, it's not access as intended by the user.

      This is an EU company, EU laws hold. Including the computer misuse act and the data protection act. As does the right to be forgotten, along with various pieces of human rights legislation.

      This is a criminal enterprise and Cambridge University should be shut down until its role is established.

      • If malware is used to download FB's internal profile of you using your credentials, it's not access as intended by the user.

        Please provide a citation that says malware was used as part of the data collection process.

        • by jd ( 1658 )

          Try the article in the Observer/Guardian, you know, the only article that actually invokves the source. It is stated very clearly that malware is used, I trust you can read.

  • by Locke2005 ( 849178 ) on Sunday March 18, 2018 @11:27AM (#56279639)
    The old rule still applies: don't post ANYTHING on the internet that you would be upset to seeing printed in the newspaper that next day! I'd advise against taking any digital nudes or videos in the first place; no telling where they will end up. Don't google anything that would trigger NSA keywords, no matter how interesting the subject of homemade explosives is. Avoid watching kitty porn. Don't mention online how much you would love to see Trump have a heart attack. Probably need to avoid monitored keywords in your phone conversations as well.
    • by Kohath ( 38547 )

      It's not about posting. FB tracks nearly every web site you go to, whether you post or not. They track your location when you use their app, whether you post or not. They know what everyone around you posted, everyone you've associated with, everything posted about you.

      • FB tracks nearly every web site you go to, whether you post or not.

        Unless you use something like uMatrix to just go ahead and block all that crap. The only thing you "lose" is access to the comment functionality on some sites.

    • applies to phone conversations. If a .com company is selling me a service that is supposed to be secured then I have the same expectation of privacy. Most states have pretty strict laws about wiretapping. Just because its "on the internet" doesn't make it anything else when you listen in on my private conversations without notice or perimission.
    • You're on the right track, generally speaking. But the biggest danger with all of this information culled from social media sites is the potential to mis-use it by taking it out of context.

      Anything I was willing to post on Facebook under my name is a statement I'm willing to stand up and take the credit for posting. Therefore, if someone published it in the local newspaper? I'd be fine with that too. (Why you'd find it worthy of an article in the paper, I'm not quite sure? But for the sake of argument ...

  • A breach has a specific technical meaning. This is a technical site. This wasn't a breach, this was at most a contract violation. This page does a decent job of describing incidents, breaches and the like:

    https://iapp.org/news/a/is-it-... [iapp.org]

    This isn't CNN, these things matter. Please keep your politics out of our technology news site. Is that too much to ask?

  • Are people outraged because of a leak or because of a design flaw or because they so detest the current POTUS and possibility that the campaign made use of the available data?

    • Hillary's campaign had the full blessing of Google, Facebook, and twitter to uses their full data and resouces and still lost.

      How dare the opposing party attempt to do the same with 1% of the same data? How dare they!

      autistic_screaching.jpg

  • Sadly the age when most people felt inclined to not share every aspect of their lives is past. The new impulse is to share every thought, image and opinion with the world for attention - and social media companies sell what is given to them to the highest bidder. That's the world we live in, that's the Social Network business model.
  • I'm aware what sh*tstorm this may bring, but I have to say, this is your/our fault. The US has basically no data and user privacy protection laws whatsoever, companies allowed to essentially do as they see fit with the data they gather. Why some get suddenly surprised that the companies actually do what they are allowed to do? Yes, you can get enraged, but unless you actually do something, it's really your fault this has been allowed to get this far. It's been already time - and time, and time - that people
  • Because putting together a readable summary rather than a list of tweets is too frigging hard.

  • They're getting destroyed, are they?

    Okay, so is it a ritual hanging for the executives, or will fire be involved? Will they make it public or more of a behind-closed-doors event?

    And as for Facebook, I guess the userbase will migrate to something else over the next few days. A pity, as some of my elderly relatives would use it to keep in touch with various hobby groups.

  • First of all, you mindless sheep willingly handed over your personal information to a public forum... how shocking that it should used for nefarious activities... The business model of FaceBook is to sell you. Don't be surprised about anything they do with you, ever.. Once you give it away, it's not yours anymore.
    Maybe you should just get off FB and go explore meatspace... There's real flowers, roads, mountains, rivers, and people out there. Your social skills might improve too!
  • https://en.wikipedia.org/wiki/... [wikipedia.org]

    On January 6, 2011, Swartz was arrested by Massachusetts Institute of Technology (MIT) police on state breaking-and-entering charges, after connecting a computer to the MIT network in an unmarked and unlocked closet, and setting it to download academic journal articles systematically from JSTOR using a guest user account issued to him by MIT. Federal prosecutors later charged him with two counts of wire fraud and eleven violations of the Computer Fraud and Abuse Act, carryin

  • They repeatedly violated user privacy rights, changed settings without warning, and I finally cut ties with them. I've never gone back.

    They are not trustworthy.

    You are the product being sold.

  • There are reports that the company in question told Facebook they had destroyed data and in fact they didnâ(TM)t. Why is there so much back lash against Facebook and not against the company who kept the user data?
  • Like consumed by those nanobugs in the movie The Day the Earth Stood Still, the recent 'green' version not the original one.

  • by Murdoch5 ( 1563847 ) on Monday March 19, 2018 @10:34AM (#56283375)
    If you use a system which you know stores and harvests your data, then you can't be surprised or worried when that data gets used by other parties.

    Facebook's response was correct, this wasn't breach, and just because the over liberalized media doesn't understand that, doesn't make it Facebook's problem. The only reason that Cambridge Analytica was able to grab the data is because people provided it and provided it openly without any second thought for the consequences of what they were doing at the time.

    if you don't want to be tracked, then stop willfully giving your data up to everyone who wants it, otherwise you have no right to complain when it gets used against you.
  • What did anybody expect? How naive can you be?

  • ... since back in the day I was writing facebook apps and in the end user agreements you were made to agree to said something along the lines of being "obligated" to not misuse customer data. The use of the word "obligated" made me giggle. We'll give you access to nefarious shit, but you're "obligated" not to sniff around.

To be a kind of moral Unix, he touched the hem of Nature's shift. -- Shelley

Working...