Facebook Engineer Abused Access To User Data To Track Woman That Left Him After a Fight, New Book Says (yahoo.com) 78
A Facebook engineer abused employee access to user data to track down a woman who had left him after they fought, a new book said. Business Insider reports: Between January 2014 and August 2015, the company fired 52 employees over exploiting user data for personal means, said an advance copy of "An Ugly Truth: Inside Facebook's Battle for Domination" that Insider obtained. The engineer, who is unnamed, tapped into the data to "confront" a woman with whom he had been vacationing in Europe after she left the hotel room they had been sharing, the book said. He was able to figure out her location at a different hotel.
Another Facebook engineer used his employee access to dig up information on a woman with whom he had gone on a date after she stopped responding to his messages. In the company's systems, he had access to "years of private conversations with friends over Facebook messenger, events attended, photographs uploaded (including those she had deleted), and posts she had commented or clicked on," the book said. Through the Facebook app the woman had installed on her phone, the book said, the engineer was also able to see her location in real time. Facebook employees were granted user data access in order to "cut away the red tape that slowed down engineers," the book said.
"There was nothing but the goodwill of the employees themselves to stop them from abusing their access to users' private information," wrote Sheera Frenkel and Cecilia Kang, the book's authors. They added that most of the employees who abused their employee privileges to access user data only looked up information, although a few didn't stop there. Most of the engineers who took advantage of access to user data were "men who looked up the Facebook profiles of women they were interested in," the book said. Facebook told Insider it fired employees found to have accessed user data for nonbusiness purposes.
Another Facebook engineer used his employee access to dig up information on a woman with whom he had gone on a date after she stopped responding to his messages. In the company's systems, he had access to "years of private conversations with friends over Facebook messenger, events attended, photographs uploaded (including those she had deleted), and posts she had commented or clicked on," the book said. Through the Facebook app the woman had installed on her phone, the book said, the engineer was also able to see her location in real time. Facebook employees were granted user data access in order to "cut away the red tape that slowed down engineers," the book said.
"There was nothing but the goodwill of the employees themselves to stop them from abusing their access to users' private information," wrote Sheera Frenkel and Cecilia Kang, the book's authors. They added that most of the employees who abused their employee privileges to access user data only looked up information, although a few didn't stop there. Most of the engineers who took advantage of access to user data were "men who looked up the Facebook profiles of women they were interested in," the book said. Facebook told Insider it fired employees found to have accessed user data for nonbusiness purposes.
Re: (Score:2)
Rent free!
Re: (Score:1)
He lives rent free in your head.
Re: (Score:2)
Rent.
Free.
Re: (Score:2)
Rent. Free.
Re: (Score:2)
Rent free.
Re: (Score:2)
Rent free
Re: (Score:2)
deleted? (Score:5, Insightful)
Re: (Score:2)
Because we've all known about this for a decade?
Re: (Score:1)
Real gentlemen (Score:4, Interesting)
Facebook engineers clearly have their way with the ladies - some real gentlement they are.
Re:Real gentlemen (Score:4, Insightful)
Facebook executives of course have free reign, not low level engineers, they are monitored, for obvious reasons. That the executives allowed free reign sick as.
Re:Real gentlemen (Score:5, Insightful)
Well, take comfort in the fact that they just fired the stupid ones.
The smart ones are still there, and they're doing the exact same thing except they're 'accidentally' pulling in their stalkee 'randomly' into 'demographic groups' for 'testing'.
They're not stalking one woman, they're analyzing the statistical variance of the geographical distribution of various groups of 'user types', and it just so happens that one of the women they are interested in is part of that larger group.
Re: (Score:2)
Re: (Score:3)
In truth (Score:2)
Facebook engineers clearly have their way with the ladies - some real gentlement they are.
You see this in any job with access to sensitive information. Police officers do it, and you'd better believe that bank personnel do it as well. I've even seen access records of people doing this at places like the phone or cable companies. Actually if you want terrifying, the lady that worked for (Verizon? AT&T?) viewing all the cellular information. That was before iMessage so I think she was able to read all the text messages as well.
Give people power and someone will probably abuse that power. T
Re: (Score:3)
Facebook engineers clearly have their way with the ladies
More to the point, Facebook engineers clearly have their way with the data, which is a massive failure on Facebook's part.
There's no reason for any employee to have access to user data except for support staff, and then only in response to a user request. Every access by support staff should be associated with a ticket, exactly what they looked at should be logged, and auditors should check a (large) random sample of the logs to verify that the ticket justified the data access.
Engineers that build the s
Re: (Score:3)
Facebook engineers clearly have their way with the data, which is a massive failure on Facebook's part.
Had. In 2015. Which is why Facebook added controls since then. Nowadays you can run peer-reviewed code against large swaths of user data to pull out statistics but you can't directly access one user's data without it being logged and reviewed by auditors in another department. If their judgement is that you didn't have a valid business reason for accessing the data, you're fired. No warnings.
And to be clear, a valid business reason would be something like: the user reported a problem with their account and
Re: (Score:2)
They are as gentlemanly as FB is social.
Re: (Score:2, Insightful)
Firing is not enough (Score:3)
Woman what left him. (Score:1, Offtopic)
C'mon /. , at least get her pronouns right. "woman that left left him" in the headline!? A professional "journalist" (I'm not complaining about commenters) making basic grammatical errors just throws all credibility out the window. And a correct version appears in the very next line "woman who had left him".
Of course one incident is hardly news. The real story is the large number who were caught, how easy it was, the lack of any privacy protection by Facebook.
But Facebook has a long history of lack o
Fire them with extreme prejudice (Score:2)
Facebook, Equifax, banks, etc should all do the same.
Govt folks too. Police, IRS, DMV, etc. They should be fired and prosecuted.
Re: Fire them with extreme prejudice (Score:4, Informative)
https://www.cnn.com/2021/06/03... [cnn.com]
Re: Fire them with extreme prejudice (Score:4)
Re: Fire them with extreme prejudice (Score:2)
Re: (Score:2)
Your obligatory reminder: (Score:5, Insightful)
Re:Your obligatory reminder: (Score:5, Insightful)
Zuck: yea so if you ever need info about anyone at harvard
Zuck: just ask
Zuck: i have over 4000 emails, pictures, addresses, sns
Friend: what!? how’d you manage that one?
Zuck: people just submitted it
Zuck: i don’t know why
Zuck: they “trust me”
Zuck: dumb fucks
The woman bears some responsibility (Score:3)
The initial meeting with her boyfriend should've gone something like this:
- Hello I'm Keith!
- Hi I'm Karen. What do you do in life?
- I work at Facebook
- Yeah... Hmm, right... My number is 555-1212. Call me maybe. Buh bye.
Re: Those darn men (Score:2)
Re: (Score:2)
Re:Those darn men (Score:5, Interesting)
As you Damorites keep saying, it's genetics, man.
Re: (Score:2)
Re: (Score:2)
I don't think you understand how numbers work.
So your math is interesting - A guy is being stalked, yet it doesn't matter because numbers.
Or more to the point, numbers somehow prove that he is simply not being stalked.
Women do stalk men. There was even some online tools offered for a while to assist them. I forget what the name was, and they haven't been advertised for a few years, so they probably skirted legality.
Sheesh, you really have bought into the designated villain male, designated victim female myth haven't you?
And if you haven't, your p
Re: (Score:2)
Or more to the point, numbers somehow prove that he is simply not being stalked.
Not the statement I made at all.
He used his one example to claim that men DON'T stalk MORE. Do you know what MORE means? That means one number is greater than the other, give or take within a ballpark.
Re: (Score:1)
Or more to the point, numbers somehow prove that he is simply not being stalked.
Not the statement I made at all. He used his one example to claim that men DON'T stalk MORE. Do you know what MORE means? That means one number is greater than the other, give or take within a ballpark.
I would lli9ke to see the quoted text where he said that men don't stalk more. I'll even help you
Narcode wrote and I quote - "I'm being stalked by at least two of my ex-girlfriends and one that is pretending to be one of them. Some people we used to hang out with, at the request of one of them, all even refuse to acknowledge any of the later ones and still call her my girlfriend. Someone I hadn't seen in over 20 years, mind you. If you think dudes do more stalking I think you're seeing a selection bias.
Re:Those darn men (Score:5, Insightful)
One bad ex could be bad luck.
Three bad exes plus a group of people that allegedly collude in irrational ways with one of the bad exes, that definitely suggests perhaps you are the problem.
Re: (Score:3)
Re: (Score:3)
One bad ex could be bad luck.
Three bad exes plus a group of people that allegedly collude in irrational ways with one of the bad exes, that definitely suggests perhaps you are the problem.
It is always the male's problem. Way to stand up for stalkers!
Re: (Score:2)
This seems to be the most rational explanation.
I presume that, when asked, all three women will reply with a genuinely confused "who?"
Re: (Score:2)
Yet these men keep proving they're the crazy ones. Men stalk and kill ex-partners in far greater numbers, but women get the stereotype of the crazy ex who won't leave them alone.
I think the objection that some people have is not the concept "ugh - wimmin!
It's the undeniable fact that as humans, women are just as capable of stalking and murder, while if anyone mentions that, the faithful leap to name calling - like calling people "Damorites" You simply have the villian and the victim pointed out, and your narrative is impervious.
This really isn't a percentage game - is a man killed by his wife less dead than a woman killed by her husband?
You need a vacation from not giving a
Re: (Score:3)
It's the undeniable fact that as humans, women are just as capable of stalking and murder
The number of women (and their children) killed by ex-partners says otherwise.
The number of male murderers compared to women, especially in the context of family/relationship breakdown, says otherwise.
like calling people "Damorites" You simply have the villian and the victim pointed out, and your narrative is impervious.
Not narratives - NUMBERS.
People like you always talk about numbers, but when the numbers CLEARLY show male dominance in violent attacks, suddenly "everyone is just as capable".
Think about it - why do you readily accept that genetic differences between men and women is responsible for less women in tec
Re: (Score:2)
People like you always talk about numbers, but when the numbers CLEARLY show male dominance in violent attacks, suddenly "everyone is just as capable".
Yeah - sorry, my friend - you don't get to spout off your numbers, then disown them. You are the only one talking about numbers anyway.
Think about it - why do you readily accept that genetic differences between men and women is responsible for less women in tech jobs, but don't accept that genetic differences is responsible for propensity for violence? Especially when there's much more evidence for the latter than the former?
Wow - y'all are spreading it around pretty well. Let Uncle Ol give ya some telling, if you are interested.
The general situation is that women as a group are less prone to violence. Most of that is certainly biological, and some amount of that is likely social conditioning.
Men are in general, more prone to violence. It's a side effect of testosterone.
But generalizati
Re: (Score:2)
It's the undeniable fact that as humans, women are just as capable of stalking and murder
I triple dog dare you to watch or read these: https://www.youtube.com/watch?... [youtube.com]
https://www.semanticscholar.or... [semanticscholar.org]
https://www.dailymail.co.uk/tv... [dailymail.co.uk]
https://www.dailyrecord.co.uk/... [dailyrecord.co.uk]
A female stalker and a female victim: https://www.dailyrecord.co.uk/... [dailyrecord.co.uk]
https://www.dailymail.co.uk/ne... [dailymail.co.uk]
Another female on female stalking and assault - https://www.wyff4.com/article/... [wyff4.com]
I'll stop now - this is getting boring.
almost as if facebook was designed to creep women (Score:3, Insightful)
It's almost as if facebook was originally made to creep on women.
Re: (Score:2)
Facebook could become a Criminal Accessory (Score:5, Interesting)
In terms of the potential for this sort of behavior to be considered illegal, it is possible that such actions could be breaches of (continuing the UK example): The Protection from Harassment Act (1997) [legislation.gov.uk], or the Malicious Communications Act (1988) [legislation.gov.uk], or the Communications Act (2003) [legislation.gov.uk], or the Computer Misuse Act (1990) [legislation.gov.uk], or the Obscene Publications Act (1959) [legislation.gov.uk], or possibly even the Public Order Act (1986) [legislation.gov.uk].
If Facebook were to discover, for example, that they had an employee in the UK who was using their infrastructure to follow, monitor or harass any other citizen, then Facebook should have had the matter investigated. Their in-house counsel or external law firm should have been competent enough to at least think of checking the actions of the employee against the law. If, however, Facebook were to have discovered multiple employees performing similar actions and Facebook have not brought the police in to the matter, then Facebook could very well be a de facto accessory to criminal actions under one or more of the above laws.
The instant problem this would create for Facebook would be that evidence may now show that Facebook have been aware of criminal use of their platforms and have failed to report the criminal acts to the proper authorities. Which would make Facebook an accessory to all of those criminal actions. This gets interesting, therefore, because - to use a simple math example - suppose Facebook discovered 5 rogue employees, each of whom committed prohibited and illegal acts, using Facebook infrastructure, against two different women. Five employees, two women each, that's 10 women total. That makes Facebook an accessory to crimes against all 10 women. By virtue of being involved in all the potentially criminal acts, Facebook's legal exposure could, could get real interesting, real quick.
I'm using the UK as an example because often their social laws tend to be a bit more advanced than the federal equivalents - and of course all the above links are written in English. However, we could expect to see similar laws in Australia, New Zealand, all across Europe... and because, in UK law at least, being aware of criminal or potentially criminal conduct isn't just a crime in itself, it also makes the party an accessory to the original crime. Depending on that "original offence" the consequences might be pretty serious.
I hope.
Coders should not have access to real-world data. (Score:2)
*Nobody* should have access to real-world data with the obvious exception.
This is failure of *both* the engineer on a personal level and on facebook on a *fucking global* level.
We use mock data for a reason. Who the hell let these douchenozzles near a keyboard?
Re: (Score:2)
Meanwhile, our industry appears to be absolutely intent on collectively charging over the cliff known as "DevOps". And if that's isn't a high enough precipice, then there's always "DevSecOps".
Not, "putting the fox in charge of the hen-house" - apt though it is, think more: "lunatics taking over the asylum".
Switch to Signal instead of Facebook Messenger (Score:2)
This seems like a good occasion to switch to a messaging app with end-to-end encryption such as Signal for all messages instead of using Facebook Messenger. Or do you still trust Facebook to keep your data and conversations safe?
Reminds me of an old joke... (Score:3)
The one about an engineer, a physicist, and a mathematician on a train in Scotland who see a black cow in a field. (Doubtless with multiple regional variations, and appropriate sheep/horse/etc substitutions).
> Facebook told Insider it fired employees found to have accessed user data for nonbusiness purposes.
IOW, "Facebook told Insider it might, potentially, consider firing an employee for this sort of behavior, at some point in time, IFF that employee's behavior became public and there was a sufficiently large outcry over it, and the employee was both low-level and disposable enough".
If not though, he'd be given an honorary MBA and promoted....
Down with fuckerberg. (Score:2)
Shut down facebook, no good comes from it.
Re: (Score:2)
Yes, absolutely. The sooner, the better.
Why is this on /.? (Score:2, Troll)
This kind of stuff happens everywhere where people have access to data: hospitals, insurance companies, banks. The FB incident has nothing to do with FB being bad; it's just a matter of an employee overstepping their bounds.
Just pay (Score:2)
If the engineers would have just paid for the data like any customer, all would have been forgiven.
Bigots (Score:2)
Please Don't Take That Picture! (Score:3)
All of this boils down to a very simple phrase that I hold dear to my heart.
If you don't want to be in a compromising position, please don't even take that picture of yourself or whomever that you are contemplating.
Once you touch the click button on your camera/phone/tablet/whatever, and that image has bee captured, for all intents and purposes, you have lost control of it. You have to fight off whatever software/spyware/whatever on your device. But you also have to fight off your own carelessness and impulses. It does not take much for that electronic image of you doing something embarrassing to 'jump' from your camera/tablet/phone memory to somewhere on the net, which leads to somewhere else on the net and so forth.
Myself? I make sure that all cameras in my house are either put in a drawer (DSLR cameras) put facedown on the table (webcam) or covered with lid closed (laptop cameras) before I even start to undress for my nightly shower/bedtime. In addition, the only computer that is turned on is my router. Everything else is hard switched off.
I get fully showered and dressed as if I am ready to go to the office before I turn anything electronic on in the morning. No. I do not turn the Zoom unit on before my pants are fully on and that zipper is firmly closed.
Facebook/Twitter/etc??? I post only videos and photos that I fully intend to publish. Before I post anything, I think very hard of why I am posting it and what, if any, are consequences. Sometimes, I simply turn off the computer and chill out for a day before confirming my decision to publish something. And no, nothing below my stomach and above my knees is uncovered before even setting up any cameras.
What goes on-camera is what I have been doing in full public for a long time prior to that camera being turned on and the file sent up to the cloud.
Humbly and Respectfully Yours
I Love You All!
Mark Allyn
Bellingham, Washington
The NSA (Score:1)
Re: (Score:2)
Anyone surprised? (Score:1)
3 BED 2 BATH (Score:1)