![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
...among other violations, in the latest reveal on Facebook's Potemkin privacy settings, from the New York Times: <https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html> Bing, Yahoo, Amazon and other companies were also given access to private or sensitive information after Facebook claimed it had stopped doing so.
One odd thing in the NYT report, which I admit I have only skimmed:
They engaged in contracts with other companies that gave them access to the data. Did those contracts not involve some kind of payment back to Facebook? Or perhaps non-monetary compensation? It seems like they were trying to keep it to "giving away user data in exchange for favors", which... I'm not sure that's actually any better than outright selling the data.
(And of course, since Facebook harvests people's email and phone address books, this affects people who haven't even signed up or connected with each other, such as when they recommended that several patients of the same psychiatrist friend each other. "Shadow profiles" presumably are sold or given away as well.)
----
In unrelated news, various companies (including Google) had user data breaches and didn't report them.
What's fascinating and horrible is that this still is largely not illegal, in the US! We really need something like the GDPR here, and I suspect we're going to get *some* kind of privacy laws; I hope it turns out as well as the GDPR has. There's a lot of room for worse, and frankly not much room for better.
One odd thing in the NYT report, which I admit I have only skimmed:
Facebook has never sold its user data[.] Instead, internal documents show, it did the next best thing: granting other companies access to parts of the social network in ways that advanced its own interests.
They engaged in contracts with other companies that gave them access to the data. Did those contracts not involve some kind of payment back to Facebook? Or perhaps non-monetary compensation? It seems like they were trying to keep it to "giving away user data in exchange for favors", which... I'm not sure that's actually any better than outright selling the data.
(And of course, since Facebook harvests people's email and phone address books, this affects people who haven't even signed up or connected with each other, such as when they recommended that several patients of the same psychiatrist friend each other. "Shadow profiles" presumably are sold or given away as well.)
----
In unrelated news, various companies (including Google) had user data breaches and didn't report them.
What's fascinating and horrible is that this still is largely not illegal, in the US! We really need something like the GDPR here, and I suspect we're going to get *some* kind of privacy laws; I hope it turns out as well as the GDPR has. There's a lot of room for worse, and frankly not much room for better.
