Facebook: Your Personal Data is a Trade Secret 203
An anonymous reader writes "An Austrian group called Europe versus Facebook has so far made 22 complaints regarding the social network's practices. In the process, the organization has stumbled upon an important tidbit: Facebook says it is not required to give you a copy of some of your personal data if it deems doing so would adversely affect its trade secrets or intellectual property."
Shock Horror (Score:5, Insightful)
The herd is a goldmine, ripe for the picking.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re:Shock Horror (Score:5, Funny)
All you iSheep, Twits and FacePalmers.
He says, on a public web forum.
Re:Shock Horror (Score:5, Insightful)
There is also the matter that supposedly private messages on Facebook are not really private at all, a classic case of the "third party server" problem. Unlike email, for which there are well-developed (but rarely used) methods of keeping private messages private, Facebook is designed to thwart such efforts (e.g. to encrypt an email, I can just hit a checkbox, assuming keys have been set up; to encrypt a Facebook message, I have to manually invoke a cryptosystem, copy and paste, and so forth -- a pain even for technically competent users). For most people, the "privacy" issue on Facebook is related to what their friends, coworkers, and potential future contacts can see -- very few people give any thought to the amount of information that Facebook itself has, and for many Facebook has become the primary means of communication.
Re: (Score:3, Insightful)
The problem is not that people have public lives, it is that the INTERNET greatly expands the scope of what is "public" while greatly diminishing the scope of what is "private.
FTFY
Re: (Score:2)
Re: (Score:3)
Indeed, although there is not much personal information on Slashdot. The problem is not that people have public lives, it is that Facebook greatly expands the scope of what is "public" while greatly diminishing the scope of what is "private." The information Facebook collects is much broader in scope than Slashdot, and extends beyond what people actively post on Facebook.
The Facebook website is one thing, the Like-buttons on thousands of websites, that's my biggest concern. Whenever you visit such a page, FB logs your visit because that button/script is loaded from their site. Whether you're logged into FB or not, they still log your visit and your IP-address. They obviously don't want you to know that they know which websites you visited and when. Maybe people on /. know about this, but 99% of the regular FB visitors probably don't.
Re: (Score:2)
Whether you're logged into FB or not, they still log your visit and your IP-address.
Yup, on every page that has a like button. Which is why the NoScript/Firefox combo rules. You can see it, and disable it.
I tried Facebook out for a while, don't use it. I can't get my kids off it though, at least they know what they are dealing with.
Re: (Score:2)
I do use it, though with caution. The problem is my smartphone. I use a different browser (Dolphin on Android) for Facebook only. That is my fix for the moment, until Chrome works on Android.
Re: (Score:2)
Re: (Score:2)
Write on your wall about your cool new Nike Football shoes, and watch targeted advertising appear to you for other football related products.
Why is this bad? I'd rather see ads for things I like and might consider buying than scattershot ads for shit I'd never use.
Check in with FourSquare to become the mayor of burger king to get a 10% discount on your next piece of crap for lunch, and watch your insurance company make a silent note.
Why is this bad? I eat healthy, and am healthier for it. Why should I have to subsidize the lard-asses who eat at BK every day?
You ARE their intellectual property.
Now that's just scary-sounding gibberish.
All you iSheep, Twits and FacePalmers.
You seem to be fond of insulting labels. Here's some for you: paranoid, arrogant, condescending.
And for the record, I don't use Apple products, or Twitter, or Facebook. But that's because I don't want to, not becaus
Re: (Score:2)
If only it were actually that good. Every time I see an ad for a company whose products compete with products made by my employer (that I thus almost certainly wouldn't even consider buying), I conclude that they must not be doing much more than a trivial keyword search (and they know who my employer is, so that's just a Facepalm right there).
And as that satellite fell out of orbit a
Re: (Score:2)
The kind of advertisement that does affect me, if you can call it that, is word-of-mouth advertisement. Specifically, if you make a good product, and people give it consistently good reviews, I'm more likely to buy your product. If you make a s**tty product that falls apart in six months, I'm more likely to call up a manufacturer in China and go into business against you (which isn't very likely to happen at all, but is still a heck of a lot more likely than me buying your junk product).
I'm not sure a Chinese manufacturer is where I'd go if my goal were to produce a high quality product rather than an inexpensive one.
(Your post was interesting, BTW, that just sort of stuck out.)
Re: (Score:2)
You can make high quality products with Chinese manufacturers, but you have to be very selective about which manufacturers you'll work with, and you have to pull random inspections to ensure that they are actually doing the QA testing they claim to be doing. Otherwise they'll send you half junk.
A lot of it also depends on the design work that went into it. If you've done the board layout and testing yourself, repeatedly ordering new test runs until you get a layout with perfect or near-perfect yield, you'
Re: (Score:2)
Re: (Score:2)
After finding a brand of shoes I like, I buy them in bulk. I'm just reaching the end of the stack of shoe boxes I bought four or five years ago. It's almost time to buy shoes again.
As for clothing, I have a closet full of short-sleeve shirts, and a closet full of long-sleeve shirts. Clothes last a long time if you wear them only once per month. Also, my parents often give me a shirt or two for Christmas, which further reduces the need to actually shop for clothes. And I buy white socks in bulk every fe
Re: (Score:3)
Why is this bad? I'd rather see ads for things I like and might consider buying than scattershot ads for shit I'd never use.
I take it you missed the Slashdot story a couple of years ago about Amazon giving different prices based on the browser you use? Targeted advertising isn't where it ends. Companies like Google and Facebook often record enough information to tell how much you shop around before buying things, for example. It doesn't take much data mining to work out how much you'd be willing to pay for a specific product. Next time you visit an online store, you may find it's exactly that amount. Meanwhile, it costs 20%
Re: (Score:2)
Re: (Score:2)
Check in with FourSquare to become the mayor of burger king to get a 10% discount on your next piece of crap for lunch, and watch your insurance company make a silent note.
Why is this bad? I eat healthy, and am healthier for it. Why should I have to subsidize the lard-asses who eat at BK every day?
The way to deal with the public cost of fast food is to put a surtax on it and apply that money to the health care system. Like they do with cigarettes.
That way the fatties can lead their miserable lives and the rest of us don't have to pay for it. Much in the same way I don't have to pay for your devil-may-care attitude towards surveillance. I do my best to protect my information. Most of the sheep don't know or care. It's surprising that you do know and don't care, but that's your privilege.
As f
Re: (Score:2)
well, the thing is, there's a reason there's the "europe" in the complaining groups name.
they're required to give you a copy of the records. sure, they can try to make a mint with them - it's not fb's loss when it leads to no sales, it's the stupid advertisers loss. but I guess a lot of that is problematic for fb as they don't have actual records, more like an ever living live record. it's pretty easy to target advertisements just based on what you were served on that page push, but keeping a record of that
Re: (Score:2)
Re: (Score:2)
Check in with FourSquare to become the mayor of burger king to get a 10% discount on your next piece of crap for lunch, and watch your insurance company make a silent note.
a) The only insurance I have is on my house and my possessions, not my health
b) There is insufficient information on my Foursquare profile to connect me to my insurance-buying aspect
Write on your wall about your cool new Nike Football shoes, and watch targeted advertising appear to you for other football related products.
a) I block ads; so what?
b) Even if I didn't, I'd rather see relevant ads than the random crap I'd get otherwise.
Nothing is free. What I gain from using Facebook, Twitter and Foursquare is worth more to me than what I pay to use them. Please continue to feel smugly superior though.
Re: (Score:2)
Write on your wall about your cool new Nike Football shoes, and watch targeted advertising appear to you for other football related products.
b) Even if I didn't, I'd rather see relevant ads than the random crap I'd get otherwise.
Both sides of this point have their merit. On the one hand, I case about my privacy, and don't want companies to profile everything I do. On the other hand, I'd rather see relevant ads than irrelevant ads. Should I sell my soul for comfort? Or stubbornly resist the flow and accept all the annoyances it brings? I'm not quite sure.
For the most part, they don't seem to be doing a terribly good job at showing me relevant ads, though. Except YouTube; ever since I googled for accountant services, YouTube keeps sh
Re: (Score:2)
I live in a small community. FaceBook, Twitter, all still more private than what is already considered public here. I hope my area is just an isolated case. If it isnt, then I'm tempted to say privacy has always been an de facto illusion. To borrow a phrase, it was privacy through obscurity, and easier done in urban areas.
Re: (Score:2)
Of course they'll tell you that. In fact, haven't you realised? You ARE their intellectual property. All you iSheep, Twits and FacePalmers. Go on, put your private life on teh intertubes for all to see. Check in with FourSquare to become the mayor of burger king to get a 10% discount on your next piece of crap for lunch, and watch your insurance company make a silent note. Write on your wall about your cool new Nike Football shoes, and watch targeted advertising appear to you for other football related products. The herd is a goldmine, ripe for the picking.
Yes, because only providing the "necessary" information such as name, SSN, birthdate, address, employer, annual salary, spouses information and SSN, your first car you ever owned, the name of your first grade teacher, your entire employment history, your entire medical history...the neverending plethora of VERY personal information you have to provide to various agencies throughout your adult life is MUCH much more secure because those agencies NEVER have security breaches, exposing millions of records at a
Re: (Score:3, Interesting)
Re: (Score:2)
And with such information easily available, employers are even depending on it and starting to thumb their noses at wiseass technophobes that know better than to whore themselves out to social networks.
Re: (Score:2)
Re: (Score:2)
I'm anti-religion too. I don't care what you do on your own if it doesn't affect me, but religion scares me.
The prime example is all those Christians waiting for the rapture, hoping for it. These people actually want the world to end. Wars, environmental catastrophes, political upheavals, etc., are signs from "God" to these people. There are a lot of them, and they are allowed to vote, run for political office and make law.
It is NPC to criticize religion. How did that happen when it has the capabi
Interesting (Score:5, Insightful)
So you, by definition, have knowledge of all of you personal information (otherwise it wouldn't be personal), they must think that they have a way of turning knowledge about your self that is available to you consciously, into information that isn't, for example by analyzing your web history, or use of language, or friends, in order to predict certain cultural preferences, or ad susceptibility. That's perfectly believable, and no, you probably aren't entitled to it. If you don't want them building models of you, don't submit your information.
Re:Interesting (Score:5, Interesting)
It might even be more fun than that. Maybe they know things about you that you never told them, like your gender or age. I would also tend to believe that if they're able to figure out this information about people they're probably entitled to keep the fact of their knowing secret.
Re: (Score:2)
If they are adding that as information about "you" to the folks they sell your information to, you should be entitled to get it under a request of "what information about me do you have" - not a "what information have I given to you about me, minus all the other stuff you worked out on your own...".
However, I can also see that giving all that information may well end up opening an interesting kettle of fish. What if one of their derived bits of information about you were that you were a white supremacist? W
Re: (Score:3)
Well there was J Edgar Hoover, wasn't he into cross dressing? And he was definitely very right wing...
Re: (Score:2)
Re: (Score:2)
Genderizing datasets isn't a difficult thing to do. Just ask anyone using DataFlux.
Re: (Score:2)
It might even be more fun than that. Maybe they know things about you that you never told them, like your gender or age. I would also tend to believe that if they're able to figure out this information about people they're probably entitled to keep the fact of their knowing secret.
Disclaimer, I am not a lawyer, but insofar as I understand the law this cannot apply in Europe - in Europe they are required by law to give you access to all personal data stored about you so that you can correct or remove it. See the Personal Data Law [europa.eu], specifically the data subject's "right of access" to personal data.
Re: (Score:2)
Re: (Score:2)
I think it must go further than that. A coworker today was wondering why Facebook recommended as a friend a person that we recognise the name of from within our company, but in an overseas branch. They have no Facebook friends in common. He's never sent or received mail from her on a personal account (he's obviously signed up to Facebook on one of those accounts), never given Facebook any clue as to his work email or even the place he works. I was thinking there must be a simple explanation, but maybe there
Re: (Score:2)
Re: (Score:2)
Re:Interesting (Score:5, Interesting)
I've got a better one: A colleague who has a facebook account but has never posted anything, not a photo, not even information in the profile got a recommendation from Facebook to add as a friend someone who is in her cancer survivor's group. The absolutely only bit of information about her that she's been able to find on Facebook is a photograph from a different friend's profile in which she appears but is not named in the photo's info. As I said, she has never posted anything about herself and the person who was recommended to her is not the facebook friend of a facebook friend.
Wrap your head around that one. Now maybe there's some bit of data she forgot about or some connection she has been unable to learn, but she's really a detail-oriented person and has just not been able to determine how this connection was made.
Either way, it's creepy as hell and she deleted her account, although she has no misconceptions that anything collected about her has been deleted. I guess you would say she "closed" her account because it does not appear that Facebook ever willingly relents a scrap of info.
My suggestion? Back out slowly, don't try to delete your account. Change your name, get facial reconstruction and move far away.
I never really liked it much, but I just won't touch that shit any more. I hate to sound like an eccentric old crank but I've been writing letters a lot more lately. I don't even let my eyes linger on the Facebook icon on any webpages I read.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The simplest "people you may know" method is to mine people's contacts when they voluntarily upload them (email, phone, IM, etc.) in a "find my friends" flow. Most of the "holy crap it's my decade-ago ex-girlfriend" style shocks I get are because they still have me in an address book somewhere and they shared it.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
I don't even let my eyes linger on the Facebook icon on any webpages I read.
And you know Facebook will see you looking at their icon, and be all like "OMG PopeRatzo looked at the icon, draw some boobs on it so he'll click!"
Re:Interesting (Score:4, Informative)
creepy: yes
creepy by facebook creepiness standards(R): no
Re: (Score:2)
Re: (Score:3)
After reading (well, skimming anyways) TFA, I really feel I should point out Facebook didn't say in TFA that the personal information was a trade secret, only that it would be an exception if it was. Possibly, they omitted information under the other exception, which is if it is exceptionally difficult to provide the information, and only gave both exceptions for maximum ass-coverage (and tinfoil-hat coverage too, apparently).
It wouldn't surprise me at all if they had more information than you gave them (su
Re: (Score:2)
If you don't want them building models of you, don't submit your information.
How many people are willing to stand up to their friends and say, "No, I am not on Facebook, please send me an email if you want to invite me to an event?" How many people are knowledgeable enough to take the time to set up ABP and NoScript, or to configure the equivalent in their browser of choice? The problem with not participating in Facebook is that it is spread out all over the web, large numbers of people use it as their primary means of communicating, and many people simply assume that everyone i
Re: (Score:2)
EU privacy laws (Score:2)
.... use of language, or friends, in order to predict certain cultural preferences, or ad susceptibility. That's perfectly believable, and no, you probably aren't entitled to it. If you don't want them building models of you, don't submit your information.
Under EU privacy laws they must, upon request, provide you with all the information they have about you. And upon request they must also delete any personal information.
If there's really anything to this story (and facebook doesn't back down), I think facebook will loose in court...
Remember... (Score:5, Insightful)
If it is free, you are not the client. You are the product, and you are being sold.
Re: (Score:2)
Not really. Just like with a client, they have to keep you satisfied, otherwise you'll stop dealing with them, and they'll get no money.
Re: (Score:2)
No, you most certainly are the product.
It's more like how a cattle rancher has to be careful not to let too many of his cows run off, or get kilt by rattlers.
The rancher's expressions of concern are by way of protecting his product, rather than protection of a client relationship.
Re: (Score:2)
But, in your analogy, the cattle are free to leave at any time! I have never heard of ranching like this! I have heard of serving customers in this way though.
Re: (Score:2)
Yeah, but if you start stripping away these things, it starts to lose the essence of being a "product". If you remove the requirement to be owned or controlled by the people trying to sell a product, in what sense is it a product? More relevantly, in what sense are you not a client? And besides, if products do not have this requirement, then does the word "product" deserve the negative stigma it receives?
Re: (Score:2)
Millions of people are willing to give retailers personal data in exchange for a discount off inflated prices. The customer in retailer is quickly becoming the firms that buy data. I wonder how
Re: (Score:2)
Re: (Score:2)
Re:Remember... (Score:5, Insightful)
I'll drop the meme when they stop treating me like a product.
Re: (Score:2)
Re: (Score:2)
No, the product is the data--your data. The service is an expense, the cost of doing business, the means to acquire and aggregate that data to be sold.
Facebook, Twitter, Google and the like have already gone far from trying to offer a good service which is subsidized by advertising. The advertising and data brokering is now their business model and their main focus, and the service is collateral that is maximized to fulfill that model.
In a very real sense, users of the service are the product.
This actually makes some sense. (Score:2)
Whether good or bad, the type and structure of the data stored can definitely hint at the proprietary stuff they're doing with it.
Correct (Score:2)
Facebook: Your Personal Data is a Trade Secret
I agree 100%, which is why I refuse to give my personal data to Facebook (or anyone else).
Your data is still there (Score:2)
Re: (Score:2)
Bank? Yes. Checks? Haven't written one for the past 4 years. Credit card? Yes I have 3. Discount card? No. Job? Self employed. SSN? Nope, not in the US. Visa? Nope, I'm Canadian so I don't need one for the US. House? I own corporations that own houses. The corporations were originally created with third parties as shareholders and I ended up buying all the shares privately. My annual general meetings are very short. Line of credit? Nope, don't need it. Google? Yeah I use the search engine. Hotmail? For non
Re: (Score:2)
Much much more than you would suspect. Any friends who use Facebook? Are there records of the corporations you bought and own (sweet gig there, BTW)? And of course, all your credit info from the cards is available (online from credit report sites). Also, I imagine you have a drivers license (not sure how info from that woks in Canada, though)
Now, this info isn't necessarily available entirely or easily to most people. But to major companies? Hell yeah. Even the houses could be traced back to you pretty e
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Frank Zappa had incredible foresight (Score:2)
It has been stuffed into my mold
And you will do as you are told
Until the rights to you are sold...
Fact-free learning (Score:2)
Minor rearrangements of existing facts can be considered to be innovative new facts.
Consider this cool paper from Aragones et al:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=643545 [ssrn.com]
Quantity (Score:3)
It could be that the quantity of data they collect is far more than anyone suspects and that's the trade secret.
Facebook is a business (Score:2)
Unlike some governments, businesses are not subject to "Freedom of Information" queries.
Nor do you have any "rights" other than those set out in the terms of service, other than the right to refuse those terms and go elsewhere.
Surely these Austrians aren't naive enough to think they're going to shove their laws down an international organization's throat? If they object that strongly, try to have Facebook blocked and banned from Austria. That is and should be their only legal recourse -- you cannot h
Re: (Score:2, Insightful)
Surely these Austrians aren't naive enough to think they're going to shove their laws down an international organization's throat? If they object that strongly, try to have Facebook blocked and banned from Austria. That is and should be their only legal recourse -- you cannot have international organizations subject to the whims of every nation in the world that the internet reaches.
Yes and no. What you are saying sounds dangerously close to claiming Facebook is completely above the law (of every country) and can do whatever the fuck it likes just because it is multinational. Unless we establish a planet wide government (which is a bad idea anyway), I don't think corporate immunity to prosecution in all jurisdictions is a good idea.
BTW, companies are usually subject to the laws of countries that it chooses to do business in. IANAL, but Facebook could have just made "Country" a mandator
Re: (Score:3)
Unlike some governments, businesses are not subject to "Freedom of Information" queries.
In the European Union, businesses are. [europa.eu]
THE DATA SUBJECT'S RIGHT OF ACCESS TO DATA
Member States shall guarantee every data subject the right to obtain from the controller:
(a) without constraint at reasonable intervals and without excessive delay or expense:
- confirmation as to whether or not data relating to him are being processed and information at least as to the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disc
Re: (Score:2)
Re: (Score:2)
EU law, yes -- it's a big enough market to be followed. But the article does not mention anything about Facebook violating EU regulations. It only mentions that it's Austrians raising the issues.
But no company follows the regulations of every nation where the internet reaches. Suppressionist regimes like Iran have such insane laws that it's IMPOSSIBLE to follow them all.
Re: (Score:2)
But the article does not mention anything about Facebook violating EU regulations. It only mentions that it's Austrians raising the issues.
Austria is a member of the European Union. (I shouldn't have to post this.)
Re: (Score:2)
Facebook is incorporated in the Republic of Ireland which is a signature party to the EU data protection directive. Facebook have no choice, subject data access is EU law.
Actually, (Score:2)
"Data like the biometrical information or ”likes” are seen at trade secret, intellectual property or are simply too complicated to send to users according to Facebook."
It raises the question whether it's reasonable to request from them information such as your "likes". It sounds to me like asking a company to hand you over a log with your phone calls and email exchanges; I don't think they have that obligation.
Re: (Score:2)
If they store it, and it counts as personal information, they're required to hand it over. The European data laws have no exception for "too complicated'.
Re: (Score:2)
However they do have exceptions for data that is commercially sensitive, though it's a very narrow definition and not something you can easily use as a blanket "get out" clause. If in doubt, file a complaint with your Information Commissioner's office (or local equivalent) as they will quite quickly be able to rule on whether or not Facebook or justifiably invoking the Trade Secret option.
Re: (Score:2)
It raises the question whether it's reasonable to request from them information such as your "likes". It sounds to me like asking a company to hand you over a log with your phone calls and email exchanges; I don't think they have that obligation.
If the company has kept a record of such events and linked them explicitly to your name, then it should count as personal data.
Do Products Have No Rights? (Score:3)
Apt fortune (Score:2)
Your Personal Data is a Trade Secret (Score:2)
Keep telling it to Mr TSA agent.
Flouting data protection laws (Score:2)
Not just Facebook... (Score:2)
Despite the Data Protection Act in the UK which generally requires disclosure and correction of personal information, financial institutions routinely refuse to give out information on things like decisions to turn down credit applications on the grounds that the proprietary algorithms they use to crunch your data are trade secrets. This even extends to the data sources they have consulted in addition to the personal information you provided them.
I was on one occasion turned down for a credit card because o
Re: (Score:2)
That is true for companies with which you have a contract that involves sending them personal information.
Whether Facebook and others like Google, Microsoft, etc. are bound by the DPD remains to be seen. They are not from a EU country and they did not sign a contract with you - I don't think there's an official client-provider relation between their users (especially their EU users) and them. Some court might try to force them to hand over the data on account of national laws but that's open to interpreta
Re: (Score:3)
That is true for companies with which you have a contract that involves sending them personal information.
No, it's true for all companies that hold personal information. See the ICO [ico.gov.uk] for more details (for the UK).
They are not from a EU country
http://www.facebook.com/terms.php [facebook.com]
The website under www.facebook.com and the services on these pages are being offered to you by:
Facebook Ireland Limited
Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland
Re: (Score:3)
Two can play at this game. Everybody place a legal notice in the paper that does essentially the same thing, except that you are simply claiming your own personal data. State that your data may not be used without a contract and payment subject to negotiation, and that you regard unsigned agreements as invalid. It may or may not stand up in court, but it'll be a helluva good show.
That won't work for adults since they can claim that as the owner of your personal data, you automatically give them a licence to use your data when you agreed to use their services. It might work for minors, since in many countries, minors are not allowed to sign contracts or give up rights, without parents' permission.
For adults, one can formally sign the complete rights to their personal information to a trusted individual (like a parent) or organization, before joining any social network service. Then
Re: (Score:2)
This exchange could have gone either -1 Offtopic or +5 Funny. Not quite as classic as this bad boy [slashdot.org], but pretty funny nonetheless.
Re: (Score:2)
Dropped FB last year.
Haven't missed it.
Re: (Score:2)
There are a few on Wikileaks and Cryptome if anyone wants to try :D