Facebook Is Building Shadow Profiles of Non-Users 338
An anonymous reader writes "As noted previously, Max Schrems of Europe Versus Facebook has filed numerous complaints about Facebook's data collection practices. One complaint that has failed to draw much scrutiny regards Facebook's creation of Shadow Profiles. 'This is done by different functions that encourage users to hand personal data of other users and non-users to Facebook... (e.g. synchronizing mobile phones, importing personal data from
e-mail providers, importing personal information from instant messaging services, sending invitations
to friends or saving search queries when users search for other people on facebook.com). This means that even if you don't use it, you may already have a profile on Facebook.'"
who's data (Score:2)
Re: (Score:2)
Re: (Score:2)
Not really, if I was under the mistaken impression that the sun burned petrol to fuel its light then you'd hopefully correct me. If I made a more minor error say for example I talked about how the 68000 processor was clearly copied from the 386 architecture then again I'd hope you'd put me right.
If I misused grammar so my meaning was unclear for example I mistyped "I helped my Uncle Jack off a Horse" Then again you should say something.
Personally whenever I see someone misuse their/there/they're my internal
Re: (Score:3)
FWIW I prefer "Let's eat grandpa!" as my commas being important sample sentence.
Re: (Score:3)
Because ignorance and refusal to follow simple rules of grammar are just as inborn and innate as one's race or sexuality.
But how about those French people?
They use a different word for EVERYTHING!
Re: (Score:2)
Is that you, Steve Martin*?
* Thought nobody would remember, eh Tsingi?
http://www.brainyquote.com/quotes/quotes/s/stevemarti163457.html [brainyquote.com]
Re: (Score:3)
Is that you, Steve Martin*?
* Thought nobody would remember, eh Tsingi? http://www.brainyquote.com/quotes/quotes/s/stevemarti163457.html [brainyquote.com]
Nah, it's OK. I'm not embarrassed to say that I rip off humour. It's still funny.
Mind you it is a little embarrassing to get caught ripping off Steve Martin.
Re: (Score:2)
It's strange that so many people that use this site can understand the intricacies of a programming language but can't sound-out a misspelled word. I appreciate proper spelling and grammar, but is it really worth derailing a thread just to mock someone's mistake?
Re: (Score:3)
Derailing?
Mock?
This. Is. SLASHDOT!!!!
Re:who's data (Score:5, Insightful)
What the article is in part talking about is what a lot of people have been saying for years now.
People say if you don't want facebook to know anything about you, then you shouldn't post there.
So others reply that it doesn't matter that you didn't give the data to facebook, one of your friends might.
So now the statement is that if you don't want facebook to know anything about you, then you shouldn't tell your friends, colleagues, etc. anything - after all, they may enter it on facebook.
But this still makes the presumption that you actually gave that information, knowingly and willingly, to that person - and that it it's reasonable to assume that facebook will then collect it as well.
Let's say you went to Slashdot High. So did some other person. That other person tells facebook to look for MikeB0Lton who attended Slashdot High. Now facebook has a reasonable assumption that you went to Slashdot High.
You didn't give facebook that data. And you didn't really give that data to that person - it's just information that accumulates simply by existing. You could fo for a "well you could have chosen to be homeschooled" sort of retort, but setting aside that most people here went to highschool long before facebook even existed, that's of course asking for ridiculous steps to take just to prevent anybody from collecting data about you.
Now obviously pandora's box on this was opened a very long time ago and there's really no way that it'll ever change. Even if facebook were to be forced to kill all collected data beyond that required for direct facebook operations, there's plenty of companies and shady organizations who are not targeted and who will gladly not even bother with waiting for users to provide the data and instead crawl sites and official records for it.
But the suggestion that facebook only has data on you because you gave it to them - and now that it has it because you gave it to somebody else - seems to be putting some level of blame with people when really they needn't even do/say anything.
Re: (Score:2, Informative)
When you install FB onto your smart phone, you are allowing FB access to every nook and cranny about your phone, its data, etc, even if you opt-out to not 'connect' with people in your contacts.
What FB is essentially doing, is they are looking at your contacts, the names you have of them, their number and email, and creating a 'profile' if that person doesn't already exist.
The problem here is that those persons did not give consent to FB (ie. installing FB on their phone or creating a profile). Another maj
Re: (Score:3)
Well, you certainly can't put it back in the box, but governments could always criminalize it with destructive fines so that if a company is discovered doing it, they have to pay, and pay big.
Re: (Score:3)
What, and stifle innovation?
Re:who's data (Score:5, Insightful)
I don't think Facebook should be merely fined, I think it should be fined so vastly that it's very existence is put in doubt. I think CEOs, boards of directors and shareholders should be absolutely terrified to the point of pissing their pants if they create an aggregate database of people who have not given explicit permission to be in such a database. I want them to wake up in the middle of the night in cold sweats at the very thought that anyone in their data centers might even be doing it. I want them to spend a fair portion of every day worrying about it.
Re:who's data (Score:4, Interesting)
So while everyone is taking issue at Facebook doing this, whats really needed is a Personal Information Control Act aimed at individuals rather than corporations?
Rather like (as i am in the UK) a Data Protection Law aimed at everyone, rather than just what businesses and organisations can do with data collected?
Or are we going to try and stick a band aid on it by limiting what companies can collect from people willing to offer?
Re: (Score:2, Interesting)
I would say what needs to happen is people need to learn about the concept of "a matter of public record" and get used to the fact that while historically actually searching for public records was difficult it no longer is.
In short privacy is obsolete, our culture needs to adapt to this. Because ultimately all this information has always been available (high school yearbooks, for example have done much the same things as Facebook in the GP's example) the only thing that has changed is the barrier to accessi
Re:who's data (Score:4, Funny)
Let's say you went to Slashdot High.
People visit Slashdot when they're high? That'd explain a lot of comments! ;-)
Re:who's data (Score:5, Funny)
Re: (Score:3)
Well, the issue was that in the past security by obscurity actually worked (or maybe we should call it privacy by obscurity). Your photo in a yearbook didn't make identifying you in a photo array on the other side of the country any easier, and your fingerprint on a card in Memphis didn't make you a suspect for a crime in Seattle.
Today databases are becoming so ubiquitous that it is getting to the point that if anybody knows anything, then anybody else who is determined can find it out unless it is kept ve
Re: (Score:3)
That doesn't wash under UK law, nor in most of Europe. It is against the DPA for a business to hold data on you unless there is a mutually agreed reason for them to do so between the two of you or unless they fall under one of the specific exemptions provided by the act such as for law enforcement, or health provisioning. Facebook falls under none of this, so without a doubt is in breach of British law and similar laws in much of Europe.
Whether anything will be done is a different story, our ICO is a toothl
Re: (Score:3)
Who's data is it? While it may be your phone number and your birthday, it is really just the data of the user who entered it. You gave it to the person without restrictions.
Nope the data do not belong to the provider (at least in the EU). It comes down to who's being personally identified by that data. If I upload your contact details to Facebook, they will be obliged to disclose that to you if you should make a subject access request. They're obviously they are not required to tell you who owns the address book in which your details are found. In theory you could even ask that your details be removed from my account. Of course removal may be refused, but Facebook would be obl
Re: (Score:3)
The only way to ensure anything stays secret is to Nottell it to anyone else. Otherwise, it's not longer a secret. Then you have to Nuke them From Orbit to ensure the prompt and complete removal of that secret.
Doh! (Score:3)
Re:Doh! (Score:4, Funny)
See this is why I don't use facebook..... er...damn it!
To be fair, it sounds more like Facebook is using you.
Re: (Score:2)
The example in the summary of searching for someone ON Facebook followed by a claim of "I don't use Facebook!" is pretty stupid.
Re: (Score:3)
The example in the summary of searching for someone ON Facebook followed by a claim of "I don't use Facebook!" is pretty stupid.
I think you misread that rather rambling, run-on sentence in the summary
'This is done by different functions that encourage users to hand personal data of other users and non-users to Facebook... (e.g. synchronizing mobile phones, importing personal data from e-mail providers, importing personal information from instant messaging services, sending invitations to friends or saving search queries when users search for other people on facebook.com).
The searcher and the non-user are different people. The searcher is the non-user's (real life) friend, and just entered data about the non-user to try to find him on facebook. FB keeps that piece of data in non-user's "shadow profile", or more appropriately, "dossier".
So John Smythe doesn't have a facebook profile, but his friend just searched for John Smythe from Washington High School. Now they know that. Another friend looks for John
Re: (Score:3)
You're right.
So a Facebook user searching, on Facebook, for someone who happens not to be a Facebook user, tells Facebook what? That the person named may exist, and that Facebook user is interested in him? Doesn't sound like much of an issue to me, but then I don't spend much (enough?) time worrying about what FB is doing with all the personal data it has.
Oh, really?! (Score:2)
Re: (Score:2)
Good to see this is getting some wider exposure! They used to send a courtesy mail to tell you they had your information and suggest you get an account so you can see it. Do they not still do that?
That was the classmates.com people, sending weekly if not daily emails, if I recall correctly. Nothing a little spam filter can't clean up.
Re: (Score:3)
Good to see this is getting some wider exposure! They used to send a courtesy mail to tell you they had your information and suggest you get an account so you can see it. Do they not still do that?
That was the classmates.com people, sending weekly if not daily emails, if I recall correctly. Nothing a little spam filter can't clean up.
I keep getting prods from FB, I have updates. To heck with them, I don't care. I'm not here to enrich these people.
I also found the source of the little pop-ups which want me to finish filling in all my personal information or when they want me to take a tour of something they've added or changed. FB is about as annoying as Windows with all those damn balloons popping up. Sure-fire way to drive me out, keep bugging me.
Re:Oh, really?! (Score:5, Interesting)
Re: (Score:3)
Monetize that.... (Score:2)
What is unfortunate, Facebook might be willing to sell this data to 3rd parties without your consent... as your friends/coworkers/family have already consented to releasing the contact information for you. Even without Facebook selling it, it's only a data breach away from some the unscrupulous hands.
Re:Monetize that.... (Score:4, Insightful)
Even without Facebook selling it, it's already in some unscrupulous hands.
FTFY
Re:Monetize that.... (Score:5, Insightful)
What is unfortunate, Facebook might be willing to sell this data to 3rd parties without your consent... as your friends/coworkers/family have already consented to releasing the contact information for you. Even without Facebook selling it, it's only a data breach away from some the unscrupulous hands.
I don't know that there's anyone more unscrupulous than facebook. The mobsters and fraud rings out there really just want to use your identity to take money from banks. They're annoying but not really that dangerous to ordinary people (nor to the banks, who treat low-level activity as a cost of doing business). The law is also firmly entrenched against them, and they are occasionally caught and punished. Facebook and their ilk, however, sell humans as products to thousands of corporations around the world, and they do so with impunity. They are a direct and real threat to every individual person alive today and countless unborn yet to come. If you put a gun to my head and told me I had to give all my personal information to either Mark Zuckerberg or a Russian gangster, I'd give it to the gangster every time. Then I can go file a police report, close all my accounts, and start over with no loss but a few hours of my time. Eventually the gangsters will be caught and imprisoned or perhaps killed in a war with other gangsters. There's no such happy ending possible if facebook gets its hands on my data; even if I change my name, move to a different state, and start a new career, sooner or later facebook will get my new data too. There's apparently nothing I can do about it, and the law won't help me.
Bottom line: a "facebook data breach" would mean nothing to us, since everything in their database was already for sale; it would only harm facebook, who will have given away what they were previously selling.
Facebook wants to be Google (Score:5, Interesting)
Google's problem is that search engines can be easily fooled. Since the user indexes his or her own data by what is published to the web page, people tend to list all sorts of keywords which in turn create false results. Google's solution was PageRank, or picking the most popular sites. This doesn't work because all language is contextual, and as a result, a search term can mean many things.
What both Google and Facebook have realized is that unless they figure out who the user is, and what types of things they are looking for, there is no way to impose a type or context to the search. Without typed searching, search results become more irrelevant with the number of pages published to the web.
Both of them have hit on the same solution. Users aren't going to log in to a search engine, but they will log in to Gmail or Facebook, and that allows these companies to keep track of who you are (Google Plus is more an extension of Gmail than a separate app). Why else do you think both of them are manic about trying to get you to "validate" your account with a phone number?
Re: (Score:2)
Why else do you think both of them are manic about trying to get you to "validate" your account with a phone number?
Manic is a good choice of words.
Google: You should give us your phone number. (for the 12th time)
Me: Fuck off and quit asking me for my damned phone number you fucking asshats! You aren't getting it! !@$#%^%%$@#%$
Mania is infectious.
Rare opportunity. (Score:5, Interesting)
In Soviet Russia, Facebook has profile on YOU.
Re: (Score:2)
Re: (Score:2)
Yes. Not only are they giving away information about you, they're time traveling and didn't invite you along. Don't you feel bad?
People have no clue what's watching them (Score:3)
Go on various people search websites, like Spokeo, and search for yourself. Go ahead, I'll wait.
You're probably already on the web. And tracking companies like DoubleClick already know all about your browsing habits. If you're paranoid about privacy, then you better stay off of the internet, don't use cellphones, credit/debit cards, shopper discount cards, etc, because profiling you is what makes companies extra money nowadays.
If you think they're going to pass up the opportunity to make money just for the sake of your privacy, when there's no law to stop it, you're sadly mistaken.
Re: (Score:3)
And that there's the problem, I don't want them to have access to that information, but there's a lot of online services that I need to use in order to go about my daily life. Many of which have equivalents that are offline and not completely inconvenient. But, there are things which don't have an offline equivalent or where doing it offline wouldn't be feasible.
I've tried to block random 3rd party javascript, but at the end of the day, the web is so fundamentally broken at this point that you never know wh
Re:People have no clue what's watching them (Score:5, Insightful)
You also have no idea if your ISP is collecting information on the sites you visit, either through DNS queries or by parsing the content of pages you visit, and creating a profile about you to sell. And once that profile exists, if even one website out there is connected to that company's profile database and can associate your visit and a particular account as being you, then suddenly they've attached a name to an otherwise anonymous profile. It can only grow from there.
The point I was trying to make is that unless there are privacy laws and strict rules on what data networks and companies are allowed to take and sell about you, then it's simply never going to stop.
The other point I was making is that Facebook is far from the only company doing this, and people shouldn't be wasting their time focusing on just one of them.
Re: (Score:2)
Spokeo is amusing in how BAAAD it is- looking up myself it has more things wrong than right.
Scary that it gets anything right- but Spokeo just makes silly guesses based on, who knows what.
We should have a "Tell Lies to Facebook Day" (Score:2)
Facebook is becoming the new Microsoft to me.
Re: (Score:3, Insightful)
Re: (Score:3)
I have come to peace with microsoft long ago.
They just want my money. I can live with that. Google and facebook, otoh, give me stuff "for free" in order to sell me.
Re:We should have a "Tell Lies to Facebook Day" (Score:5, Insightful)
Most of Microsoft's evil was directed at their competition. They were rarely evil to their customers, lock-in aside, just incompetent. With things like lawsuits over FAT patents and demanding $15 for every Android phone sold, they're still just as evil to their competitors, but they seem to be a lot less incompetent to their customers (I've not used it, but I've heard good things about Windows 7).
In contrast, Facebook is evil to its users.
Re: (Score:2)
Facebook is waaaaaaay more evil than Microsoft.
Microsoft is the bumbling idiot politician who maybe steals a little bit of public money on the side- but tries to make good policies and move things along.
Facebook is like an evil genious- hell bent on world domination and destroying anything that gets in its way- turning innocent people into mindless zombies along the way.
Another benefit of blocking Facebook domains (Score:2)
As a former Facebooker, I already block all Facebook domains to keep the stupid Like buttons and other debris off of the websites I do visit. This is just another reason to do so.
It's amazing how much faster it is to load pages when there are no calls to Facebook.com or their content delivery domains.
Re: (Score:2)
Do you have a quick and dirty list to post? I sense additions to /etc/hosts coming on...
Re: (Score:3, Informative)
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com
Just automate everything (Score:2)
It's going to get to the point where Facebook users (and non-users) won't even have to do anything to add information about themselves. Data mining techniques can suss out each user's personal information from the internet and aggregate it on the profile page. People with smartphones will have their locations and current activities automatically updated to their news feeds. Camera phones will automatically snap pictures and upload them to Facebook where people in them will be tagged via facial recognitio
Re: (Score:2)
It's going to get to the point where Facebook users (and non-users) won't even have to do anything to add information about themselves. Data mining techniques can suss out each user's personal information from the internet and aggregate it on the profile page. People with smartphones will have their locations and current activities automatically updated to their news feeds. Camera phones will automatically snap pictures and upload them to Facebook where people in them will be tagged via facial recognition algorithms.
At this point, why even bother allowing Facebook users to modify their own information? Why even bother with accounts and logins?
How would you automate virtual farming and mafia waring? Not much of a grind game, when the grind is removed.
Called it (Score:2)
I figured they'd been doing this for years, I was just waiting to see when they'd start setting up visible profiles automatically and saying "Join up to claim your profile now! Or let the information continue to flow completely uncontrolled..."
Others can list your hometown for you (Score:5, Interesting)
I had a weird notification this morning. Facebook wanted me to confirm that someone else said my hometown was X city. So now if you don't list this information, they're asking others to rat you out, despite your best efforts to keep that information off of the web. I'm not sure you can opt out of other people's disclosures in the same way you can opt out of listing your city/state/employer etc.
Re: (Score:3)
You can't I've looked. What's also bad is when FB tells you someone told them your hometown/highschool/relationship/etc is ABC you don't have an option to deny or delete that factoid. The best you can do is not show it on your profile. But FB still assumes it's true and saves it.
I got in a long drawn out debate with friends about this recently. I politely asked people not to tell FB info about me. I was shocked how many friends argued with me... even after I gave links to articles about what FB does with th
Re: (Score:3)
Just a few months back I could not find a way to stop others from listing my employer on my own profile. I had to repeatedly delete this information as more and more people started entering it.
As far as I can tell, only very recently did Facebook add an option to let me approve these associations. Even so, this may still be information I don't want Facebook to store on me (I have no idea what they may use it for or how secure their data is), and it's not clear given their other practices whether that inform
Violation of the Data Protection Act (Score:5, Informative)
How is this not a violation of the data protection act? I quote from Wikipedia (http://en.wikipedia.org/wiki/Data_Protection_Act_1998)
1. Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless- [...]
Personal data should only be processed fairly and lawfully. In order for data to be classed as 'fairly processed', at least one of these six conditions must be applicable to that data (Schedule 2).
The data subject (the person whose data is stored) has consented ("given their permission") to the processing;
Processing is necessary for the performance of, or commencing, a contract;
Processing is required under a legal obligation (other than one stated in the contract);
Processing is necessary to protect the vital interests of the data subject;
Processing is necessary to carry out any public functions;
Processing is necessary in order to pursue the legitimate interests of the "data controller" or "third parties" (unless it could unjustifiably prejudice the interests of the data subject).[8]
Is any of the above true? I certainly did not consent for my data to be processed when I am not on Facebook. Also note, it is not important who has given the data to Facebook, the DPA talks about the data subject -> The person the data is about.
Re: (Score:2)
The Data Protection Act is UK legislation. If Facebook do hold this sort of information then they probably don't process it on servers located in in the UK (or in other European countries where the EU Data Protection Directive applies).
GRRRRRRRRR! (Score:2)
I read the comments on this article, go back to main page, and "Become a fan of Slashdot on Facebook" pops up as the dialogue next to the ./ logo.
Irony.
Nothing new at all (Score:2)
Re: (Score:3)
4-5 years ago, my friends were always asking me to stop inviting them to facebook, because they were already members. It was funny because I wasn't even a member myself. Yet, somehow they were getting invited by me to join.
Cut to a few years later, I joined facebook only because I wanted to see how well integrated it worked with my palm pre. It integrated really well. A few days into my membership, I got an friend request from a college buddy. There was a shadow profile, but I had figured that he hadn't filled his profile out yet. So I accepted. The next day he told me he said f*ck it and joined on my invitation. So, he wasn't a member and hadn't done a friend request. I felt so stupid for falling for it. My acceptance of his friend request generated an invite to join FB from me. I should have known better. Needless to say, I researched how to delete my account. Funny enough, there's still a shadow profile of me naturally. My buddy, on the other hand, lives on the site. I guess he can blame me once he wakes up from his FB daze.
I've had similar experiences where Facebook outright lied about where an invitation came from (just as your case above), and about one friend adding another friend who was not on my Facebook. That was a strange one - it told me that my cousin was friends with a person I knew in grad school, which seemed very unlikely seeing as how they live 2,500 miles apart and didn't seem to have any reason to know each other. But hey, it's a small world, so I checked my cousin's profile - turned out Facebook was lying, j
Simple Solution (Score:2)
Re: (Score:2)
I've never joined facebook or wanted to.
Now I'm tempted to- just to create a bunch of BS so that it is confused about my real data.
Fill in a bunch of fake data- connect via a proxy- then unregister myself before people start giving me friend requests.
Just stay on long enough to screw up FB's data on me.
I've wondered about this for years (Score:2)
You don't own facts about yourself. Get over it. (Score:4, Insightful)
For heaven's sake, get it into your head: You do not "own" facts about yourself. You never did. It has never been, and will never be, illegal for someone to look at you in the bus queue and observe what clothes you're wearing, what your height is, what your hair colour is, or what number bus you're queuing for. Nor is it illegal for someone to listen to you chatting to your friend and hear your name or where you live.
Even before the widespread use of computers, people were compiling databases about individuals. In the Victorian and Edwardian era there were still card indexes of potential customers' names and addresses.
What is different here is the *interconnectedness* . I don't mind people complaining about interconnectedness - I mean, it's pointless and they've missed the boat by at over 20 years, but it is at least a valid argument. The ability of this information to spread at lightning speed between billions of people using thousands of databases, yes, that is relatively new. But complaining about somebody else knowing facts about you, that's dumb.
In England we've had this for well over 950 years, since the Domesday Book in 1089AD which listed every landowner in the country. Most likely the Roman empire kept a similar directory over two thousand years ago.
If you visit a company's website and they record the facts of your visit, that is NOT illegal. It's not even immoral. It only becomes controversial when they pass this information on to an entity which was not otherwise involved with your visit.
Re:You don't own facts about yourself. Get over it (Score:5, Insightful)
You do not "own" facts about yourself. You never did. It has never been, and will never be, illegal for someone to look at you in the bus queue and observe what clothes you're wearing, what your height is, what your hair colour is, or what number bus you're queuing for.
Yes, but it's also true that if a creepy man staked out a bus stop for months on end recording data about people, the police could get him to "move along sir". And if that creepy man was following you around all day, day in and day out, you could get a restraining order against him. Somehow I think getting a restraining order against FaceBook, Google, etc. will be a little more difficult despite the fact that they are stalking the entire world. What's needed is for the legislature to come to the rescue.
Re: (Score:3)
Somehow I think getting a restraining order against FaceBook, Google, etc. will be a little more difficult despite the fact that they are stalking the entire world.
No need for an order against Google. Go look at Google's privacy tools page (there's a link on the bottom of the search page). You can see everything Google is tracking about you and Google provides ways to opt out of all tracking and even tools to ensure that your opt-outs don't get lost. Try it. You'll see that you start seeing more generic advertising and your search result quality will decline a little.
Hilarious (Score:2)
I note that many of the people loudly complaining about Facebook in this matter have Gmail addresses. What do you think Google does with all those contacts they scrape from your messages and that you enter into your Android phone? Especially when correlated with what OTHER people put into their Google Contacts?
Whether you actively participate in the "graph" (FB, Goog, any entry point) or not, you have a node representing you. Even if your node has some wrong information, most of it is probably accurate. Hec
FB Halloween Story (Score:2)
Propagate false data? (Score:5, Interesting)
Surely someone better at programming than myself has either produced or is working on a simple set of software that will fill these databases with false information, rendering the whole thing unreliable. This actually seems like an appropriate task for an organization which refers to itself as anonymous .
Even if human interaction is needed (or better at than software) to create the accounts (answer captchas), once the couple million accounts are up and running they could randomly friend and unfriend each other, get involved in various groups, produce believable profiles, and become pollutants in the databases of companies such as Google and Facebook. Before long there rises the question, "is this profile real or fake? can't answer that? can't consider it real". The fakes could even base their profile on real profiles, altering things like school graduation year, and selecting a subset of contacts from various 'friends' of the real profile. With just a few 'friends' on Facebook an account rapidly begins receiving suggestions from Facebook itself on who might also be a known friend. It would be self propagating.
This may already be in action. I've had a few people/accounts that I did not know on Facebook send me a friend request, but were friends with several of my friends. Before accepting I asked our mutual friends if they knew who this person was. More often than not my friends said they didn't know them but since we went to high school together they didn't want to be rude. NO THANKS! Just as easily as this could be a data pollutant account it could also be a 3rd party mining Facebook for private information. Social engineering has always been a more powerful method than security hacking.
Anyway, I just think that rather than fighting for privacy the better approach is to corrupt their data through their own system. It seems more wicked.
Also: Shadow connections (Score:3)
When both users are registered, Facebook is able to extract relationship data from somewhere. I have received friendship suggestions for people who once sent a single email to an alternate email account I used years ago, which I never put on Facebook. Even assuming all these people are fucking idiots who gave Facebook access to their email accounts, this shows Facebook harvests far more data than it lets on.
In this case, it firstly stores your email contact lists even if you decline to manually send these people contact requests. It secondly is able to form (from other sources, maybe other people's email accounts) a link between different email addresses you have used.
Re: (Score:2)
Like buttons everywhere -> Requests to FB's servers with your "shadow" user ID (from cookies) and the referrer URL -> full web history available to Facebook.
Block (Score:4, Interesting)
Who uses adblock/noscript yet doesn't block those pointless facebook and twitter buttons?
Even if you don't care about the privacy angle, it really cuts down on useless traffic.
Here's a new one you may not have got around to adding yet: apis.google.com/js/plusone.js
Re:Block (Score:5, Informative)
Use Ghostery - it kills web bugs in web sites just like Adblock kills ads.
Re: (Score:2)
Good call.
Re: (Score:2)
Yes, I know they can be blocked. Yes, I have them blocked. But the question is whether we should be forced to block it if we don't want to be spied on.
Re: (Score:2, Flamebait)
Re:Block (Score:5, Interesting)
Who uses adblock/noscript yet doesn't block those pointless facebook and twitter buttons?
Even if you don't care about the privacy angle, it really cuts down on useless traffic.
Here's a new one you may not have got around to adding yet: apis.google.com/js/plusone.js
I don't really think adblockers are sufficient in light of how devious facebook and others are known to be. Using those techniques amounts to participating in an arms war between these companies and other software engineers. Instead, or in addition, one should redirect their entire domains to localhost and blackhole all known netblocks they use. You can't do enough to keep yourself safe from these thieves and predators; they are the modern-day slavers and you, once again, are their product. While there may be no measure strong enough to prevent the kind of theft this article highlights, that serves only to point out that no available measure should be overlooked in the effort to shut down the flow of data into their systems.
Re: (Score:3)
I have. But you shouldn't need to secure it.
A thief is no less of a thief just because the car was unlocked.
Re: (Score:2)
One of the ways it gets data is from reading contact book information when people use their email address book to find Facebook friends. Feeding false information there doesn't really help you. I suppose if they put you in as "John" rather than your full name it's obscured, but it only takes one full entry to put it all together.
Re: (Score:2)
I use a pseudonym and only friend people who I trust enough not to to stupid overly exposing shit.
I think you're missing the point. If you're friending people, then you probably already have a facebook profile. This is about people who don't have a profile, but still have a record of their existence in the facebook system.
It may be that you also have a shadow profile that is (depending on how cautious you are) linked or not linked to your actual profile. This would contain information about you that is generated by those people who you don't trust (i.e. those who do overly exposing shit).
Re: (Score:2, Insightful)
It is absolutely false to say that my client is building "shadow profiles" on "non-users". [My client admits] compiling dossiers on non-aligned-persons; but that is an entirely distinct matter.
If it's so distinct [wikipedia.org], would you kindly explain to those gathered here the difference between a "shadow profile" and a "dossier" and between a "non-user" and a "non-aligned person"?
Re: (Score:2, Insightful)
Your labwork just came back. You might want to sit down for this...
You got trolled. Hard.
Re: (Score:3)
Playing along:
You got trolled. Hard.
Is it still being trolled if I troll back?
Re:Sex Offenders (Score:5, Informative)
I think that went out the window when they became a registered sex offender.
You'd be surprised what could get you on the registered sex offender list. When I purchased my house, I checked the list. Apparently, a guy down the street had a physical relationship with a 17 year old when he was 20. He's now on the list for life because of a vindictive parent, bad breakup, etc.
Re: (Score:2)
What about FB compiling information about people who do not have FB accounts is it that you do not understand?
Re: (Score:2)
then don't give your information to anyone. you giving me your name, address and phone means i can share it with anyone i wish
Re: (Score:2)
Unless, of course, it is given to you on the understanding that you're not supposed to give it out (ie. here's my phone number, but it isn't listed, so don't give it out). In which case you're in breach of contract if Facebook gets their hands on it.
Re: (Score:2)
Not in polite society no.
I trust my friends to not give my phone number to that crazy person at the end of the street.
I trust my friends not to use the information about my address and DOB to perform ID theft and get credit cards in my name.
I trust my friends not to burgle my house when they know I'll be on holiday.
If I get a friend's phone number or they tell me in the pub that they are about to go on holiday i do not then share that information with anybody because that would be inviting trouble for my fr
Re:Facebook (Score:5, Informative)
It's about non-users who HAVE NEVER USED THE DAMN THING and yet are being profiled and harrassed by FB. (like "Hey, these guys are on FB, we know they're your friends, why don't you join ? Oh, and we know where you live and what school your kids go to. Just saying.")
Re: (Score:3)
So this got me thinking...
Start a FB Profile, which is to assume you are taking ownership of your profile (and subsequently personal info). The delete your FB, and request they remove your profile and information from their servers.
99% sure this won't work, but 1% of me had the idea.
Re: (Score:2)
Out of curiosity, how did you ignore friend requests before you joined Facebook? How did you get the friend requests?
Re: (Score:2, Offtopic)
How do we destroy Facebook, in its entirety?
This should be the dedicated calling of our younger generation. Complete data-loss.
Re: (Score:2)
you create a service that does the exact same thing to facebook that they are doing to you.
ROFL!
Let's see how long it would take them to sue you for using their data. That would be an interesting case.
Re: (Score:3)
Facebook wouldn't allow such an application. To export the data, you'd need a Facebook application. To make a Facebook application, you have to agree to their Terms of Service [facebook.com] (Facebook likes to call it a "Statement of Rights and Responsibilities").
3. Safety ...
We do our best to keep Facebook safe, but we cannot guarantee it. We need your help to do that, which includes the following commitments:
3.2. You will not collect users' content or information, or otherwise access Facebook, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our permission.
Believe me, it's been tried. Facebook is quick to respond and threaten a lawsuit if you continue.
Re: (Score:3)
Facts aren't copyrightable. You don't need a license to store them.
Besides, even if they accessed copyrighted content (let's say, a text you sent someone using email and they copied to their FB wall) the liable person would probably be the people who posted it, not Facebook.
Re: (Score:2)
Re: (Score:3)
So if i sign up i need to agree to their TOS.... and that enables them to sell my information... If i dont sign up and agree to their TOS they distribute my information in whatever way they seem fit....
Seems fair...