I feel like instead of pushing for the companies to separate, congress should pass laws mandating [adversarial interoperability](https://www.eff.org/deeplinks/2019/10/adversarial-interopera...). Then the data (including the social graph) really would belong to the users, and facebook would have to compete with multiple other “social network clients” that would rapidly emerge. Facebook would lose some monopoly profits, but in the long-run they might even make more money - they have a lot of very smart practical engineers (at least based on seeing their approach to writing libraries e.g. react vs angular, pytorch vs tensorflow etc.) So if forced to compete, I think they would do just fine, particularly because I believe that the ecosystem would develop faster in the presence of real, and actually grow the market beyond what it would otherwise be.
There's no way to provide access to the social graph in a privacy preserving way. It's not okay to allow a third party to access the data your friends have shared with you without your friends consenting.
Unencumbered API access to the social graph is exactly what led to the Cambridge Analytica scandal, and promising to restrict API access was part of Facebook's settlement with the FTC.
Perhaps a "social graph" shouldn't belong to any company. The concept itself might be anti-privacy.
Perhaps it's time to move back to simpler things like OPML. (Which people seem more comfortable sharing freely - not sure if that's still a "social graph" tho.)
Perhaps specific relationship details shouldn't be housed in the social network - just the permission to follow.
Perhaps companies who house a "social graph" should be regulated - similar to what is done with medical data. It should be a toxic substance.
I just think we're a long way from doing this right and there are a lot of untried options - and I lack imagination as well.
Social graphs are really useful for detecting idea contagion though. Facebook obviously has the tools to fight propaganda, they have one of the most granular datasets of people data ever assembled in human history. They are just addicted to the ad dollars. It is a shame they killed their delightful API.
It drives engagement which likely leads to overall more add views and clicks? "Doom scrolling" and such is something that keeps people on the site for longer which is probably one of their most important metrics
The actually have metrics for things such as dividedness and unrest. I wouldn’t be surprised they could do an analysis on propaganda.
Also, not asking right wing “news” orgs to be fact checkers or having GOP operatives override content policy team decisions regarding misleading stories that were reported by users would be another great way to reduce “propaganda”.
It’s not a technically unsolvable problem, it’s just one Facebook doesn’t want to solve. Don’t give them a free pass.
They are a multi billion dollar company, they have the all the ressources they need if they cared.
It is. It's possible to have two completely valid, objective, and opposed positions in an argument where multiple different groups have a vested interest in one position being more popular than the other.
Which one is propaganda?
The one you disagree with?
The one that doesn't fit with your preconceived notions?
The one that doesn't fit with your personality profile?
Both positions? Neither position?
Do we just shut down all thinking on the internet?
Who watches the watchers?
Small nitpick, whether or not something is propaganda has nothing to do with whether or not it's correct. These are completely orthogonal. "Loose lips sink ships" is basically true, and is also a textbook example of propaganda. Propaganda is media that intents to influence an audience to further an agenda.
By definition that is almost every communication that a human makes, whether through art, technical books, education, news, opinion pieces etc. They are all attempts to influence an audience and there’s always some kind of agenda behind it.
> Propaganda is communication that is primarily used to influence an audience and further an agenda, which may not be objective and may be selectively presenting facts in order to encourage a particular synthesis or perception, or using loaded language in order to produce an emotional rather than a rational response to the information that is being presented.[1] Propaganda is often associated with material which is prepared by governments, but activist groups, companies, religious organizations, the media, and individuals also produce propaganda.
> In the 20th century, the term propaganda was often associated with a manipulative approach, but historically, propaganda has been a neutral descriptive term.[1][2]
This is about as rigorous as the questions by those wondering how Facebook could possibly be a monopoly when other websites exist (exaggerating only slightly). Do you know what "discourse" is? It's "how people talk about something," which is what propaganda is designed and intended to manipulate. "Pie tastes good" is not that.
Objective is a precondition that don't exist when most people call something propaganda. In fact, many definitions of the word call this out, specifically.
Letting people be mislead about vaccines harms people, letting people get brainwashed into mistrusting the legitimacy of their institutions harms people, letting people use their platform to incite genocide harms people.
They actually have metric to measure those things, it’s just that they prefer to dial down the heat, not kill it. It’s just too good for engagement.
Don’t “both sides” death and misery. It’s not a philosophy debate.
> They actually have metric to measure those things, it’s just that they prefer to dial down the heat, not kill it. It’s just too good for engagement.
To be fair they are clearly fighting a delicate balance of censorship and community moderation. It's different from say a forum of yesteryear, because a forum can have a clear set of community values that should work for everyone.
Facebook and all social media is a single platform for many communities, and so given the new role of moderator they are in the impossible position of making a set of community values that apply to all communities.
I think the reason a lot of material isn't outright banned where you or I would see obvious misinformation or hate is because of this.
But This IS a philosophy debate. Fundamentally what is at stake here is how western society decides free speech is to be handled, and if it can be handled at all with social media.
I urge anyone here to define metrics for harm reduction that are operationable.
If you get any far with that, then tell me how you feel if the tools that will achieve these operational metrics were inverted in their purpose.
Also in the case of Covid vaccines, the heavy handed censorship being imposed seems to make people I know more nervous about the vaccine, as it is perceived to be "pushed" by those in power.
> There's no way to provide access to the social graph in a privacy preserving way.
If we're not okay with other companies having access then why is it okay for a single company to have that access? Do you know and trust every facebook employee including those that don't work there yet with your data? Do you trust that that data will be securely handled when the company is sold after declaring bankruptcy?
I think your objection is an accidental straw-man. I don't think it was intentionally made, it is a valid thought to ponder but it should exist independent of the question of sharing data.
I think the accidental straw-man is actually your reply. People give Facebook their access willingly and they know what information they input into Facebook.
Should Facebook have all the info your bank has for instance? Or auto mechanic, your realtor? This is a slippery slope of logic of shared data for all leads to.
> People give Facebook their access willingly and they know what information they input into Facebook.
I don't think this is true.
Facebook tracks your activity all over the web on thousands of third-party sites and builds a unique profile to identify you, without regard for you having an account. You can't opt out of this if you don't have a Facebook account.
Some of these "social graph" features will do things like link two people as friend suggestions if they both have your phone number in their contacts book, even if you haven't consented to Facebook building up some information about you.
This doesn't sound like willing access & knowledge of what information you provide to Facebook.
If you haven't consented to share your contacts with Facebook, but two people have consented who have you as a phone contact, then you're a link. This can be "interesting" when one of the parties has a duty to maintain privacy, like a psychiastrist. See this article: https://splinternews.com/facebook-recommended-that-this-psyc...
This explains a lot of the weirder suggestions I got in college. People I had done a group project with, but never communicated with outside of in-person, would show up as suggestions all the time. I'm sure in each of those cases there was one person in the group who everyone was in phone contact with.
Indeed. Also people do not sufficiently realize how much more can be deducted about the nature of a social relationship other than a mere "Person A knows Person B", if you combine it with the PII you have of both users (and even more if you consider the network in its entirety).
I guess that’s what separates me and you I have more faith in humanity. I think all this false outrage about data being sold on systems that are free to use will die down and people overtime understand that the Internet doesn’t run on pixie dust and fairy magic.
PS by fighting this point you’re merely pointing out that giving more businesses this data isn’t a good idea
"I think all this false outrage about data being sold on systems that are free to use will die down and people overtime understand that the Internet doesn’t run on pixie dust and fairy magic"
It doesn't have to run on companies spying on their users either.
Companies spying on people has existed since the beginning of business. You call it spying we call it market research.
Sam Walton of Walmart would record everything about his competitors legally and illegally as well as clients yet you never see that in the news, why? Because it’s not sexy, it’s not about the internet.
This is why Equifax which was a much more horrible data breach isn’t thought about, yet everyone gets their panties in a bunch about Facebook
I willingly gave Facebook information about me, although at the time I had no idea what they were going to do with it. However, I did not willingly give FB my phone number (they asked my friends to give that to them via the contact list in their phone). I did not willing give FB personalized training data for recognizing my face; FB weaponized my friends into doing that.
I'm sure Facebook buys all the data on you that it can, which in America is an amazing amount of information. Your auto mechanic is likely already selling what is being done to your car to CarFax, etc.
This is an excellent idea! Someone should create a company that buys all the data that is available about people, structures and correlates it and then sells it back to the people
The ironic beauty in that would be awesome. Also, I'd kind of like to get it about myself for similar reasons :)
Not everyone has willingly given their social graph to Facebook.
Facebook builds shadow profiles on non-users and then fills them out with, amongst other things, data it gets from their actual users that they didn't no they were sharing.
This is particularly sneaky when Facebook has used dark patterns to trick app users into granting them permissions they don't strictly need for service.
Putting your data publicly online can be not only used by Facebook but all your friends too, hell sometimes profile images end up on google, so just because they had no real idea it shouldn’t be facebooks fault if your friends decide to print screen your photo and redistribute it. That data you put out publicly is public once it’s in public domain the public will use it
Of course you do (GP is wrong) at least for media which you create that clears the threshold for copyright.
The difference is that Disney grants license to its content after (potentially drawn out) negotiations and payments, while the typical Facebook users "Agrees and accepts to grant Facebook a worldwide license"
BTW it doesn't confer a license (mostly) to anybody else but normal users do not sue.
I don’t know about you but whenever I take a picture and share it with friends I trust that the company who’s picture I just gave two he’s going to make the best use of it on their platform.
They have to monetize and I approve.
Hell I’m willing to bet if Facebook puts into their agreement that every photo you upload to their platform is partially owned by them then people will still upload photos.
It’s not the data that we find valuable, it’s the connections they make or will make, and to this company. Next time you take a photo and find it’s shared with not just Facebook but a whole slew of other companies you tell me if that’s the right thing to do.
The person above said “do you trust all Facebook employees” well you can make that blanket argument for every company in existence and giving more companies our data isn’t a good solution
I mean this has and is already happening. Example a foster kid was suggested to be friends with his father, in some cases it’s great, two long lost siblings or parents/children’s reunited. In other cases people complain.
The consent thing can both be good and bad, just like the invention of the internet and electricity before that. I’m trying to make that point that giving away your data is gonna be a commodity once everyone realizes they’re not a special snowflake
Well, the issue is that they do have that sort of data. Massive firms exist to commingle all variety of data with FB’s social graph.
Check out LiveRamp for example; they literally scan in physical documents like car mechanic paperwork (seriously) and dropship them into S3 buckets to huge data brokers every day.
Take that and merge it with facebook’s social graph, how many ms you look at a photo on Instagram and how long you take to reply to someone on WeChat, and you have an awful lot to work with.
Privacy is in the process of becoming antiquated. It is sad, but I think it is inevitable. Surveillance technology advances with technology in general, and counter-surveillance becomes more and more cumbersome. Eventually, we will reach a point where anyone can afford tiny stealth drones to watch what is happening in their neighbors' houses. The counter-measures necessary - hermetically sealed living space, faraday cage enclosure - are so burdensome that only people who currently live in bunkers will implement them for their living spaces.
If we accept that premise, let's think about what we are losing. In my understanding, there are two main reasons why privacy is so important:
1) Allowing individuals to avoid becoming targets of persecution for having some attribute. Targeting by oppressive governments for holding idea X, targeting by an evil megacorp for threatening to disrupt industry Y, etc.
2) Allowing individuals to avoid social stigmatization and shame for having some attribute. Getting caught eating one's boogers, viewing porn of people dressed up as pieces of furniture, etc.
For point 1, I think the real issue is imbalance of information. Schemes to abuse access to someones previously private information mostly wouldn't stand up to public scrutiny themselves. Unless, of course, you have some ultra-powerful organization like a well run totalitarian regime, in which case individuals by definition have no privacy rights anyways.
For point 2, I think shrinking privacy will seriously reduce the social response to this kind of information. "So what if I watch porn of people dressed up as furniture; you masturbate while dipping your toes in peanut butter! That's way weirder!" Sure, there are plenty of painfully normal people out there, but I think most shameful weirdness would become commonplace when the full extent of weirdness is out in the open.
All that being said, I do think anonymity is important, and can probably be preserved, as it is distinct from privately acting in physical space, or online while tied to some form of identity. Also, I don't want to argue against efforts to preserve and advance privacy for individuals for as long as possible. I just think that per point 1, we might want to devote effort to reducing the privacy of organizations to try to maintain parity of information access as our individual privacy slips away.
I think your point is interesting if not conclusive, and I think your down-voters missed your final paragraph, but I think you're missing something here:
> The counter-measures necessary - hermetically sealed living space, faraday cage enclosure - are so burdensome that only people who currently live in bunkers will implement them for their living spaces.
There are a lot of situations we forbid activity that is difficult to prevent (and sometimes difficult to detect).
Whether trying to use the law to deter here is worthwhile, meaningless, or harmful isn't necessarily clear - but it deserves consideration in addition to outright prevention.
I definitely agree that there's a risk of that, but I think it deserves to be included in the analysis.
It's different from drugs in that one of the participants is unwilling, though I don't know whether that's a big enough difference - particularly given that that participant is also unwitting.
> then why is it okay for a single company to have that access?
I'd say it's not ok, but people keep on giving Facebook all that information (and it's very tempting to do so). There are technical solutions which anonymize/privatize social network information, and then no entity has such access.
If you can see the data, you can share the data. Preventing sharing is exactly as possible as DRM, i.e. only doable by outlawing general-purpose computing.
So while I value privacy, I'm not sympathetic to using privacy as an argument to restrict your own access to your Facebook data, for you to decide yourself on how that's shared. If you misuse your view of your friends' data, that's on you and up to your friends to punish/discourage you for.
Your sharing your FB friends data with third parties, could be seen by the friends as impolite or even hostile. It's a matter of trust between friends, not technical ability.
Meanwhile in the parallel universe, in Russia, VKontakte provides full API access to anyone who clicks the button to create an API app. You only need manual review if you want access to messaging from user tokens, and that's a relatively recent change. Somehow, this hasn't turned into a privacy nightmare in more than 10 years the API was available.
I'm not defending VK — it does some increasingly user-hostile stuff too after having been acquired by Mail.Ru Group — but you can still integrate it into whatever the hell you want with ease.
Most of the data you can access through the API is public anyway. You could as well scrape it off the website, API just provides it in a more convenient format. For example, you're able to get profiles and friend lists and posts of arbitrary people, as long as they're publicly visible, without real authentication (but you do need a "service token" you get on the app settings page).
The worst thing to ever happen with that open data was that some debt collection agencies used it to threaten people and their friends, and I believe that's why those service tokens were introduced. And that story was rather widely publicized: https://www.the-village.ru/business/finance/217569-banki-pis... for example.
FindFace? It shut down its user-facing service several years ago and focused on selling its technology. There are rumors it has some government contracts.
Now there's FindClone instead. And I would consider finding somebody's identity by matching a photo of them with a database of VK profile pictures a privacy nightmare. I don't know If they got the pictures via an API or scraping, but it shows what can be done with easy access to this kind of data. People used FindFace to deanonymize porn actresses and out them to family for instance.
But you could get your own data and the list of people authorized to see it, and pass that to a third party. If you and one of your friends both move to another network, you get to see each other's data. Any problem with this?
Can you stop your real-world friends from divulging your friendship to 3rd parties? Would you even presume to have any standing to do so?
I think a case could be made that knowledge that <A friend B> belongs to A and B equally and that neither has standing to preclude the other from sharing that fact. Of course they could both mutually agree to such an arrangement ahead of time, but outside of such an agreement, I have a hard time seeing the case for "B prevents A from telling C that A and B are friends".
Another aspect of this though, is "how much can A tell C about B without permission from B?" We know that IRL, people do get angry when friends reveal overly personal details about their lives to others, so this is definitely something to consider.
Not every interaction is or should be freely licensed to both parties.
Agreed. And I am not arguing that it is, or should be. But the mere fact that two people are friends seems to me, at first blush, to be something that normally either person would be free to share.
So there aren't things known between my friends and I that we wouldn't want divulged to a third-party?
I'm not sure how you got that from what I said above. Obviously there are such things. But I do think it's an open question to what extent we can compel our friends to keep things private. Of course if someone is really a "friend" you would expect them to keep confidences if requested... that's part of the definition of "friend" in my mind.
Then we have to dispense away with the whole privacy nonsense that runs rampant on HN concerning things such as ad tracking, location tracking and other data metrics. Because in that case, instead of the friend giving away our data, it's a 3rd party with whom we have a voluntary relationship with who is giving away THEIR data that we generate.
Surely that could be solved by crypto? I.e. you don't actually get a list of names, but list of asymmetric keys, and when your friend joins their key can match the one in my list?
I think it becomes a "defaults" problem. Lots of people do not understand or care about "the social graph" so when prompted for consent to allow someone else to export them in a social graph, they simply click whatever gets them into Facebook the fastest. That also has the negative effect of giving companies an out when confronted with privacy concerns. It's like shrink wrap licenses. You can always say someone agreed, even if they didn't understand it in any meaningful way.
> There's no way to provide access to the social graph in a privacy preserving way. It's not okay to allow a third party to access the data your friends have shared with you without your friends consenting.
If the API is open and there's forced interoperability, the client device can call the service's API directly with the user's own credentials. No need for a third-party middleman, so no need to give a third-party access to the data.
It can work the same way IM applications like Pidgin work: one app, multiple accounts.
When i add phone numbers to my phones contact list i don’t expect Apple to own it. And if i want another app to use my contacts on my phone I’m ok with that. I think opening up the social graph via API would be essential to real competition and a wealth of other apps and companies can be created. Granular access can be given so that isn’t exploited. They have the funds needed to build it out from their billions of profits.
> It's not okay to allow a third party to access the data your friends have shared with you without your friends consenting.
Why? If they shared it with me, that should mean they trust me to decide to whom I delegate the access no? I could as well just screenshot it and post it to twitter, what does make the social graph so special?
I was thinking the same thing. How many of us blindly save contact data to our phones or other PIM software, then back it up online to a Google, Apple, or Samsung service? Do they need my contacts' consent? If I were to ask my friends, "Is it okay if I back up your contact informarion to Samsung's online service?" they would think I was weird for asking.
This is pretty rich consider that people don't even hesitate to put your literal face on Facebook whenever they please.
The point is to move toward standards around social data and then force the big tech companies to allow each user to export their own data, quickly, in these interoperable formats.
I heard the same argument about providing personal health data, then CMS eventually started pushing Project Blue Button [0] allowing users to get api access to their own data. And that’s helped quite a bit.
There is risk, but saying that users can’t be trusted with an API to their own social graph seems to be throwing the baby out with the bath water.
The counter-argument to this is having the government provide the graph and an API to allow networks like Facebook connect to it. This should rightly terrify just about everybody.
I like the concept Diaspora had back in the day, it just wasn't workable really as your mum/aunt/non-tech friend wouldn't be able to understand how something like that works and would ultimately lose/delete/corrupt their tokens.
wow, that's the "non proliferation" argument. it's the first time I see it applied since the cold war. I guess I should have expected it. it's the nuclear warhead equivalent argument when you're justifying a monoply
Multisig encryption? Revoke key access to anyone you don't want to share your info with. Not sure if this is actually practical. Just a hunch on a potential solution.
The comment says "there's no way." I can think of at least one which involves a user manually downloading the data and then manually uploading it to another service.
The problem is that if I export my social graph and share it with another company, it includes information about who my friends are -- at the very least, it shows that they are my friends. That violates their privacy. Maybe they did not want their relationship with me to be known outside the social network where they established it.
Im trying to understand, are you violating a friend's privacy now if you tell a random third party that you are friends with them?
Example, you are chatting at a party with someone and they ask you if you know Bob since he works at your company. You say yes and you say you are good friends with him. You violated Bob's privacy here?
There is a difference between someone mentioning, with intention (that they happen to know X and implying they could offer to make that introduction), and an automated system just bulk sharing a whole address book.
If the question were framed more like:
"Do you consent to sharing your entire address book, so that we can better market to you and your friends and offer targeted ads based on that data to our real customers?"
If your friend isn't a user of the company to which the data is exported, then maybe that friend's data could be served from FB's servers, or your own, and only decypted client side. This of course cuts them off from being able to monetize swaths of user data which isn't unilaterally owned by one user, but it would be privacy respecting to your friend wouldn't it? Open protocols with medical-data like regulation right?
What's to prevent the other company from simply saving the user data which is decrypted by their client? You think Cambridge-Analytica didn't store offline backups of all the data they gathered from the Facebook graph APIs?
When I wrote that, I was thinking of a dns-over-https like system and browsers being the client. You're right. A company could pipe the data back to their servers even if it was only decrypted on the user's device and it was illegal.
> To further strengthen the control over his or her own data, where the processing of personal data is carried out by automated means, the data subject should also be allowed to receive personal data concerning him or her which he or she has provided to a controller in a structured, commonly used, machine-readable and interoperable format, and to transmit it to another controller.
I agree and find the attempt at a breakup a bit frustrating. This is an action that could have profoundly disruptive effect and it's not really clear what the positives or negatives would be. For instance, FB has invested massively in trust and safety people operations and AI. What happens to that investment when IG is spun off?
Laying out laws and regulations so the market works as intended (no doubt with adjustments on the way) seems like the far preferable way to ensure healthy competition than taking a hammer to the job site and hoping for the best.
> This is an action that could have profoundly disruptive effect
If FB is doing anti-competitive things than disruption is needed. It's not meant to be comfortable.
Companies are really good at learning the playing field and then gaming it for their benefits. Tweaks to laws are often easy to work around. Disruption that stops an illegal monopoly is going to be uncomfortable. Especially at first.
But, it opens the door for the future in ways that aren't options today.
Andrew Carnegie provided far more real, unquestionable value to people too. It ended up being worth it. The same can be said for Leland Stanford or most other monopolies. They didn't become monopolies by not providing value.
> Andrew Carnegie provided far more real, unquestionable value to people too. It ended up being worth it. The same can be said for Leland Stanford or most other monopolies. They didn't become monopolies by not providing value.
Absolutely. The same could also be said of the closest parallel of Facebook in history, the Bell System.
Because move fast and brake things? Disruption good?
No, seriously, modern tech companies are an anti-trust challenge that was not truely forseen in existing anti-trust laws. That governments are now trying to find answers is a good thing.
> Laying out laws and regulations so the market works as intended (no doubt with adjustments on the way) seems like the far preferable way to ensure healthy competition...
And yet, Facebook is untrustworthy, unsafe, and had developed AI that amplifies controversy...
The Facebook purchases of WhatsApp and Instagram were not innovative and should have triggered antitrust at the time. There is no healthy competition when you buy Any worthy competitors.
It's not, because it makes them a bucket of money. Only in hindsight with an FTC in the final days of a mercurial administration do we get stuff like this.
Your answer sidesteps regulatory capture. These big companies wield massive power in Washington, don't you think any regulation and law that's actually passed will benefit them and prevent competition?
Tough. There is more at stake than FB recovering its investment into IG.
Besides... they will get to sell it, probably at a profit. They got to own it for 8 years, enjoyed the benefits of lowered competition. They will be fine. I agree that this should have been prevented in the first place, but we are where we are.
Controversially, I don't think ordinary rule of law can apply to FAANG-scale monopolies. There's no way to generalize rules, laws or industrial policies when the industry is "social media." Social media is (economically) mostly FB. Any rule, law or policy is basically regulating FB specifically.
Anyway, the danger of a hammer coming out is low. Even if prosecutors succeed, a cost-of-business fine is the most likely result. Even if they do spin out whatsapp & IG... that leaves facebook mostly intact.
I'd also note that the worst case scenario for overzealous trustbusting is basically nothing. At worst you kill FB. This isn't steel production or auto manufacturing. FB could be swallowed by a demon tomorrow and by next thursday any shortage in social media will be filled. We're not exactly short on the stuff.
FB bring in $80bn pa, but that's totally arbitrary to the cost of doing social networking. It could be done for $40bn or $8bn and I doubt the consumer would notice a difference. Again, this isn't auto manufacturing. A car company can't make as many cars with half the revenue. If one dies, we actually have less manufacturing capacity and we'll make fewer cars for a while. None of this applies to social media.
Separating IG from FB does not put anyone out of work. Nothing gets shut down. FB are extremely profitable, and that almost certainly continues
In the last paragraph, I was trying illustrate a point. With monopolies of the past, the primary concern was that the services continue to operate somehow. EG, when Bell was broken up, the danger was that phone/telegram services would be harmed. Before that, the danger was that steel production would be disrupted and downstream industries harmed.
Facebook is a monopoly in a marketplace of extreme abundance. We have lots of social media, messaging, photo sharing, etc. There is zero danger of shortages or meaningful "consumer harm," regardless of what happens to FB.
Even if antitrust does harm FB, the only stakeholders at risk are FB employees and investors. There is no systemic risk, downstream risk, consumer risk. All the risk is contained within FB.
This doesn't mean FB should be killed. It does mean that the scale tips strongly towards antitrust. On one side, we have a lot of risk. On the other, very little.
People call for putting way more than 50,000+ people out of work all of the time (eliminating the oil and gas industry as an example). If the belief is those people are engaged in harmful activity, why wouldn't you want them to stop ASAP?
> it's not really clear what the positives or negatives would be
Isn't this also true for Facebook itself as related to how dependent they are on revenue and at what cost that comes to the users who help generate it (by being presented as "eyeballs" to the advertisers)?
We used to let kids play with dry cleaning bags, until we discovered they were idiots and can suffocate on them.
The realization today is that parents were the actual idiots, not the kids.
>For instance, FB has invested massively in trust and safety people operations and AI. What happens to that investment when IG is spun off?
If what's being said is that those investments are important and necessary, then we should be looking for reasons to sustain them that aren't just about validating the continued existence of a monopoly.
>I agree and find the attempt at a breakup a bit frustrating. This is an action that could have profoundly disruptive effect and it's not really clear what the positives or negatives would be.
This organization itself is disruptive. As interesting as it is to discuss the potential costs and benefits, there's been a very real cost to society for these issues. It makes no sense to wait for further damage reports if that's at the cost of further damage. It's simple cost vs benefits really. Also I thought disruption was a good thing..?
Downvoted so I'll just add one more thing; this isn't a conversation that is new. I'm coming to this with that context. Do I want them to fail? No. The desired outcome is that they will self regulate. But if not, there should be competition. Monopolies naturally have negative side effects, that's why we try to avoid them.
In an ideal world, I'd like both. Mandated interoperability would help a great deal—but I also don't believe Facebook should ever have been allowed to buy Whatsapp, and it's worth undoing that.
No password access, login through SMS which can be intercepted, no 2FA, no access from another device while you phone is dead, compresses video to 2 pixels, no real crypto auth to speak of.
It does not seem to have any features that are better than Signal, telegram, messenger, or a dozen other apps. Why is it worth any awards or special consideration, besides being popular?
You're not wrong about any of this, but that final phrase weighs far more for most people than anything else. It is a communications app after all, and is only useful if there are people to communicate with.
Just to be even more explicit-this isn’t “popularity” in the sense of a fashion trend. A communication app’s usefulness depends on the number of people with whom you can communicate.
The argument is that purchasing WhatsApp was anticompetitive and allowed Faceboook to cement their dominant market position. WhatsApp the app might be fine, but the competitive landscape is much weaker than it would have been if the FTC had blocked the acquisition.
I posted this elsewhere but I think Ben Thompson gives a very deep analysis of the issues in the competitive landscape here:
The summary would be something like "any acquisition of a social network by another social network is necessarily anticompetitive and should be banned, or at least have the presumption of being illegal".
The only way that there can be a true competitor to Facebook is for a smaller social network like Instagram, or WhatsApp, or TikTok, to not get acquired and to grow until their userbase is bigger.
Zuckerberg understands this well; you can read his emails where he openly admits that buying Instagram is about preempting a competitor:
"There are network effects around social products and a finite number of different social mechanics to invent. Once someone wins at a specific mechanic, it’s difficult for others to supplant them without doing something different.”
“One way of looking at this is that what we’re really buying is time. Even if some new competitors springs up, buying Instagram, Path, Foursquare, etc now will give us a year or more to integrate their dynamics before anyone can get close to their scale again. Within that time, if we incorporate the social mechanics they were using, those new products won’t get much traction since we’ll already have their mechanics deployed at scale.”
I think you can apply the same argument to WhatsApp; by purchasing a rival social network, they prevent it from being a competitive threat.
WhatsApp is one of the most uncomfortable and confusing messaging apps, UX-wise, I've ever used. It's as if they wanted to replace SMS, but were passionate enough about it that they copied all the shortcomings and annoyances, too.
End-to-end encryption in a proprietary app is a joke. "Please trust us we encrypt your messages".
Known backdoors? Can you back that up with a source?
Custom implementation is likely because they want to strike a balance between security and usability.
In short, their implementation allows to change the encryption keys of users without their consent to arbitrary, known keys. The protocol won't re-encrypt sent messages, but there is nothing in the protocol forcing the app to show a notification that your encryption key has changed, which amounts to a man-in-the-middle attack. Any subsequent messages sent or received using that encryption key will be exposed to the attacker.
Encryption keys are managed on servers controlled by WhatsApp.
The headline is false (“WhatsApp Backdoor allows Hackers to Intercept and Read Your Encrypted Messages”), in the sense that hackers can’t actually read and intercept WhatsApp messages. Normally the reporting of a security vulnerability includes a POC of an exploit. There isn’t one here, because hackers haven’t been able to exploit it. If an activist saw this story, got scared of WhatsApp, and decided to use SMS or Telegram instead (especially if they didn’t use the opt-in secret chats feature, which most people don’t), their security got weaker.
That doesn’t really refute the claim that this can be used as a backdoor, however. Since the backdoor is only usable by Whatsapp (or whoever controls them and their servers), a random researcher can’t really release a POC.
Disclaimer: I personally know nothing about beyond the posts in this thread.
I honestly think that this story (from the title) is just a clickbait. Ofcourse you need a central server to share the keys and you need to trust that central server. How do you make sure WhatsApp hasn't changed the keys in middle - there is a scan QR functionality. I honestly don't know how these articles still remain active on websites even after proven wrong and obviously clickbaity
The problem is facebook is wiping out the alternatives. In Australia there is a decent buy/sell site called Gumtree but its ultimately doomed as facebook marketplace uses its massive pre exsting userbase to wipe it out.
Facebook either buys or crushes all competition which doesn't have billions of dollars to push back.
Of course I won't cease functioning without being able to buy and sell furniture but my life will be worse off than before.
Since the function of the government should be ensuring the best outcome for the majority of the population and what facebook does makes things worse for the majority, it makes sense to take action here.
Blocking domains works right now but what if Facebook register a new domain? Or a thousand new domains? Or they proxy traffic through a site owner's domain? What's needed is a way to block Facebook's privacy invasion regardless of the tech they use. That is unlikely to be a problem solved by tech. It needs enough people, including governments, to tell Facebook they're unhappy with Facebook's activity.
As far as the cross-site tracking goes, they'd actually need to get all the other websites to update the facebook JS code they include, and it would only work until the tracking blockers updated their lists again.
I agree that tech is the wrong place to be solving this problem, but it can work in a rather cludgy way.
Just in case you weren't aware, uMatrix has been deprecated and will receive no further development, including fixes. It still runs fine now, but it may not in the future.
There seem to be several forks, although it doesn't look like there's much consolidation on merging PRs into any specific repo. Hopefully they don't just splinter off and end up fragmented and neglected. :-\
uBlock Origin in advanced mode is gorhill's suggested replacement. If you have never used uMatrix before most likely uBlock Origin is what you should be using, and can easily accomplish the "globally block facebook domains" either via blocklists or manually via the advanced mode.
This argument is so tiresome. It isn’t a radicle idea that people should be able to engage in basic actives like transportation, commerce, communication, etc. without having to give up their rights to safety, privacy, and other basic standards. “If you don’t want to risk getting poisoned, just don’t shop at that multination store”. How about any store should be regulated to provide a minimum level of safety in the things they sell. How about any communication platform be regulated to provide a minimum level of privacy and data protection for private user information.
The link mentions adversarial interoperability for ad blockers, which made me really remember how bad the ad landscape used to be. Crazy amounts of popups, ads that crashed your browser, the explorer shell, or the whole computer, seemingly recursive popups that you had to force-quit the browser to get out of... Sure, I still use an ad blocker, but it seems like have been forced to realize that if they want any of the advertising pie, they need to meet a minimal standard of playing nice with the user.
With both Google and Facebook, mandatory licensing of their advertising inventory (within reason) would help competitors grow. Advertisers want to buy on Facebook/Google because they are the only two ad platforms with quality and scale. Companies like Pinterest/Twitter/Snapchat don't have the enough scale to be interesting to most advertisers. Programatic marketplaces (Adwords, etc.) have the scale, but not the quality (too many spammy publishers and lack of identity resolution across the marketplace). If the big two digital ad platforms were required to license their premium inventory, other companies could invest in their products and gain substantial incremental revenues as consumers started using them. With current business practice, you need to reach massive scale before you can even think about monetizing at reasonable rate ($30+ CPM).
I agree, and as a counter argument to most of the below threads, its worth noting that the Social Graph is likely to be consider a public good at some point in the future.
These are not the creations of Facebook or Google, any more than Anemometer (1) manufacturers should own the shipping forecast.
(1) The spinney half-ball things that measure wind speed.
I don't believe it works in practice. I remember CableCARDs and Tivo, what a disaster that was. Comcast came to my house 3 times and never got the CableCARD to work right, so I gave up and just took their DVR. I imagine an interoperable API would have all sorts of problems, bugs, timeouts, etc. and the company would just claim they are doing what the law requires.
You know, the principle is hard to justify in some ways, but thinking back, some of the fastest and best innovation I've seen came about when the people making interoperable software were ahead of the companies trying to shut it down.
the social graph isn't all that valuable to outsiders. anyone determined enough can scrape it without permission anyway. no one else can do much with it except maybe intelligence agencies which were already voluntarily given root access a long time ago.
the main economic value of it is to serve ads on Facebook dot com. that's it. that's how they make 100% of their earnings.
Separating companies, while certainly a more blunt instrument, is far more broadly applicable when it comes to anti-trust enforcement than it is to come up with a specific policy proposal on a per-company basis. The latter would require an act of Congress each time a company went too far, and Congress moves too slowly, is too divided, and doesn't have the bandwidth to individually address every anti-trust situation with a new law.
