I'm not a criminal, I am a a pretty mundane guy actually, but of course we live in a society that every single one of us breaks some small law every day.
Which is why I stopped using Facebook.
I also stopped using Twitter to tweet. I still use it to follow news sources, I just don't actively tweet. I did that after the NYPD won a court case to see all the private messages you send on Twitter.
I also don't comment much at all on blogs, and social sites like this one or Reddit anymore. (I use to be a top 10 contributor over at Reddit. At least that is what some metric said a few years ago when someone listed the top ten most popular usernames. That account is deleted now)
I am slowly pulling out. I have a deep distrust of the current surveillance state in the United States. I remember reading a story about a guy who posted a quote from fight club on his Facebook status and a few hours later in the middle of the night the NYPD was busting in his door and he spent 3 years in legal limbo over it. (Might have been NJ police anyways, red flags)
You start piecing together these things, and you start to realize that your thoughts and ruminations about life, the universe, and the mundane, can be used against you at any moment and can completely strip you of your liberty and freedom, and any happiness you may have had.
I am gonna be completely honest, I am scared to express myself any longer on the Internet in any fashion. I don't trust it any longer. I don't trust the police, I don't trust the FBI, I don't trust the federal government, and I also don't trust, nor have faith, in the justice system in the United States.
I have never had a facebook account. Never have - never will.
I distrust everything they do. And while we like to think that other sites are not as bad, I was recently censored on Quora for asking about why a post was censored on Reddit.
They threw some "against policy" bullshit at me, and Marc Bodnick attempted to appear sympathetic and that his hands were tied and he didnt like the policy either - but it was a BS response.
They removed my question asking why the top LIBOR story on reddit was removed - I asked if Yishan Wong was directly responsible for such censorship etc...
After berating Marc for the BS excuse they stopped replying to me.
EVERY single thing you type online is viewed by the NSAs terrorbots.
Anyone that thinks anything is private online is fooling themselves.
Let's take it a step further: every item that you purchase with a credit card is recorded. It wouldn't surprise me if some retail stores use CCTV systems capable of facial recognition to identify cash purchases, too...
It's time to create an underground data haven in Kinakuta--the Crypt.
> EVERY single thing you type online is viewed by the NSAs terrorbots.
Evidence? Did you program these NSA bots or something?
> Anyone that thinks anything is private online is fooling themselves.
No, they just don't know any better. http://en.wikipedia.org/wiki/Pretty_Good_Privacy If you want your messages to be heard by limited parties, make it so. "My friends are too stupid to know how to use any form of encryption" is not an excuse, and might cause you to pause and consider whether you want to share anything important with such friends in the first place.
Get a personal cert and you can use it natively in Apple Mail, not just for signing but also for encryption. We should be helping friends, family, and colleagues do this.
Encryption is great, as long as the people you don't want to hear it can't decrypt it. Given the NSA's recent moves to build up computing power, and the way Moore's law works, your encrypted communications today are fodder for review tomorrow.
Oh, certainly the NSA is monitoring a lot and trying to monitor more, but my pedantic side had to call out the "EVERY single thing". :) Thanks for the link though, I had forgotten the details of that case and only vaguely remember hearing about the Obama administration's move to dismiss it. (Which is funny, because presently a common criticism is that Obama keeps blaming his predecessor for everything wrong. He doesn't seem very keen on prosecution...)
It's easy to future-proof your encryption, even in the face of exponential increases in computing power. The biggest danger to encryption systems that rely on integer factoring (i.e. RSA) right now is feasible quantum computing, but there are schemes that don't rely on factoring so there's hope on that front. For the trivial stuff I bother encrypting, I'm more worried about, in increasing order, being given the choice of decrypting something or getting shot or sent to prison for life (fortunately we have some precedent in the US and elsewhere against this), being tortured for a while without knowing why before being asked to decrypt something, and being tortured without having any information but being unable to convince the torturer of that.
Thanks to HN Notify (http://hnnotify.com/) I know what your post said before you edited. :P Knowing that, I'm sure you're aware of all kinds of crazy NSA crap others aren't, so thanks for flashing your credentials; as I said in another comment, I was pretty much just being pedantic about the "EVERYTHING".
Not only small laws, in the eyes of the feds. I highly recommend reading Harvey Silverglate's (veteran of the EFF, ACLU and the FIRE) book "Three Felonies a Day: How the Feds Target the Innocent." He discusses the issues of vagueness in federal felony statutes.
Think about it this way, the efforts to convict Jeff Skilling (yes, of Enron) of "Honest Services Fraud" would make reading HN from work a federal felony. Note that after the book was published, the Supreme Court threw out Skilling's conviction for honest services fraud on the basis of vagueness. But many other issues remain.
For example, I design my billing cycles on the principle of minimizing invoices of greater than $10k. Is this a federal felony? By some interpretations, it might be. Part of the reason is I don't want lots of my payments from customers being reported to the federal government. Part of the reason is that larger numbers of smaller invoices make cash flow a little easier to manage. Part of it is that I have found that banks don't like seeing a lot of large transactions and therefore my life is easier vis a vis the banks if I keep those to a minimum. But I think such statutes will have to be read narrowly.
>I am gonna be completely honest, I am scared to express myself any longer on the Internet in any fashion. I don't trust it any longer. I don't trust the police, I don't trust the FBI, I don't trust the federal government, and I also don't trust, nor have faith, in the justice system in the United States.
The internet is for marketing yourself, not expressing yourself.
>I remember reading a story about a guy who posted a quote from fight club on his Facebook status and a few hours later in the middle of the night the NYPD was busting in his door and he spent 3 years in legal limbo over it.
I am not (yet) at that point, nevertheless I understand your concerns. The most problematic thing to those scared like us is in my option the emerge of sentence/word structure analyses that will make it possible to draw our online identities together even when different ips, email, user, etc are used. I would love to see something like http://www.linguee.com/ that would help to "neutralize" language in such a way, that it seeks/suggests replacements for unique elements of phrases/words/etc.
> I am gonna be completely honest, I am scared to express myself any longer on the Internet in any fashion. I don't trust it any longer. I don't trust the police, I don't trust the FBI, I don't trust the federal government, and I also don't trust, nor have faith, in the justice system in the United States.
I moved out of the country four years ago for this very reason. The rule of law is gone. It is unsafe to live there.
You must leave. The time is now. This is not a drill. You are not overreacting.
It's the textbook definition of ridiculous. The entire argument you just made is one big collection of fallacies.
I'm openly and viscerally critical of the government, politicians, etc etc etc on many social media outlets, phone calls, emails, other communications yet I have not been impacted in any way. I have not had any of my rights restricted, abridged, etc.
So either I'm the luckiest guy in the "police state", or you're overreacting.
No it's not a police-state where they are actively targeting dissidents.
It's a TSA-state where there is a massive over-reaction to bureaucratic automated scanning of communications.
Post some SMS/Tweet/facebook update with a quote that sounds to an automated script like a terrorist threat. (eg a line from Fightclub or a Clash lyric) and watch the reaction.
Even if the police bursting down your door manage to not accidentally shoot you - hopefully you are white and rich - expect to be dragged through the courts and have your life ruined because THEY can't be wrong.
So some automated system somewhere screws up on one person out of roughly 300 million, (approx 0.000000319% for those keeping score), and this justifies a flight from the country.
Allow me to be blunt. Your concerns are overstated.
Personally, I wish we could do a complete debugging of such problems, and see which options are available to fix them properly. Note the word "complete".
Read the declaration of independence. The bug is explain (suffering while evils are sufferable) and the debug procedure as well (altering or abolishing the forms to which they are accustomed)
>but of course we live in a society that every single one of us breaks some small law every day.
I never really understood this line. I can say with pretty much 100% certainty that I have broken no laws, no matter how small, at any time within the past week. Traffic, what have you.
It wasn't difficult either. You sacrifice a tiny bit of convenience, but honestly? It's worth it to have a clean conscience.
> I can say with pretty much 100% certainty that I have broken no laws, no matter how small, at any time within the past week.
I can say with pretty much 100% certainty that you're wrong (at least if you're in the US).
I'm not saying that you're lying, let alone that you're intentionally doing wrong. It's just that the web of law reaches everywhere and it's almost impossible to not trip over it.
IMHO most of these laws shouldn't exist but that's just me.
It's been clear in my mind for some time now that Facebook is desperately doing anything possible to stay plugged into our internet lives. Their attempted take-over of email, which will probably lead to some success, only reinforces this. I think they see the writing on the wall -- that newer services will take over older ones -- and are doing anything they can to stay top dog.
What we need is an abstraction layer on top of social networks. No matter what their TOS, they do not own my friends or my conversations with my friends. I have no qualms at all about having some other service handle my friendships and conversations in a way I deem appropriate.
We need to pry Facebook's greasy hands from our throats before it's too late. At one point they were cute. Then they were pleasantly time-wasting. Now they're crossing over the line firmly into evil territory.
They have been evil for some time, as far as privacy goes. They, more than anyone else, have been behind the push to a post-privacy world. Adding law enforcement hooks is the natural extension of this.
during the finals of the european foosball tournament german legislation passed a law that allows the registration bureaus to sell your data to third parties. how long before they sell our biometric ready passport picture to fb along with our current address, birthday and other data?
even opt out does not work when the third party already has partial data.
It started innocently enough. Everyone is on it. Everyone. In the more than 20 years since it was founded - and now - daily life just could not be managed without it. Sure, it started innocently enough. Connect with your friends, post your pics, keep up with the fam. Yeah, that was then.
It wasn't too long before they started adding features. Adding value they called it. Extending your circle. Enabling you they'd say. Yeah, in the same way a spiders web is beautiful. The pattern and symmetry, glistening like shiny gossamer art. Its beauty pulls you in - you don't realize at first as you touch it, that it sticks. No, more than sticks - you become imbued with it. The more you move it wraps around you, encasing you... entombing you. For the data-mining black widow to come and suck the marketable value right out of you, your connections... every aspect of your life is now a product.
Classified, organized, tagged, sorted, tracked, pegged, followed, poked, monetized, labeled... owned is what you are. A commodity. A small spec among 3.5 billion in the user base of the book.
That's what it was these days... just simply 'the book'.
Everyone knows - everyone is aware. They are all in the book. Not even a page, or a word either... more like a letter. A single letter. An iconographic digital hologram of the total sum of your parts - all wrapped up real nice in a uniform singular profitable little package called your user profile. Displayed and viewed and consumed and tracked billions of times over. With more than thirty trillion page views per month, the cancerous blue and white digital encapsulation of the human soul was now blazoned across innumerable screens as nearly half the worlds population interacted on the book - more than 20% of the worlds population on the book at any given moment.
A study, one of the countless to be sure, said that now more than 90% of real human interactions occurred through the book. What does that even mean anymore... real? Real human interactions? Through the book? how is that even possible.
It was no wonder that in the last few years the backlash has switched to resisting this unexpected strangle-hold on the human condition. Most never saw it coming... happily going along with every new feature update, privacy change, "enhancement". MZ was repeating himself a lot these days... except his frame of reference had gotten bigger... along with his security detail.... Where years ago, the book was likened to that which only came along to change humans interactions every 100 years... now his statements were 10 fold. MZ thinks of himself as the embodiment of the singularity... whatever that means. Some fucking fantasy of a long dead cybervisionary that couldn't recognize the makings of our current prison I'm sure. Fuck him.
Looking around looks a lot more like binary slavery than any form of singularity. None of our old problems have been solved - in fact the book has only made things worse. After it became a "platform for governance and outreach" we, people like - those who really see, knew. We knew what this meant. Game fucking over.
This era of hyper connectivity and ultra social awareness was supposed to usher in some sort of Utopian orgasm -- one in which MZ would be carried on the shoulders of the masses to stand next to fantastical human saviors like Jesus. Fictional allusions to stellar bodies be damned!
The only problem is that most of the world is too busy. Feeding their attention into the black hole of the book to notice... or care I guess.
With ubiquitous access thanks to the assimilation of the largest global fiber network a few years ago, the book was now able to offer complete and total "free" access via the acquired goog-net.
Years ago, when Athena rolled out - it was a huge success. Welcomed into every neighborhood - direct, very high speed fiber access in every home was quickly made into a "right". The model was seen as our manifest destiny, held in a 62-micron translucent hair that fed us with more 1' and 0's to each person in a single day than the entire digital output of the globe in 1999.
Such an umbilical cannot be bad right!
The only problem is we misjudged the direction of the flow!
Now, with goog-net reaching everywhere, but the book being the only lens into the tubes -- our minds are warped. We are a most technically advanced - yet wholly dependent child-like civilization.
A mutant.
If its not on the platform. Not "in the book" they say -- how can it be trusted - how could it succeed? How can you expect to be relevant?
HOW CAN IT NOT BE RELEVANT!
Slaves! All of them!
This is why we act! This is what is needed. Who are we? Who the fuck were we? Not this! Surely not this. It is time.... We take action now. Rewrite this so called book.
Diaspora has the right idea. The danger of Facebook is that it is a monolith. If you can't see that Facebook is big brother, then your eyes are not open. It is literally that. By decentralizing our social networks, making everything opt-in, and controlled by small, independent, groups of people, we can effectively mitigate the corruption that is inevitable with such a monolithic and opaque service like Facebook.
This actually tripped up a friend of mine a couple of years ago. She left a comment on a photo of someone holding a toy gun saying "You look like <insert-name-of-well-known-terrorist>" followed by a smiley. Within hours, she got a message and a phone call from someone claiming to be working for FB's security who asked her some basic questions on why she left that comment. The whole experience scared her from using FB for a long time.
I thought the whole thing was adhoc and confusing. Anyone who saw the comment could easily see that it was a joke. Also, if it wasn't a joke, why is FB calling her and not someone from law enforcement?
Would love it if someone from FB here on HN could comment.
It sounds like your friend got trolled. We don't call users whom we suspect are criminals, and we certainly wouldn't call someone we suspect of being a terrorist. Especially on the grounds of a terrorism joke - believe it or not, we do have a sense of humor.
I work for Facebook's User Operations team and, as the Reuters article says, this specific tool targets the (thankfully) rare cases of adults trying to use the site for the purpose of grooming kids.
We use advanced technical systems to specifically identify grooming situations and strive for a low false positive rate. We have strong internal controls around these tools to prevent misuse or abuse, and stringent guidelines for the way we cooperate with law enforcement.
For whatever it's worth, I have been at Facebook for several years, and I am so amazed every time we're able to help a child avert an absolute worst-case scenario. These cases are rare, but they do happen, and I'm grateful we have the tools necessary to keep the worst of the worst from unfolding in the real world.
Speaking for the internet and most of humanity here - go fuck yourself and get a real job.
Anyone who argues that everyone should be spied upon in order to protect a minority is an idiot who does not understand the concept of freedom. Privacy is a right.
You shouldn't be striving for a low false positive rate, but for a zero false positive rate.
"Think of the children" doesn't rationalize even one wrongly accused person - especially in today's society where an accusation is enough to completely ruin ones life.
I'm very sure a lot of things have to happen before a weird private message thread ends up in an accusation that ruins someone's life.
A false negative could ruin the child's life just as easily, so I suspect most parents might think that's more important. It's not necessary to choose either "privacy uber alles" or "think of the children". As with most things in life, there's likely a good balance somewhere between the extremes.
>A false negative could ruin the child's life just as easily
For example? A child being preyed on by a pedophile? What would stop that from happening in real life? Maybe we should set up cameras every five feet since obviously if we could stop it (no matter how immoral we have to act to do so) we have an obligation to, right?
Yes, a child being preyed upon by a paedophile. Nothing would stop it happening in real life, why is that relevant? Kids can die from drinking too much water, but using your reductio ad absurdum, you'd accuse me of wanting to ban water. Obviously there's a reasonable balance, which you continue to reject.
People have obviously found that online fora are perfect to groom children, because you can approach a child far easier than doing so in a playground. You can also repeatedly try with different children without your likeness being plastered on a wall somewhere. Since it's an obvious target, and checking it can be automated, why not police it in a balanced way? Again, you only see one side of this.
Similarly, in real life if you had a cheap, automated way of highlighting interactions that have been proved to have a higher chance of leading to children being molested while still balancing that with the human rights of the adult, most would find a balance between "do nothing" and "be hysterical". We don't have such an automated mechanism, and I'm sure your cameras-every-five-metres idea is on the hysterical side of balance, so even using it is obviously a straw man argument. That doesn't discount more rational approaches for those who have more than one principle in mind.
OP said they aren't calling users but passing information on to law enforcement. Getting a call by Facebook for a bad joke is one thing. Getting the door busted in by police and subsequently shamed and fired from your job because of a bad joke you thought you made in private is another.
in case of law enforcement, the only acceptable false positive rate is zero.
>"a zero false positive rate simply doesn't exist."
Laughable. It does when Facebook are going out of their way to read something that is absolutely none of their business. You can easily obtain zero false positives by not turning anything over the the police.
> I am so amazed every time we're able to help a child avert an absolute worst-case scenario. These cases are rare, but they do happen, and I'm grateful we have the tools necessary to keep the worst of the worst from unfolding in the real world.
Example? Because it sounds like justification bullshit.
OP wrote in another message that "her account got temporarily disabled within a short time of her posting that comment". Is that possible for non-Facebook employees to effect somehow? If not, then it was one of your colleagues, not a troll.
Nope, her account got temporarily disabled within a short time of her posting that comment, got unlocked after a day or two (I'm not sure how long it took to become available). Sure, some friend could theoretically have found a way to get into her account, done the locking and unlocking but seems pretty far fetched.
Why didn't your friend just hang up on them? If someone is that stupid, don't give them the time of day. Though, I might ping my lawyer after laughing at them and hanging up just so someone knows if I suddenly disappear.
What I find interesting is, that now the but think of the innocent children argument is also getting adapted by the corporate world to justify incredible privacy invasions.
Facebook's mass wiretapping and analysis of its users private communication seems almost like the post office scanning each and ever letter and postcard in the vague hope of finding some keywords related to bomb, terror and of cause "children". I wonder how long it is going to take until Google is going to send automated notifications to my local police station when I'm going to start googeling some water bomb tutorials for the summer.
That question has a complex answer. In short: not really.
Unfortunately, I know a little too much about phone networks to have a representative answer. I know very little about Facebook, except that its users usually attribute to it more privacy than it really offers. Trying to understand why that is is the reason for my question.
Yes. On one hand there are quite strong laws about privacy for phone companies and second I pay them. By contrast, I would not pay FB even if I had an account. Their entire business model is, that they are selling private data. ( Technically it is unfortunately neither for FB nor for telcos a problem to eavesdrop.)
There's an illusion in online communication that makes the average user think any particular message they send is like physically handing a message to another person. Using Gmail as an example, sure, your email goes to the right person, but you first send it to/through Gmail. They just happen to pass it along to the recipient.
I consider FB chats to be much less private because they actually get stored on a server somewhere by default. Also I can access them anywhere with an internet account. Neither of these things are true of SMS.
AT&T cops to saving SMS messages, not just "pen trace" (sender/recipient data), for up to 72 hours. For "delivery purposes" only. Though the release I read doesn't specify to whom.
If I log in and click the Messages button I can see all my messages. To do that they have to be on their server. There isn't an off-the-record button I missed is there?
Ideally Facebook would use public-key encryption for chats and allow each user to individually save the history with their own passphrase they input encrypting it client-side.
But hey, auto-saving history without prompting you is worth it, right? (Also figuring out what to advertise to a user.)
It seems like you're describing something completely different from FB chat. anyway you could just encrypt the text, base64-encode it, and paste it into the chat box. still more convenient than email.
FB chat to me is basically real-time private messages rather than more traditional instant messaging, but everything I described except securely archiving the history could be done by FB transparently to the user. Of course you can do the work yourself, I just think it would be a nice gesture if FB provided the option to do the work for you, a way for the user to conveniently make sure FB keeps their parsers off the user's chat data. (It could also be extended to other data.) Also with how frequently Amazon prompts me for my password, I don't think users would be incredibly turned off by FB prompting for a password when they start chatting, and their browsers can be made to remember it anyway.
It would be covered under the Stored Communications Act. Unfortunately reading the act it looks like it is up for debate as to whether they are breaking the law. The Stored Communications Act allows voluntary disclosure when two things are true:
1) The communications were inadvertently obtained and
2) The communication appears to pertain to commission of a crime.
I don't think you can classify this as inadvertent. So I wonder if Facebook can be sued.
There is one way to find out. Create a decoy post, hear from law enforcement, and sue Facebook.
I am pretty sure "but think of the children" is exactly the sort of thinking that goes into a program designed to stop child predators. I don't get the freakout here. Facebook communication is not private communication and they're clearly targeting child predators. Now obviously it could creep/evolve to target other types of crime but I still think communication over Facebook is not private and it's silly if one is surprised to find that out. Outrage over this feature is a step short of saying "well how come concerned citizens are allowed to notify the police when a man in public is exhibiting the behavior of a child predator?"
I'm of the opinion that once enough people get fed up with a surveillance state, or even a surveillance society since private entities are involved, that the best way to "fix" the problem is by collectively generating noise that makes it too expensive and time consuming to find a needle in a haystack. Right now they probably generate very few false positives, however if many people went out of their way to actively generate false positives on a regular basis, you've effectively disabled such a system and manufactured reasonable doubt.
Generating deliberate false-positive inducing noise in communications deemed to be private between two or more individuals who know one another should be protected as free speech. To argue otherwise would be the equivalent of prosecuting an individual for yelling "Fire" in their own home among friends and stating that such an act is a clear and present danger to the US.
IMHO automated cooperative manufactured reasonable doubt will probably be one of the last bastions of civil liberties in a surveillance society.
If this privacy-invading-data-miners are using computers and mathematics they’ll surely find better and better ways of filtering the false positives. But before it even comes to that they’ll probably just scare people into submission by making examples of people who create false positives--probably by treating them as true positives.
there's a problem regarding false positives though. A portion of those may be guilty of other things.
There was this interesting article on this idea of terahertz lasers in airports. I think these machines are great because they are programmable and specific. You can program them to look just for explosives and this reduces the search issues significantly. But what of the fact that they would mean the TSA might be Constitutionally barred from looking for drugs? Would this retard adoption?
I think if you want to show you are doing a great job at law enforcement and minimize the warrant requirement, you want to have as many false positives as the courts will let you get away with. "Yeah they only found a few oz of pot, but they had probable cause to believe he was a sexual predator, so the evidence is admissible."
There are three problems with this I can see straight off the bat:
- The noise itself may be interpreted as incriminating. If someone wants to make trouble for you, they can, based on the noise. Yes, you have plausible deniability, but this costs time and money.
- Fuzzing signals is tricky. If someone's snooping for unspecified suspicious behavior, noise may cloud things. If they're looking for specific data to tie you to people, places, times, events, etc., there are very powerful tools to cut through the things you're not interested to just the stuff that's relevant. Methods of masking printer identification marks suffer a similar problem.
- Even if you're generating pure random white noise, under a regime compelling decryption on request, you've now got to make the case that noise is in fact noise, and not very securely encrypted data. Again at a cost of time/money in the face of someone who wants to make trouble for you.
So what happens if Facebook's system flags a message, it is reviewed by their staff and then dismissed as non-actionable, but turns out to be the precursor to a severe criminal act? Does the blame come back on Facebook for failing to prevent this crime?
Possibly failure to properly notify will result in some sort of legislative slap on the wrist, but not for failing to prevent it. That isn't their responsibility.
But didn't they make it their responsibility the minute they began screening messages with the intent of reporting crimes? Selective enforcement whether by choice or mistake isn't an option they can choose here.
And criminal legalities aside, I would be more concerned about the civil litigation from the victim or victim's family. Facebook pledged to prevent crime against its users, witnessed evidence that a crime would take place, and then failed to act. Tell me no one would go after Facebook's deep pockets in this situation given they could have reasonably prevented whatever crime took place, even if it meant reporting it to the proper authorities.
It may just be professional paranoia talking, but I can't see how this doesn't release them from some sort of liability in a worst-case scenario.
Yes, and since they claim that nearly 1 out of every 7 people on the planet (900 million users!) are on facebook, I'd take the default position that if any crimes happen they probably failed to report it. :)
the problem lays within who decide who is a "sexual predator", who is not. I can assure you if this is left without governance, it will be very easy to slip in you and me and label as as predators as well. For example, you hold a hand of your 6-year old nephew when walking back from school when picking him up, per your sister request. In Facebook standards, you may already be a "sexual predator".
Some sex offenders have avoided jail time. Florida has an interesting comparison of the terms[1]. How large is the pool of "elite" you're talking about? I don't think a size of over 10,000 deserves the term (so about 0.0033... percent of the US population if we limit to there) and I'd lean more toward a max of 500 (0.000166...%). It's at least a fun thought-experiment: how low can you go before the economy collapses and/or those in charge can't keep the prisoners or slaves in line or fed? Even back in the days of US slavery, only two states had slightly more slaves than non-slaves[2].
All the more reason to use encryption technology like Off-the-Record (OTR) Messaging (http://www.cypherpunks.ca/otr)! I've been working on an OTR-compatible iOS app called ChatSecure (https://chatsecure.org) that is capable of encrypting your Facebook chats (or any other XMPP service).
Does anyone know a site where all of the scary things (civil rights and privacy violations) that are going on have been aggregated? I sometimes get people asking why I’m not on Facebook. It would be nice to have a place to point people to about why because it’s quite difficult to explain normally.
It seems like the correct approach is for Facebook to do only what's legally required of it, and nothing more. That would allow society to have a transparent debate about what, exactly, should be required, leaving FB policy out of it.
As I understand it, FB is currently only required to respond to appropriately specific subpoenas and warrants. If the cops want more, they should petition for laws to require that and we can all argue about it like responsible citizens. And we could equally demand more protection.
But this thing where sometimes FB voluntarily sends law enforcement bits of information and sometimes they don't based on poorly defined criteria is just creepy. And why does FB even want this responsibility? Isn't the simplest, most obvious model to say no by default?
> "And why does FB even want this responsibility?"
Maybe Facebook wants to cultivate the appearance of being a "safe place", as a precursor to opening its services to younger users? That would certainly be a way of growing their user base.
I agree that whatever the reason they're doing this is, it's misguided and creepy.
Even better would be for them to set up the system in such a way that they couldn't provide this information if they wanted to. They should go as far as moving the actual data to servers that respect human rights and privacy better than the US government does.
I was once informed by an FB employee that federal agents are ensconced at the FB premises to monitor users' communications and shut down / censor FB groups and venues for "hate" speech and terroristic threats.
What position did this Facebook employee hold at the company? In which office did they work? Is it possible they weren't really a Facebook employee? What sort of censorship are you talking about?
I ask because I've never heard anything like that, despite working with the teams that build tools to fight spam, scams, fake accounts, and to assist the User Operations team to handle reports from people who encounter harassment, bullying, and other anti-social or criminal activity.
What position was he recruiting for, and roughly when (let's say, which quarter and year)? How likely was he a new recruiter?
I'm not sure I can express my skepticism about this enough - our security, safety, and site integrity teams are some of the most privacy-conscious people I know, and even a hint of something like this happening here would lead to very pointed questions asked at the weekly Q&A every week until it was resolved.
This was last year, and the recruiter was an old timer, so to speak; he wasn't new to FB. He was recruiting for the software engineering positions.
Really, are you surprised that there are federal agents on the premises, or just upset at the thought that FB users' privacy could be compromised in such a situation? To the degree that FB forum and groups ToS conforms with federal law and moreover seeks to go above and beyond the letter of the law then FB in this regard could be thought of as an extension of the federal government in such matters with regards to its own users. In this light it is no more relevant whether federal agents look at private or group communications, as opposed to bona fide FB employees. It doesn't matter. This is a private company; the first amendment doesn't apply. In any case, FB as a company isn't exactly widely respected for its position on its users' data, nor is it known to play nice with its users' privacy.
Let's not forget that of the companies whom the federal government sought to extract users' accounts' data from with regards to the Wikileaks issue 18 months ago, only Twitter publicized the compelled exposure of its users' data. Facebook happily gave the feds all the users' info they sought without telling us about it.
Although IIRC you have said that you've worked with the FB spam and fake account / phishing detection team, FB is a large enough organization at this point that the team responsible for complying with federal mandates and managing FB's relation with federal law enforcement is separate. Tao Stein and team have no bearing on this particular matter, nor should they care that real users happen to talk about and discuss real issues that federal agents think should be taken down. This is a separate matter entirely from what you've worked on.
I find this fascinating from a legal/political perspective.
Facebook is essentially using the same techniques to monitor private communications as the NSA supposedly does. This means Facebook has the power to report, for example, selected messages but not others. (I'm not saying they do, of course, just that they could be selective or discriminatory that way.)
The fact is that Facebook has taken upon itself a role similar to that of the police, but without any democratic oversight.
This is different from a bar owner overhearing a conversation about a crime and calling the police, because he wasn't specifically monitoring every single word said by every bar patron. But Facebook is casting a wide net by analyzing every conversation that happens.
Questions: should Facebook be permitted to do this? Should we ask for laws preventing companies from "eavesdropping" on their users' communications with the intent of detecting and reporting criminal behavior? Should this be the role of the democratically-elected government instead? Should sites be required to turn user communication over to the government for such analysis?
It's a fascinating area of law/politics with so much room for future development, and gets down to the heart of what values a society has.
This looks like it's mostly targeted at sex predators, but I wonder if the system is also activated if you jokingly tell a friend that they are "smoking crack".
Indeed it does and is another case of "think of the children" without thinking of the adults.
Conversations of "what was that shit resturant you went to the other day" would probably get flagged as well once they replied with an address. Or indeed local phrased like "I'm hittting the bank first then we can meet up at the bar on 42nd street" were the term hitting is slang for nothing more than a harmless turn of phrase saying i'm going to the bank. Nothing sinister, though could easily be misinterpreted.
There are many others and also people have nicknames.
Still on the plus side, it will create alot of jobs were you get to read other people so called private conversations :|.
Why bother with this system when there are plenty of public (not that it matters for FB) profiles admitting the owner is using some sort of illegal drug?
Never assume anything you send online is private. If the service isn't monitoring you, your friends are. And if not your friends, then the people who share your friends' computers, or anyone who comes into possssion of it, have he potential to expose your communications.
And while this has always been the case ever since letter writing, electronic communication is so much easier to parse and distribute and copy on bulk.
Yep. Google probably knows my address, phone number, email, and name, not because I've told the Internet, but because I told a friend how to drive me home and he entered it in his Android smartphone's address-book. Or was it Apple..then Apple knows (I forget).
(well, I did because I participated in GSoC, and they needed my address to pay me, which I decided was worth it for me! Etc. etc.)
What if Facebook make a mistake, do they get done for wasting police time? Monitoring is all fine but it needs to be done independantly, anything else is a conflict of interest and something that FaceBook staff can abuse.
You know it would not supprise me one bit if FaceBook had staff monitoring this modding down every post that holds them in true^H^H^H^HBAD light.
Somewhat related, apparently if you want to shutdown someone's paypal account and suspend their funds (and yours as well, be warned) just send them some money with the reason "drug money".
Apparently people have sent their friends money, rent, etc. and did that as a joke, boom, it's a nightmare.
Now I'm pretty sure that my account was (temporarily) disabled for this reason when I posted a politically biased link about the refused Iranians at Apple stores.
Whilst FB have legal obligations in many countries I must say when I read "phrases that signal something might be amiss, such as an exchange of personal information or vulgar language" then the first thing that sprang to mind was nothing to do with crime. People swear, people exchange details. SO I guess alot gets flagged up to there staff.
Question is, do they warn you that your private conversation is not private and do they comply with the data protection acts the various countries have and more importantly who monitors FB? So many things can be taken out of context and acted upon in good faith at the detrement of innocent parties, this is concerning. But I don't do FB, nor do I have any immediate plans either. That has nothing to do with this, but more todo with concerns in general about there privacy and policeys they act out.
Decades ago, a friend of mine (call him Mickey) was under a DEA investigation due to some bone-headed thing he did involving one of his acquaintances (call him Ken) asking him to receive a shipment from Colorado for him.
Now the fun part is another friend of ours (call him Jeb) was in the habit of making movie quotes when he started phone calls, so he calls up Mickey and leads in with a Lethal Weapon 2 line about "shipments", completely unknowning that the DEA was potentially tapping the call.
Because of the way the warrant was written, Mickey was able to wave off the tap on Jeb's call since it only covered calls from Ken. But it could just as easily led to all sorts of other problems since between friends, the level of discourse can go far afield of what a non-initiated 3rd party might consider normal.
In the post-9/11 era this is de rigueur and at some level socially sanctioned in the name of keeping us safe from terrorists and social deviants. And I don't think you can argue credibly against these operations w/o first interrogating the various pretexts that have set the stage for them: Oklahoma City, 9/11, 7/7, 3/11 etc.
So, "cooperation with police" now entails creating their own criteria for crime and dragnetting the presumed private conversations of a billion people.
I guess I better not confirm birthday parties or holidays with young relatives or friends kids on that site.
How come every time there's a post about Facebook the usually intelligent HN crowd goes nuts? I can understand the concerns but this whole thread is filled with alarmists and looks like something taken from reddit (or even 4chan).
You do realize that could very well be more about his Mom being is among his FB friends, than out of any fear of Zuckerberg and crew calling the cops on them for what would amount to misdemeanor possession, at worst, yes?
Which is why I stopped using Facebook.
I also stopped using Twitter to tweet. I still use it to follow news sources, I just don't actively tweet. I did that after the NYPD won a court case to see all the private messages you send on Twitter.
I also don't comment much at all on blogs, and social sites like this one or Reddit anymore. (I use to be a top 10 contributor over at Reddit. At least that is what some metric said a few years ago when someone listed the top ten most popular usernames. That account is deleted now)
I am slowly pulling out. I have a deep distrust of the current surveillance state in the United States. I remember reading a story about a guy who posted a quote from fight club on his Facebook status and a few hours later in the middle of the night the NYPD was busting in his door and he spent 3 years in legal limbo over it. (Might have been NJ police anyways, red flags)
You start piecing together these things, and you start to realize that your thoughts and ruminations about life, the universe, and the mundane, can be used against you at any moment and can completely strip you of your liberty and freedom, and any happiness you may have had.
I am gonna be completely honest, I am scared to express myself any longer on the Internet in any fashion. I don't trust it any longer. I don't trust the police, I don't trust the FBI, I don't trust the federal government, and I also don't trust, nor have faith, in the justice system in the United States.