Facebook to Be Fined $5 Billion in Cambridge Analytica Privacy Scandal

The U.S. Federal Trade Commission has voted to approve a settlement with Facebook that will see the social media giant hit with a roughly $5 billion fine over the Cambridge Analytica privacy scandal, reports The Wall Street Journal.

The matter has been moved to the Justice Department’s civil division and it is unclear how long it will take to finalize, the person said. Justice Department reviews are part of the FTC’s procedure but typically don’t change the outcome of an FTC decision.

A settlement is expected to include other government restrictions on how Facebook treats user privacy. The additional terms of the settlement couldn’t immediately be learned.
The scandal revolved around data firm Cambridge Analytica, which improperly collected information on tens of millions of Facebook users without their consent to create targeted political advertisements during the 2016 campaign.

The data collection came through an app called "This Is Your Digital Life," which requested that Facebook users complete a survey for academic use. In reality, the app's permissions allowed it to collect personal information on not just the Facebook users who took the survey but also their friends.

Facebook revamped its privacy practices in the wake of the scandal, but the company still faced investigations by regulators over multiple security lapses and marked a significant moment in efforts to raise awareness about digital privacy.

Apple CEO Tim Cook called the Cambridge Analytica situation "dire" and has on multiple occasions called for increased regulation to protect user privacy.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Facebook to Be Fined $5 Billion in Cambridge Analytica Privacy Scandal" first appeared on MacRumors.com

Discuss this article in our forums

WhatsApp Tests Feature That Lets Users Share Their Status With Facebook and Other Apps

WhatsApp is testing a feature that enables users to share their WhatsApp Status posts over Facebook, Instagram, and other services.


WhatsApp's Status feature works a lot like Stories do in Instagram, in that users can use the option to stitch together photos and video to express themselves in a way words alone might not allow them to.

The idea behind WhatsApp Status sharing is that it will allow users to post their status directly to their Facebook story, Instagram Story, Gmail, Google Photos, or other service.

WhatsApp told The Verge that the sharing feature doesn't link accounts on the two services in any way, and instead transfers the data on-device using Android and iOS data-sharing APIs.

Even when sharing to another Facebook-owned service like Instagram, WhatsApp says the two posts remain separate events and are not associated in Facebook's systems.

Regardless of that explanation, relating the two platforms in the public consciousness has become a risky business for Facebook ever since it acquired WhatsApp in 2014.

The company said at the time that it wouldn't collect data from the end-to-end encrypted messaging service, but then two years later it began doing exactly that for ad-targeting purposes.

In 2016 the company had to end the collection of WhatsApp user data across Europe, including the phone number a user verifies during the registration process and the last time a user accessed the service, after privacy watchdogs slammed the practice and regulators demanded it be stopped.

Facebook was subsequently fined $122 million by the European Commission for misleading regulators during the merger review about the extent to which it could link accounts.


This article, "WhatsApp Tests Feature That Lets Users Share Their Status With Facebook and Other Apps" first appeared on MacRumors.com

Discuss this article in our forums

Contact Info for Millions of Instagram Influencers, Celebrities, and Brand Accounts Leaked Online

A database that contained contact information for millions of Instagram influencers, celebrities, and brand accounts was recently leaked online, reports TechCrunch.

The database, which was hosted by Amazon Web Services and contains more than 49 million records, was accessible without a password or other credentials according to the security researcher who informed TechCrunch about the leak.

Records include public data pulled from Instagram, such as profile picture, biography, and follower numbers, but also private contact information like phone numbers and email addresses.

Records also calculated the "worth" of each account based on follower count, engagement, reach, likes, and shares.

The database was initially uploaded and shared by Mumbai-based social media marketing firm Chtrbox, a company that pays Instagram influencers to share sponsored content. Though uploaded by Chtrbox, the database includes info from influencers who have never worked with the company.
TechCrunch found several high-profile influencers in the exposed database, including prominent food bloggers, celebrities and other social media influencers.

We contacted several people at random whose information was found in the database and provided them their phone numbers. Two of the people responded and confirmed their email address and phone number found in the database was used to set up their Instagram accounts. Neither had any involvement with Chtrbox, they said.
After hearing from TechCrunch, Chtrbox took the database offline, but the company's CEO did not respond to a request for comment on how the data was obtained.

Instagram parent company Facebook said that it was looking into the issue and aiming to determine whether the data was from Instagram or other sources. "We're also inquiring with Chtrbox to understand where this data came from and how it became publicly available," said Facebook.


This article, "Contact Info for Millions of Instagram Influencers, Celebrities, and Brand Accounts Leaked Online" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Brings Back ‘View As Public’ Feature That Was Removed Because of Security Issues

Facebook today announced that it is reintroducing the "View As Public" feature that's designed to let you see your Facebook profile as a non-friend sees it, so you can double check that you're not sharing information publicly that you don't want to share.

In addition, Facebook is adding an "Edit Public Details" button directly to your profile, which will make it easier to adjust what information about you is publicly visible.


Facebook removed all "View As" features in September 2018 after a vulnerability with the feature allowed hackers to steal Facebook access tokens for almost 50 million accounts.

Facebook now says that the "View As" feature for viewing an account as a member of the public was not affected by the security incident and was more popular than the "View as Specific Person" options that are still disabled.


This article, "Facebook Brings Back 'View As Public' Feature That Was Removed Because of Security Issues" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Co-Founder Calls For ‘Break Up’ of Facebook, Instagram, and WhatsApp

Recently, presidential candidate Elizabeth Warren put forward the idea to reverse certain tech mergers to promote healthy competition in the market, particularly including Facebook and Instagram. In an op-ed shared today by Facebook co-founder Chris Hughes, that topic is revisited (via The New York Times).


According to Hughes, the Federal Trade Commission's "biggest mistake" was letting Facebook acquire Instagram and WhatsApp. As the co-founder pointed out, many people left Facebook following the Cambridge Analytica scandal, but they didn't leave the Facebook ecosystem altogether because of Instagram and WhatsApp, with some people unaware that Facebook owned these social networks.
First, Facebook should be separated into multiple companies. The F.T.C., in conjunction with the Justice Department, should enforce antitrust laws by undoing the Instagram and WhatsApp acquisitions and banning future acquisitions for several years.

How would a breakup work? Facebook would have a brief period to spin off the Instagram and WhatsApp businesses, and the three would become distinct companies, most likely publicly traded. Facebook shareholders would initially hold stock in the new companies, although Mark and other executives would probably be required to divest their management shares.
In the years since its acqusitions, the founders of both Instagram and WhatsApp have left each company, reportedly due to clashing with Mark Zuckerberg and his management of their apps. Hughes described an informal slogan that became well-known in the Facebook offices in the wake of its launch of the "Stories" format on Instagram and Facebook: "Don't be too proud to copy."
The vibrant marketplace that once drove Facebook and other social media companies to compete to come up with better products has virtually disappeared. This means there’s less chance of start-ups developing healthier, less exploitative social media platforms. It also means less accountability on issues like privacy.

Mark may never have a boss, but he needs to have some check on his power. The American government needs to do two things: break up Facebook’s monopoly and regulate the company to make it more accountable to the American people.
Although the Cambridge Analytica scandal has passed, in 2019 Facebook continued to appear in headlines regarding data breaches and user privacy issues. In April alone, it was reported that Facebook's executive team used the data of its users as leverage over partner companies; two days later it emerged that Facebook harvested the email contacts of 1.5 million users without their knowledge or consent and used the data to build a web of their social connections.

That same day, Facebook confirmed that millions of Instagram passwords were stored on its servers in plain text with no encryption. Similar stories have been shared frequently since news broke about about the Cambridge Analytica scandal just over one year ago.

Amid all of the news, Facebook today announced the launch of a new feature for Stories called "Birthday Stories." Using this ability, friends and family members can add digital birthday cards, photos, or video messages to your Birthday Story, which will be visible at the top of the Facebook iOS app like other Stories.


The feature will be available in the birthday notification that pops up when a friend is celebrating their big day. From there, you'll be able to take a photo or video, share a music sticker on the Story, and more. Once multiple people have added to the Birthday Story, the person in question will be able to browse it like any traditional Facebook or Instagram Story.

The company said that its goal with the new update was expanding on existing birthday features on Facebook, while also continuing to push interaction with Stories. It's been over two years since Facebook Stories began rolling out to users, and nearly three years since Instagram first copied the Stories format from Snapchat.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Facebook Co-Founder Calls For 'Break Up' of Facebook, Instagram, and WhatsApp" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Getting Refreshed Look on Desktop and Mobile

Facebook's developer conference, F8, took place today, and Facebook announced a number of changes coming to the social network in the future.

Facebook is set to gain a refreshed design, that's meant to be "simpler, faster, and more immersive," situating Facebook Groups more prominently. The new design will "make it easy" for people to transition from public spaces to more private ones.


There's a redesigned Groups tab to make it easier to find content from your groups, along with a new discovery tool for recommendations for new groups. Content from groups may show up more prominently in the News Feed, and content from the News Feed will be able to be shared directly with groups.

New features for specific types of groups are coming, such as an option to post without a name in a health support group and an option for employers to post job openings in job groups. Gaming groups will get a chat feature, and Buy and Sell groups are getting an option that will let people ask questions and place orders during live broadcasts.

A "Meet New Friends" feature is coming to help people start friendships with new people from shared communities like a school, workplace, or city, and this summer, a new Events tab is coming to allow users to see what's happening around them.

Facebook's redesign is rolling out on mobile devices starting today and will be available on the desktop site "in the next few months."

As was announced earlier today, Facebook also plans to introduce a Messenger app for macOS, a re-engineered mobile Messenger app, a feature for watching videos with friends, and a dedicated space for messaging close friends and family.

During today's event, Facebook CEO Mark Zuckerberg also said that privacy will be more of a focus going forward. Facebook will focus on six principles as it makes site and app changes in the future: private interactions, encryption, reduced permanence for content, safety, interoperability, and secure data storage.

"Over the next few years we are going to build more of our services around these ideas," Zuckerberg said. "This isn't just about building features. We need to change a lot of the different ways that we run this company today."


This article, "Facebook Getting Refreshed Look on Desktop and Mobile" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Messenger to Launch on Mac Later This Year

Facebook will launch a new desktop app for Messenger on both macOS and Windows later this year, according to a since-deleted blog post spotted by French blog iGeneration ahead of Facebook's annual F8 developer conference.


A screenshot of the Windows version of the app reveals that it will look rather similar to both Skype and Apple's own Messages app on Mac. Facebook said Messenger Desktop will have many of the same features as the mobile version of the app, including support for group video calls and collaboration.

Facebook is expected to unveil the desktop app alongside several other new Messenger features at its F8 keynote today at 10:00 a.m. Pacific Time.


This article, "Facebook Messenger to Launch on Mac Later This Year" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text

Back in March, Facebook announced that millions of Facebook passwords were stored on its servers in plain text with no encryption. At the time, Facebook also said that "tens of thousands" of Instagram passwords were also stored in the same unencrypted format, but as it turns out, the actual number was much, much higher.

In an update to its original blog post, Facebook now says that millions of Instagram passwords were stored on its servers in a readable format.

Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.
These unencrypted, plain text passwords were accessible to thousands of Facebook employees, and while Facebook says that there's no "evidence to date" that anyone within Facebook abused or improperly accessed the passwords, it's highly concerning.

Instagram user names, unlike Facebook usernames, can be highly appealing to thieves. Short names can sell for quite a lot of money, which makes Instagram passwords rather valuable.

Facebook was not forthcoming about the discovery of additional impacted Instagram accounts, burying it in a month-old blog post and, as Recode points out, releasing the update just before the Mueller report came out and media sites were distracted.

Facebook will be notifying Instagram users whose passwords were improperly stored, and Instagram users who are concerned about their accounts should change their passwords and make sure two-factor authentication is enabled.

Facebook's latest security leak comes just a day after news spread that Facebook harvested the email contacts of 1.5 million Facebook users without their consent and used the data to build a web of social connections.

Earlier this week, a scathing report also outlined how Facebook leveraged user data to punish its rivals and reward companies who paid heavily into Facebook advertising and shared data of their own.


This article, "Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent

Facebook harvested the email contacts of 1.5 million users without their knowledge or consent and used the data to build a web of their social connections, it emerged today. Business Insider reports that Facebook began collecting the contact lists in May 2016 when new users opened a new account on the social network.

Image via Business Insider

The harvesting occurred when users were offered email password verification as an option to verify their identity when signing up to Facebook, a method widely condemned by security experts. In some cases if users did enter their password, a pop-up message would appear informing them that it was "importing" their contacts, without even asking their permission to do so.

These contacts were then fed into Facebook's database systems and used to build a map of users' social links and inform recommended friends on the social network. It's not clear if the data was also used for ad-targeting purposes.

In a statement given to Business Insider, the company said that these email contacts had been "unintentionally uploaded" to Facebook when users created their account.

It also said that prior to May 2016, it offered an option to verify a user's account and voluntarily upload their contacts at the same time. However, the feature was changed and the text informing users that their contacts would be uploaded was deleted, but the underlying functionality was not. Facebook says at no point did it access the content of users' emails.
We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we're deleting them. We've fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.
The news is just the latest addition to a long list of privacy blunders and violations by Facebook. In March, for example, it emerged that between 200 and 600 million Facebook users may have had their account passwords stored in plain text in a database accessible to 20,000 Facebook employees. Some Instagram passwords were also included.

That was followed earlier this month by news that cybersecurity researchers had discovered millions of Facebook records publicly accessible on Amazon's cloud servers, after the data was uploaded by third-party companies that work with Facebook.

In yet another development just this week, over 4,000 pages of documents from 2011 to 2015 were leaked which provide insight into how Facebook took advantage of user data while publicly promising to protect user privacy before and after its 2015 move to end broad access to user data.


This article, "Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent" first appeared on MacRumors.com

Discuss this article in our forums

Facebook CEO Mark Zuckerberg Leveraged User Data to Help Friends and Punish Rivals

Facebook's executive team, including Mark Zuckerberg, used the data of Facebook users as leverage over partner companies, according to leaked emails, webchats, presentations, spreadsheets, and more obtained by NBC News.

More than 4,000 pages of leaked documents from 2011 to 2015 provide insight into how Facebook was taking advantage of user data while publicly promising to protect user privacy before and after its 2015 move to end broad access to user data.


The documents were sent to NBC News by British journalist Duncan Campbell and originated from a 2015 lawsuit filed against Facebook by startup Six4Three after Facebook cut back on third-party data access. Six4Three had an app called Pikinis that let users find photos of their friends in swimsuits that was not able to function after Facebook's data changes.

Facebook has claimed that it limited data access to protect user privacy and to keep its users safe from companies that mishandled data, but internally, privacy was not the concern Facebook was addressing when making the move. Instead, the documents suggest Facebook ended access to user data to give it more power over third-party apps and partner companies.
However, among the documents leaked, there's very little evidence that privacy was a major concern of Facebook's, and the issue was rarely discussed in the thousands of pages of emails and meeting summaries. Where privacy is mentioned, it is often in the context of how Facebook can use it as a public relations strategy to soften the blow of the sweeping changes to developers' access to user data. The documents include several examples suggesting that these changes were designed to cement Facebook's power in the marketplace, not to protect users.
Companies favored by Facebook were given access to the data of Facebook users through exclusive deals struck before the data changes, while rival companies or apps were denied access. Amazon, for example, was provided with "extended access" to Facebook user data because of its spending on Facebook advertising and its Fire phone partnership, while data was restricted from other apps.

Facebook believed app developers were getting more value from Facebook user data than Facebook was getting from app developers, a factor that led Facebook to limit access to user data and consider other monetization tactics.

According to NBC News and previously leaked documents, Facebook mulled ways for third-party apps to provide monetary compensation for user data, ranging from direct payment to advertising spending and data sharing setups, but ultimately decided on providing access to app developers who were "personal friends" of Zuckerberg or who spent money on Facebook and shared their own data.

Facebook has previously confirmed that it considered charging companies for access to user data, but has downplayed the discussions as a mere consideration of different business models. Approximately 400 pages of the 4,000 that NBC News obtained have been leaked previously, and Facebook has called these past documents "cherry-picked" and "misleading."

NBC News says that the new documents suggest charging for user data was more than a cursory exploration of different business models, as Facebook discussed plans to sell user data for years. Senior executives, including Zuckerberg, COO Sheryl Sandberg, and CPO Chris Cox were in favor of selling data.

In emails to one of his friends in 2012, Zuckerberg explained that without limiting access to Facebook data, Facebook wouldn't have "any way to get developers to pay [Facebook] at all." He also said that he didn't feel that data leaks were a risk factor.
"I'm generally skeptical that there is as much data leak strategic risk as you think," he wrote in the email to Lessin. "I think we leak info to developers but I just can't think of any instances where that data has leaked from developer to developer and caused a real issue for us."
Facebook considered 100 deals with app developers to figure out the "real market value" of Facebook user data to learn "what developers would actually pay."

Zuckerberg ultimately decided not to charge outright for data access, but before implementing the sweeping changes in 2015, he explained in 2012 that access to Facebook data should be contingent on developers sharing "social content" generated by their apps back to Facebook and paying for advertising.

According to NBC News, the newly leaked documents could further an antitrust case against Facebook by establishing the value that Facebook placed on user data.
But if regulators can show that users were paying for access to Facebook with their personal data, and that Facebook valued that data as leverage against competitors, that could expose Facebook to an antitrust complaint, said Jason Kint, CEO of Digital Content Next, a trade association representing digital publishers.

"These emails clearly establish the value of consumer data to Facebook," Kint said. "It shows that it is not free."
The full exploration into Facebook's data sharing practices and additional details gleaned from the leaked documents can be read over at NBC News and is well worth checking out for anyone interested in Facebook's motivations.


This article, "Facebook CEO Mark Zuckerberg Leveraged User Data to Help Friends and Punish Rivals" first appeared on MacRumors.com

Discuss this article in our forums