Facebook Policy

Facebook sues analytics firm Rankwave over data misuse

Posted by | Apps, Cambridge Analytica, Facebook, facebook platform, Facebook Policy, lawsuit, Mobile, Policy, Social, TC | No Comments

Facebook might have another Cambridge Analytica on its hands. In a late Friday news dump, Facebook revealed that today it filed a lawsuit alleging South Korean analytics firm Rankwave abused its developer platform’s data, and has refused to cooperate with a mandatory compliance audit and request to delete the data.

Facebook’s lawsuit centers around Rankwave offering to help businesses build a Facebook authorization step into their apps so they can pass all the user data to Rankwave, which then analyzes biographic and behavioral traits to supply user contact info and ad targeting assistance to the business. Rankwave also apparently misused data sucked in by its own consumer app for checking your social media “influencer score”. That app could pull data about your Facebook activity such as location checkins, determine that you’ve checked into a baseball stadium, and then Rankwave could help its clients target you with ads for baseball tickets.

The use of a seemingly fun app to slurp up user data and repurpose it for other business goals is strikingly similar to how Cambridge Analytica’s personality quiz app tempted millions of users to provide data about themselves and their friends.

Rankwave touts its Facebook data usage in this 2014 pitch deck

TechCrunch has attained a copy of the lawsuit that alleges that Rankwave misused Facebook data outside of the apps where it was collected, purposefully delayed responding to a cease-and-desist order, claimed it didn’t violate Facebook policy, lied about not using its apps since 2018 when they were accessed in April 2019, and then refused to comply with a mandatory audit of its data practices. Facebook Platform data is not supposed to be repurposed for other business goals, only for the developer to improve their app’s user experience.

“By filing the lawsuit, we are sending a message to developers that Facebook is serious about enforcing our policies, including requiring developers to cooperate with us during an investigation” Facebook’s director of platform enforcement and litigation Jessica Romero wrote. Facebook tells TechCrunch that “To date Rankwave has not participated in our investigation and we are trying to get more info from them to determine if there was any misuse of Pages data.” We’ve reached out to Rankwave for its response.

Cambridge Analytic-ish

Facebook’s lawsuit details that “Rankwave used the Facebook data associated with Rankwave’s apps to create and sell advertising and marketing analytics and models — which violated Facebook’s policies and terms” and that it “failed to comply with Facebook’s requests for proof of Rankwave’s compliance with Facebook policies, including an audit.” Rankwave apparently accessed data from over thirty apps, including those created by its clients.

Specifically, Facebook cites that its “Platform Policies largely restrict Developers from using Facebook data outside of the environment of the app, for any purpose other than enhancing the app users’ experience on the app.” But Rankwave allegedly used Facebook data outside those apps.

Rankwave describes how it extracts contact info and ad targeting data from Facebook data

Facebook’s suit claims that “Rankwave’s B2B apps were installed and used by businesses to track and analyze activity on their Facebook Pages . . . Rankwave operated a consumer app called the ‘Rankwave App.’ This consumer app was designed to measure the app user’s popularity on Facebook by analyzing the level of interaction that other users had with the app user’s Facebook posts. On its website, Rankwave claimed that this app calculated a user’s ‘Social influence score’ by ‘evaluating your social activities’ and receiving ‘responses from your friends.’”

TechCrunch has found that Rankwave still offers an Android app that asks for you to login with Facebook so it can assess the popularity of your posts and give you a “Social Influencer Score”. Until 2015 when Facebook tightened its policies, this kind of app could ingest not only a user’s own data but that about their Facebook friends. As with Cambridge Analytica, this likely massively compounded Rankwave’s total data access.

Rankwave’s Android app asks for users’ Facebook data in exchange for providing them a Social Influencer Score

Facebook Delays Coming After Rankwave

Founded in 2012 by Sungwha Shim, Rankwave came into Facebook’s crosshairs in June 2018 after it was sold to a Korean entertainment company in May 2017. Facebook assesses that the value of its data at the time of the buyout was $9.8 million.

Worryingly, Facebook didn’t reach out to Rankwave until January 2019 for information proving it complied with the social network’s policies. After receiving no response, Facebook issued a cease-and-desist order in February, which Rankwave replied to seeking more time because it’s CTO had resigned, which Facebook calls “false representations”. Later that month, Rankwave denied violating Facebook’s policies but refused to provide proof. Facebook gave it more time to provide proof, but Rankwave didn’t respond. Facebook has now shut down Rankwave’s apps.

Rankwave claims to be able to extract a wide array of ad targeting data from Facebook data

Now Facebook is seeking money to cover the $9.8 million value of the data, additional monetary damages and legal fees, plus injunctive relief restraining Rankwave from accessing the Facebook Platform, requiring it to comply with Facebook’s audit, requiring that it delete all Facebook data.

The fact that Rankwave was openly promoting these services that blatantly violate Facebook’s policies casts further doubt on how the social network was policing its platform. And the six month delay between Facebook identifying a potential issue with Rankwave and it even reaching out for information, plus another several months before it blocked Rankwave’s app shows a failure to move swiftly to enforce its policies. These blunders might explain why Facebook buried the news by announcing it on a Friday afternoon when many reporters and readers have already signed off for the weekend.

For now there’s no evidence of wholesale transfer of Rankwave’s data to other parties or its misuse for especially nefarious purposes like influencing an election as with Cambridge Analytica. The lawsuit merely alleges data was wrongly harnessed to make money, which may not spur the same level of backlash. But the case further proves that Facebook was too busy growing itself thanks to the platform to properly safeguard it against abuse.

You can learn more about Rankwave’s analytics practices from this 2014 presentation.

Powered by WPeMatico

Instagram now demotes vaguely ‘inappropriate’ content

Posted by | Apps, Facebook, Facebook Policy, instagram, Instagram Policy, Mobile, Policy, Social, TC | No Comments

Instagram is home to plenty of scantily clad models and edgy memes that may start to get fewer views starting today. Now Instagram says, “We have begun reducing the spread of posts that are inappropriate but do not go against Instagram’s Community Guidelines.” That means if a post is sexually suggestive, but doesn’t depict a sex act or nudity, it could still get demoted. Similarly, if a meme doesn’t constitute hate speech or harassment, but is considered in bad taste, lewd, violent or hurtful, it could get fewer views.

Specifically, Instagram says, “this type of content may not appear for the broader community in Explore or hashtag pages,” which could severely hurt the ability of creators to gain new followers. The news came amidst a flood of “Integrity” announcements from Facebook to safeguard its family of apps revealed today at a press event at the company’s Menlo Park headquarters.

“We’ve started to use machine learning to determine if the actual media posted is eligible to be recommended to our community,” Instagram’s product lead for Discovery, Will Ruben, said. Instagram is now training its content moderators to label borderline content when they’re hunting down policy violations, and Instagram then uses those labels to train an algorithm to identify.

These posts won’t be fully removed from the feed, and Instagram tells me for now the new policy won’t impact Instagram’s feed or Stories bar. But Facebook CEO Mark Zuckerberg’s November manifesto described the need to broadly reduce the reach of this “borderline content,” which on Facebook would mean being shown lower in News Feed. That policy could easily be expanded to Instagram in the future. That would likely reduce the ability of creators to reach their existing fans, which can impact their ability to monetize through sponsored posts or direct traffic to ways they make money like Patreon.

Facebook’s Henry Silverman explained that, “As content gets closer and closer to the line of our Community Standards at which point we’d remove it, it actually gets more and more engagement. It’s not something unique to Facebook but inherent in human nature.” The borderline content policy aims to counteract this incentive to toe the policy line. Just because something is allowed on one of our apps doesn’t mean it should show up at the top of News Feed or that it should be recommended or that it should be able to be advertised,” said Facebook’s head of News Feed Integrity, Tessa Lyons.

This all makes sense when it comes to clickbait, false news and harassment, which no one wants on Facebook or Instagram. But when it comes to sexualized but not explicit content that has long been uninhibited and in fact popular on Instagram, or memes or jokes that might offend some people despite not being abusive, this is a significant step up of censorship by Facebook and Instagram.

Creators currently have no guidelines about what constitutes borderline content — there’s nothing in Instagram’s rules or terms of service that even mention non-recommendable content or what qualifies. The only information Instagram has provided was what it shared at today’s event. The company specified that violent, graphic/shocking, sexually suggestive, misinformation and spam content can be deemed “non-recommendable” and therefore won’t appear on Explore or hashtag pages.

[Update: After we published, Instagram posted to its Help Center a brief note about its borderline content policy, but with no visual examples, mentions of impacted categories other than sexually suggestive content, or indications of what qualifies content as “inappropriate.” So officially, it’s still leaving users in the dark.]

Instagram denied an account from a creator claiming that the app reduced their feed and Stories reach after one of their posts that actually violates the content policy taken down.

One female creator with around a half-million followers likened receiving a two-week demotion that massively reduced their content’s reach to Instagram defecating on them. “It just makes it like, ‘Hey, how about we just show your photo to like 3 of your followers? Is that good for you? . . . I know this sounds kind of tin-foil hatty but . . . when you get a post taken down or a story, you can set a timer on your phone for two weeks to the godd*mn f*cking minute and when that timer goes off you’ll see an immediate change in your engagement. They put you back on the Explore page and you start getting followers.”

As you can see, creators are pretty passionate about Instagram demoting their reach. Instagram’s Will Ruben said regarding the feed/Stories reach reduction: No, that’s not happening. We distinguish between feed and surfaces where you’ve taken the choice to follow somebody, and Explore and hashtag pages where Instagram is recommending content to people.”

The questions now are whether borderline content demotions are ever extended to Instagram’s feed and Stories, and how content is classified as recommendable, non-recommendable or violating. With artificial intelligence involved, this could turn into another situation where Facebook is seen as shirking its responsibilities in favor of algorithmic efficiency — but this time in removing or demoting too much content rather than too little.

Given the lack of clear policies to point to, the subjective nature of deciding what’s offensive but not abusive, Instagram’s 1 billion user scale and its nine years of allowing this content, there are sure to be complaints and debates about fair and consistent enforcement.

Powered by WPeMatico

Zuckerberg wants messages to auto-expire to make Facebook a ‘living room’

Posted by | Apps, encryption, end-to-end encryption, Facebook, facebook messenger, Facebook Policy, facebook privacy, instagram, Mark Zuckerberg, Mobile, Policy, privacy, Social, TC, WhatsApp | No Comments

On feed-based “broader social networks, where people can accumulate friends or followers until the services feel more public . . . it feels more like a town square than a more intimate space like a living room” Facebook CEO Mark Zuckerberg explained in a blog post today. With messaging, groups, and ephemeral stories as the fastest growing social features, Zuckerberg laid out why he’s rethinking Facebook as a private living room where people can be comfortable being themselves without fear of hackers, government spying, and embarrassment from old content — all without encryption allowing bad actors to hide their crimes.

Perhaps this will just be more lip service in a time of PR crisis for Facebook. But with the business imperative fueled by social networking’s shift away from permanent feed broadcasting, Facebook can espouse the philosophy of privacy while in reality servicing its shareholders and bottom line. It’s this alignment that actually spurs product change. We saw Facebook’s agility with last year’s realization that a misinformation- and hate-plagued platform wouldn’t survive long-term so it had to triple its security and moderation staff. And in 2017, recognizing the threat of Stories, it implemented them across its apps. Now Facebook might finally see the dollar signs within privacy.

The New York Times’ Mike Isaac recently reported that Facebook planned to unify its Facebook, WhatsApp, and Instagram messaging infrastructure to allow cross-app messaging and end-to-end encryption. And Zuckerberg discussed this and the value of ephemerality on the recent earnings call. But now Zuckerberg has roadmapped a clearer slate of changes and policies to turn Facebook into a living room:

-Facebook will let users opt in to the ability to send or receive messages across Facebook, WhatsApp, and Instagram

-Facebook wants to expand that interoperability to SMS on Android

-Zuckerberg wants to make ephemerality automatic on messaging threads, so chats disappear by default after a month or year, with users able to control that or put timers on individual messages.

-Facebook plans to limit how long it retains metadata on messages once it’s no longer needed for spam or safety protections

-Facebook will extend end-to-end encryption across its messaging apps but use metadata and other non-content signals to weed out criminals using privacy to hide their misdeeds.

-Facebook won’t store data in countries with a bad track record of privacy abuse such as Russia, even if that means having to shut down or postpone operations in a country

You can read the full blog post from Zuckerberg below:

A Privacy-Focused Vision for Social Networking

My focus for the last couple of years has been understanding and addressing the biggest challenges facing Facebook. This means taking positions on important issues concerning the future of the internet. In this note, I’ll outline our vision and principles around building a privacy-focused messaging and social networking platform. There’s a lot to do here, and we’re committed to working openly and consulting with experts across society as we develop this.

Over the last 15 years, Facebook and Instagram have helped people connect with friends, communities, and interests in the digital equivalent of a town square. But people increasingly also want to connect privately in the digital equivalent of the living room. As I think about the future of the internet, I believe a privacy-focused communications platform will become even more important than today’s open platforms. Privacy gives people the freedom to be themselves and connect more naturally, which is why we build social networks.

Today we already see that private messaging, ephemeral stories, and small groups are by far the fastest growing areas of online communication. There are a number of reasons for this. Many people prefer the intimacy of communicating one-on-one or with just a few friends. People are more cautious of having a permanent record of what they’ve shared. And we all expect to be able to do things like payments privately and securely.

Public social networks will continue to be very important in people’s lives — for connecting with everyone you know, discovering new people, ideas and content, and giving people a voice more broadly. People find these valuable every day, and there are still a lot of useful services to build on top of them. But now, with all the ways people also want to interact privately, there’s also an opportunity to build a simpler platform that’s focused on privacy first.

I understand that many people don’t think Facebook can or would even want to build this kind of privacy-focused platform — because frankly we don’t currently have a strong reputation for building privacy protective services, and we’ve historically focused on tools for more open sharing. But we’ve repeatedly shown that we can evolve to build the services that people really want, including in private messaging and stories.

I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won’t stick around forever. This is the future I hope we will help bring about.

We plan to build this the way we’ve developed WhatsApp: focus on the most fundamental and private use case — messaging — make it as secure as possible, and then build more ways for people to interact on top of that, including calls, video chats, groups, stories, businesses, payments, commerce, and ultimately a platform for many other kinds of private services.

This privacy-focused platform will be built around several principles:

Private interactions. People should have simple, intimate places where they have clear control over who can communicate with them and confidence that no one else can access what they share.

Encryption. People’s private communications should be secure. End-to-end encryption prevents anyone — including us — from seeing what people share on our services.

Permanence. People should be comfortable being themselves, and should not have to worry about what they share coming back to hurt them later. So we won’t keep messages or stories around for longer than necessary to deliver the service or longer than people want it.

Safety. People should expect that we will do everything we can to keep them safe on our services within the limits of what’s possible in an encrypted service.

Interoperability. People should be able to use any of our apps to reach their friends, and they should be able to communicate across networks easily and securely.

Secure data storage. People should expect that we won’t store sensitive data in countries with weak records on human rights like privacy and freedom of expression in order to protect data from being improperly accessed.

Over the next few years, we plan to rebuild more of our services around these ideas. The decisions we’ll face along the way will mean taking positions on important issues concerning the future of the internet. We understand there are a lot of tradeoffs to get right, and we’re committed to consulting with experts and discussing the best way forward. This will take some time, but we’re not going to develop this major change in our direction behind closed doors. We’re going to do this as openly and collaboratively as we can because many of these issues affect different parts of society.

Private Interactions as a Foundation

For a service to feel private, there must never be any doubt about who you are communicating with. We’ve worked hard to build privacy into all our products, including those for public sharing. But one great property of messaging services is that even as your contacts list grows, your individual threads and groups remain private. As your friends evolve over time, messaging services evolve gracefully and remain intimate.

This is different from broader social networks, where people can accumulate friends or followers until the services feel more public. This is well-suited to many important uses — telling all your friends about something, using your voice on important topics, finding communities of people with similar interests, following creators and media, buying and selling things, organizing fundraisers, growing businesses, or many other things that benefit from having everyone you know in one place. Still, when you see all these experiences together, it feels more like a town square than a more intimate space like a living room.

There is an opportunity to build a platform that focuses on all of the ways people want to interact privately. This sense of privacy and intimacy is not just about technical features — it is designed deeply into the feel of the service overall. In WhatsApp, for example, our team is obsessed with creating an intimate environment in every aspect of the product. Even where we’ve built features that allow for broader sharing, it’s still a less public experience. When the team built groups, they put in a size limit to make sure every interaction felt private. When we shipped stories on WhatsApp, we limited public content because we worried it might erode the feeling of privacy to see lots of public content — even if it didn’t actually change who you’re sharing with.

In a few years, I expect future versions of Messenger and WhatsApp to become the main ways people communicate on the Facebook network. We’re focused on making both of these apps faster, simpler, more private and more secure, including with end-to-end encryption. We then plan to add more ways to interact privately with your friends, groups, and businesses. If this evolution is successful, interacting with your friends and family across the Facebook network will become a fundamentally more private experience.

Encryption and Safety

People expect their private communications to be secure and to only be seen by the people they’ve sent them to — not hackers, criminals, over-reaching governments, or even the people operating the services they’re using.

There is a growing awareness that the more entities that have access to your data, the more vulnerabilities there are for someone to misuse it or for a cyber attack to expose it. There is also a growing concern among some that technology may be centralizing power in the hands of governments and companies like ours. And some people worry that our services could access their messages and use them for advertising or in other ways they don’t expect.

End-to-end encryption is an important tool in developing a privacy-focused social network. Encryption is decentralizing — it limits services like ours from seeing the content flowing through them and makes it much harder for anyone else to access your information. This is why encryption is an increasingly important part of our online lives, from banking to healthcare services. It’s also why we built end-to-end encryption into WhatsApp after we acquired it.

In the last year, I’ve spoken with dissidents who’ve told me encryption is the reason they are free, or even alive. Governments often make unlawful demands for data, and while we push back and fight these requests in court, there’s always a risk we’ll lose a case — and if the information isn’t encrypted we’d either have to turn over the data or risk our employees being arrested if we failed to comply. This may seem extreme, but we’ve had a case where one of our employees was actually jailed for not providing access to someone’s private information even though we couldn’t access it since it was encrypted.

At the same time, there are real safety concerns to address before we can implement end-to-end encryption across all of our messaging services. Encryption is a powerful tool for privacy, but that includes the privacy of people doing bad things. When billions of people use a service to connect, some of them are going to misuse it for truly terrible things like child exploitation, terrorism, and extortion. We have a responsibility to work with law enforcement and to help prevent these wherever we can. We are working to improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can’t see the content of the messages, and we will continue to invest in this work. But we face an inherent tradeoff because we will never find all of the potential harm we do today when our security systems can see the messages themselves.

Finding the right ways to protect both privacy and safety is something societies have historically grappled with. There are still many open questions here and we’ll consult with safety experts, law enforcement and governments on the best ways to implement safety measures. We’ll also need to work together with other platforms to make sure that as an industry we get this right. The more we can create a common approach, the better.

On balance, I believe working towards implementing end-to-end encryption for all private communications is the right thing to do. Messages and calls are some of the most sensitive private conversations people have, and in a world of increasing cyber security threats and heavy-handed government intervention in many countries, people want us to take the extra step to secure their most private data. That seems right to me, as long as we take the time to build the appropriate safety systems that stop bad actors as much as we possibly can within the limits of an encrypted service. We’ve started working on these safety systems building on the work we’ve done in WhatsApp, and we’ll discuss them with experts through 2019 and beyond before fully implementing end-to-end encryption. As we learn more from those experts, we’ll finalize how to roll out these systems.

Reducing Permanence

We increasingly believe it’s important to keep information around for shorter periods of time. People want to know that what they share won’t come back to hurt them later, and reducing the length of time their information is stored and accessible will help.

One challenge in building social tools is the “permanence problem”. As we build up large collections of messages and photos over time, they can become a liability as well as an asset. For example, many people who have been on Facebook for a long time have photos from when they were younger that could be embarrassing. But people also really love keeping a record of their lives. And if all posts on Facebook and Instagram disappeared, people would lose access to a lot of valuable knowledge and experiences others have shared.

I believe there’s an opportunity to set a new standard for private communication platforms — where content automatically expires or is archived over time. Stories already expire after 24 hours unless you archive them, and that gives people the comfort to share more naturally. This philosophy could be extended to all private content.

For example, messages could be deleted after a month or a year by default. This would reduce the risk of your messages resurfacing and embarrassing you later. Of course you’d have the ability to change the timeframe or turn off auto-deletion for your threads if you wanted. And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.

It also makes sense to limit the amount of time we store messaging metadata. We use this data to run our spam and safety systems, but we don’t always need to keep it around for a long time. An important part of the solution is to collect less personal data in the first place, which is the way WhatsApp was built from the outset.

Interoperability

People want to be able to choose which service they use to communicate with people. However, today if you want to message people on Facebook you have to use Messenger, on Instagram you have to use Direct, and on WhatsApp you have to use WhatsApp. We want to give people a choice so they can reach their friends across these networks from whichever app they prefer.

We plan to start by making it possible for you to send messages to your contacts using any of our services, and then to extend that interoperability to SMS too. Of course, this would be opt-in and you will be able to keep your accounts separate if you’d like.

There are privacy and security advantages to interoperability. For example, many people use Messenger on Android to send and receive SMS texts. Those texts can’t be end-to-end encrypted because the SMS protocol is not encrypted. With the ability to message across our services, however, you’d be able to send an encrypted message to someone’s phone number in WhatsApp from Messenger.

This could also improve convenience in many experiences where people use Facebook or Instagram as their social network and WhatsApp as their preferred messaging service. For example, lots of people selling items on Marketplace list their phone number so people can message them about buying it. That’s not ideal, because you’re giving strangers your phone number. With interoperability, you’d be able to use WhatsApp to receive messages sent to your Facebook account without sharing your phone number — and the buyer wouldn’t have to worry about whether you prefer to be messaged on one network or the other.

You can imagine many simple experiences — a person discovers a business on Instagram and easily transitions to their preferred messaging app for secure payments and customer support; another person wants to catch up with a friend and can send them a message that goes to their preferred app without having to think about where that person prefers to be reached; or you simply post a story from your day across both Facebook and Instagram and can get all the replies from your friends in one place.

You can already send and receive SMS texts through Messenger on Android today, and we’d like to extend this further in the future, perhaps including the new telecom RCS standard. However, there are several issues we’ll need to work through before this will be possible. First, Apple doesn’t allow apps to interoperate with SMS on their devices, so we’d only be able to do this on Android. Second, we’d need to make sure interoperability doesn’t compromise the expectation of encryption that people already have using WhatsApp. Finally, it would create safety and spam vulnerabilities in an encrypted system to let people send messages from unknown apps where our safety and security systems couldn’t see the patterns of activity.

These are significant challenges and there are many questions here that require further consultation and discussion. But if we can implement this, we can give people more choice to use their preferred service to securely reach the people they want.

Secure Data Storage

People want to know their data is stored securely in places they trust. Looking at the future of the internet and privacy, I believe one of the most important decisions we’ll make is where we’ll build data centers and store people’s sensitive data.

There’s an important difference between providing a service in a country and storing people’s data there. As we build our infrastructure around the world, we’ve chosen not to build data centers in countries that have a track record of violating human rights like privacy or freedom of expression. If we build data centers and store sensitive data in these countries, rather than just caching non-sensitive data, it could make it easier for those governments to take people’s information.

Upholding this principle may mean that our services will get blocked in some countries, or that we won’t be able to enter others anytime soon. That’s a tradeoff we’re willing to make. We do not believe storing people’s data in some countries is a secure enough foundation to build such important internet infrastructure on.

Of course, the best way to protect the most sensitive data is not to store it at all, which is why WhatsApp doesn’t store any encryption keys and we plan to do the same with our other services going forward.

But storing data in more countries also establishes a precedent that emboldens other governments to seek greater access to their citizen’s data and therefore weakens privacy and security protections for people around the world. I think it’s important for the future of the internet and privacy that our industry continues to hold firm against storing people’s data in places where it won’t be secure.

Next Steps

Over the next year and beyond, there are a lot more details and trade-offs to work through related to each of these principles. A lot of this work is in the early stages, and we are committed to consulting with experts, advocates, industry partners, and governments — including law enforcement and regulators — around the world to get these decisions right.

At the same time, working through these principles is only the first step in building out a privacy-focused social platform. Beyond that, significant thought needs to go into all of the services we build on top of that foundation — from how people do payments and financial transactions, to the role of businesses and advertising, to how we can offer a platform for other private services.

But these initial questions are critical to get right. If we do this well, we can create platforms for private sharing that could be even more important to people than the platforms we’ve already built to help people share and connect more openly.

Doing this means taking positions on some of the most important issues facing the future of the internet. As a society, we have an opportunity to set out where we stand, to decide how we value private communications, and who gets to decide how long and where data should be stored.

I believe we should be working towards a world where people can speak privately and live freely knowing that their information will only be seen by who they want to see it and won’t all stick around forever. If we can help move the world in this direction, I will be proud of the difference we’ve made.

Powered by WPeMatico

Facebook admits 18% of Research spyware users were teens, not

Posted by | Apple, Apps, Certifigate, Facebook, Facebook Policy, facebook privacy, facebook research, Facebook Researchgate, Facebook Teens, Government, mark warner, Mobile, Social, TC | No Comments

Facebook has changed its story after initially trying to downplay how it targeted teens with its Research program that a TechCrunch investigation revealed was paying them gift cards to monitor all their mobile app usage and browser traffic. “Less than 5 percent of the people who chose to participate in this market research program were teens” a Facebook spokesperson told TechCrunch and many other news outlets in a damage control effort 7 hours after we published our report on January 29th. At the time,  Facebook claimed that it had removed its Research app from iOS. The next morning we learned that wasn’t true, as Apple had already forcibly blocked the Facebook Research app for violating its Enterprise Certificate program that supposed to reserved for companies distributing internal apps to employees.

It turns out that wasn’t the only time Facebook deceived the public in its response regarding the Research VPN scandal. TechCrunch has obtained Facebook’s unpublished February 21st response to questions about the Research program in a letter from Senator Mark Warner, who wrote to CEO Mark Zuckerberg that “Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me.”

In the response from Facebook’s VP of US public policy Kevin Martin, the company admits that (emphasis ours) “At the time we ended the Facebook Research App on Apple’s iOS platform, less than 5 percent of the people sharing data with us through this program were teens. Analysis shows that number is about 18 percent when you look at the complete lifetime of the program, and also add people who had become inactive and uninstalled the app.” So 18 percent of research testers were teens. It was only less than 5 percent when Facebook got caught. Given users age 13 to 35 were eligible for Facebook’s Research program, 13 to 18 year olds made of 22 percent of the age range. That means Facebook clearly wasn’t trying to minimize teen involvement, nor were they just a tiny fraction of users.

WASHINGTON, DC – APRIL 10: Facebook co-founder, Chairman and CEO Mark Zuckerberg testifies before a combined Senate Judiciary and Commerce committee hearing in the Hart Senate Office Building on Capitol Hill April 10, 2018 in Washington, DC. (Photo by Chip Somodevilla/Getty Images)

Warner asked Facebook “Do you think any use reasonable understood Facebook was using this data for commercial purposes includingto track competitors?” Facebook response indicates it never told Research users anything about tracking “competitors”, and instead dances around the question. Facebook says the registration process told users the data would help the company “understand how people use mobile apps,” “improve . . . services,” and “introduce new features for millions of people around the world.”

Facebook had also told reporters on January 29th regarding teens’ participation, “All of them with signed parental consent forms.” Yet in its response to Senator Warner, Facebook admitted that “Potential participants were required to confirm that they were over 18 or provide other evidence of parental consent, though the vendors did not require a signed parental consent form for teen users.” In some cases, underage users merely had to check a box to claim they had parental consent, and there was no verification of users’ ages or that their parents actually approved.

So to quickly recap:

Facebook targeted teens with ads on Instagram and Snapchat to join the Research program without revealing its involvement

The contradictions between Facebook’s initial response to reporters and what it told Warner, who has the power to pursue regulation of the the tech giant, shows Facebook willingness to move fast and play loose with the truth when it’s less accountable. It’s no wonder the company never shared the response with TechCrunch or posted a blog post or press release about it.

Facebook’s attempt to minimize the issue in the wake of backlash exemplifies the trend of of the social network’s “reactionary” PR strategy that employees described to BuzzFeed’s Ryan Mac. The company often views its scandals as communications errors rather than actual product screwups or as signals of deep-seeded problems with Facebook’s respect for privacy. Facebook needs to learn to take its lumps, change course, and do better rather than constantly trying to challenge details of negative press about it, especially before it has all the necessary information. Until then, the never-ending news cycle of Facebook’s self-made disasters will continue.

Below is Facebook’s full response to Senator Warner’s inquiry, and following that is Warner’s original letter to Mark Zuckerberg.



Additional reporting by Krystal Hu

Powered by WPeMatico

Highlights & transcript from Zuckerberg’s 20K-word ethics talk

Posted by | Advertising Tech, Apps, Developer, Facebook, Facebook Policy, Facebook Politics, facebook privacy, Government, Mark Zuckerberg, Media, Mobile, Policy, Social, Talent, TC | No Comments

Mark Zuckerberg says it might be right for Facebook to let people pay to not see ads, but that it would feel wrong to charge users for extra privacy controls. That’s just one of the fascinating philosophical views the CEO shared during the first of his public talks he’s promised as part of his 2019 personal challenge.

Talking to Harvard Law and computer science professor Jonathan Zittrain on the campus of the university he dropped out of, Zuckerberg managed to escape the 100-minute conversation with just a few gaffes. At one point he said “we definitely don’t want a society where there’s a camera in everyone’s living room watching the content of those conversations”. Zittrain swiftly reminded him that’s exactly what Facebook Portal is, and Zuckerberg tried to deflect by saying Portal’s recordings would be encrypted.

Later Zuckerberg mentioned “the ads, in a lot of places are not even that different from the organic content in terms of the quality of what people are being able to see” which is pretty sad and derisive assessment of the personal photos and status updates people share. And when he suggested crowdsourced fact-checking, Zittrain chimed in that this could become an avenue for “astroturfing” where mobs of users provide purposefully biased information to promote their interests, like a political group’s supporting voting that their opponents’ facts are lies. While sometimes avoiding hard stances on questions, Zuckerberg was otherwise relatively logical and coherent.

Policy And Cooperating With Governments

The CEO touched on his borderline content policy that quietly demotes posts that come close to breaking its policy against nudity, hate speech etc that otherwise are the most sensational and get the most distribution but don’t make people feel good. Zuckerberg noted some progress here, saying “a lot of the things that we’ve done in the last year were focused on that problem and it really improves the quality of the service and people appreciate that.”

This aligns with Zuckerberg contemplating Facebook’s role as a “data fiduciary” where rather than necessarily giving in to users’ urges or prioritizing its short-term share price, the company tries to do what’s in the best long-term interest of its communities. “There’s a hard balance here which is — I mean if you’re talking about what people want to want versus what they want– you know, often people’s revealed preferences of what they actually do shows a deeper sense of what they want than what they think they want to want” he said. Essentially, people might tap on clickbait even if it doesn’t make them feel good.

On working with governments, Zuckerberg explained how incentives weren’t always aligned, like when law enforcement is monitoring someone accidentally dropping clues about their crimes and collaborators. The government and society might benefit from that continued surveillance but Facebook might want to immediately suspend the account if it found out. “But as you build up the relationships and trust, you can get to that kind of a relationship where they can also flag for you, ‘Hey, this is where we’re at’”, implying Facebook might purposefully allow that person to keep incriminating themselves to assist the authorities.

But disagreements between governments can flare up, Zuckerberg notes that “we’ve had employees thrown in jail because we have gotten court orders that we have to turnover data that we wouldn’t probably anyway, but we can’t because it’s encrypted.” That’s likely a reference to the 2016 arrest of Facebook’s VP for Latin Amercia Diego Dzodan over WhatsApp’s encryption preventing the company from providing evidence for a drug case.

Decentralizing Facebook

The tradeoffs of encryption and decentralization were a central theme. He discussed how while many people fear how encryption could mask illegal or offensive activity, Facebook doesn’t have to peek at someone’s actual content to determine they’re violating policy. “One of the — I guess, somewhat surprising to me — findings of the last couple of years of working on content governance and enforcement is that it often is much more effective to identify fake accounts and bad actors upstream of them doing something bad by patterns of activity rather than looking at the content” Zuckerberg said.

With Facebook rapidly building out a blockchain team to potentially launch a cryptocurrency for fee-less payments or an identity layer for decentralized applications, Zittrain asked about the potential for letting users control which other apps they give their profile information to without Facebook as an intermediary.

SAN JOSE, CA – MAY 01: Facebook CEO Mark Zuckerberg (Photo by Justin Sullivan/Getty Images)

Zuckerberg stressed that at Facebook’s scale, moving to a less efficient distributed architecture would be extremely “computationally intense” though it might eventually be possible. Instead, he said “One of the things that I’ve been thinking about a lot is a use of blockchain that I am potentially interesting in– although I haven’t figured out a way to make this work out, is around authentication and bringing– and basically granting access to your information and to different services. So, basically, replacing the notion of what we have with Facebook Connect with something that’s fully distributed.” This might be attractive to developers who would know Facebook couldn’t cut them off from the users.

The problem is that if a developer was abusing users, Zuckerberg fears that “in a fully distributed system there would be no one who could cut off the developers’ access. So, the question is if you have a fully distributed system, it dramatically empowers individuals on the one hand, but it really raises the stakes and it gets to your questions around, well, what are the boundaries on consent and how people can really actually effectively know that they’re giving consent to an institution?”

No “Pay For Privacy”

But perhaps most novel and urgent were Zuckerberg’s comments on the secondary questions raised by where Facebook should let people pay to remove ads. “You start getting into a principle question which is ‘are we going to let people pay to have different controls on data use than other people?’ And my answer to that is a hard no.” Facebook has promised to always operate free version so everyone can have a voice. Yet some including myself have suggested that a premium ad-free subscription to Facebook could help ween it off maximizing data collection and engagement, though it might break Facebook’s revenue machine by pulling the most affluent and desired users out of the ad targeting pool.

“What I’m saying is on the data use, I don’t believe that that’s something that people should buy. I think the data principles that we have need to be uniformly available to everyone. That to me is a really important principle” Zuckerberg expands. “It’s, like, maybe you could have a conversation about whether you should be able to pay and not see ads. That doesn’t feel like a moral question to me. But the question of whether you can pay to have different privacy controls feels wrong.”

Back in May, Zuckerberg announced Facebook would build a Clear History button in 2018 that deletes all the web browsing data the social network has collected about you, but that data’s deep integration into the company’s systems has delayed the launch. Research suggests users don’t want the inconvenience of getting logged out of all their Facebook Connected services, though, they’d like to hide certain data from the company.

“Clear history is a prerequisite, I think, for being able to do anything like subscriptions. Because, like, partially what someone would want to do if they were going to really actually pay for a not ad supported version where their data wasn’t being used in a system like that, you would want to have a control so that Facebook didn’t have access or wasn’t using that data or associating it with your account. And as a principled matter, we are not going to just offer a control like that to people who pay.”

Of all the apologies, promises, and predictions Zuckerberg has made recently, this pledge might instill the most confidence. While some might think of Zuckerberg as a data tyrant out to absorb and exploit as much of our personal info as possible, there are at least lines he’s not willing to cross. Facebook could try to charge you for privacy, but it won’t. And given Facebook’s dominance in social networking and messaging plus Zuckerberg’s voting control of the company, a greedier man could make the internet much worse.

TRANSCRIPT – MARK ZUCKERBERG AT HARVARD / FIRST PERSONAL CHALLENGE 2019

Jonathan Zittrain: Very good. So, thank you, Mark, for coming to talk to me and to our students from the Techtopia program and from my “Internet and Society” course at Harvard Law School. We’re really pleased to have a chance to talk about any number of issues and we should just dive right in. So, privacy, autonomy, and information fiduciaries.

Mark Zuckerberg: All right!

Jonathan Zittrain: Love to talk about that.

Mark Zuckerberg: Yeah! I read your piece in The New York Times.

Jonathan Zittrain: The one with the headline that said, “Mark Zuckerberg can fix this mess”?

Mark Zuckerberg: Yeah.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: Although that was last year.

Jonathan Zittrain: That’s true! Are you suggesting it’s all fixed?

Mark Zuckerberg: No. No.

Jonathan Zittrain: Okay, good. So–

Jonathan Zittrain: I’m suggesting that I’m curious whether you still think that we can fix this mess?

Jonathan Zittrain: Ah!

Jonathan Zittrain: I hope–

Jonathan Zittrain: “Hope springs eternal”–

Mark Zuckerberg: Yeah, there you go.

Jonathan Zittrain: –is my motto. So, all right, let me give a quick characterization of this idea that the coinage and the scaffolding for it is from my colleague, Jack Balkin, at Yale. And the two of us have been developing it out further. There are a standard number of privacy questions with which you might have some familiarity, having to do with people conveying information that they know they’re conveying or they’re not so sure they are, but “mouse droppings” as we used to call them when they run in the rafters of the Internet and leave traces. And then the standard way of talking about that is you want to make sure that that stuff doesn’t go where you don’t want it to go. And we call that “informational privacy”. We don’t want people to know stuff that we want maybe our friends only to know. And on a place like Facebook, you’re supposed to be able to tweak your settings and say, “Give them to this and not to that.” But there’s also ways in which stuff that we share with consent could still sort of be used against us and it feels like, “Well, you consented,” may not end the discussion. And the analogy that my colleague Jack brought to bear was one of a doctor and a patient or a lawyer and a client or– sometimes in America, but not always– a financial advisor and a client that says that those professionals have certain expertise, they get trusted with all sorts of sensitive information from their clients and patients and, so, they have an extra duty to act in the interests of those clients even if their own interests conflict. And, so, maybe just one quick hypo to get us started. I wrote a piece in 2014, that maybe you read, that was a hypothetical about elections in which it said, “Just hypothetically, imagine that Facebook had a view about which candidate should win and they reminded people likely to vote for the favored candidate that it was Election Day,” and to others they simply sent a cat photo. Would that be wrong? And I find– I have no idea if it’s illegal; it does seem wrong to me and it might be that the fiduciary approach captures what makes it wrong.

Mark Zuckerberg: All right. So, I think we could probably spend the whole next hour just talking about that!

Mark Zuckerberg: So, I read your op-ed and I also read Balkin’s blogpost on information fiduciaries. And I’ve had a conversation with him, too.

Jonathan Zittrain: Great.

Mark Zuckerberg: And the– at first blush, kind of reading through this, my reaction is there’s a lot here that makes sense. Right? The idea of us having a fiduciary relationship with the people who use our services is kind of intuitively– it’s how we think about how we’re building what we’re building. So, reading through this, it’s like, all right, you know, a lot of people seem to have this mistaken notion that when we’re putting together news feed and doing ranking that we have a team of people who are focused on maximizing the time that people spend, but that’s not the goal that we give them. We tell people on the team, “Produce the service–” that we think is going to be the highest quality that– we try to ground it in kind of getting people to come in and tell us, right, of the content that we could potentially show what is going to be– they tell us what they want to see, then we build models that kind of– that can predict that, and build that service.

Jonathan Zittrain: And, by the way, was that always the case or–

Mark Zuckerberg: No.

Jonathan Zittrain: –was that a place you got to through some course adjustments?

Mark Zuckerberg: Through course adjustments. I mean, you start off using simpler signals like what people are clicking on in feed, but then you pretty quickly learn, “Hey, that gets you to local optimum,” right? Where if you’re focusing on what people click on and predicting what people click on, then you select for click bait. Right? So, pretty quickly you realize from real feedback, from real people, that’s not actually what people want. You’re not going to build the best service by doing that. So, you bring in people and actually have these panels of– we call it “getting to ground truth”– of you show people all the candidates for what can be shown to them and you have people say, “What’s the most meaningful thing that I wish that this system were showing us? So, all this is kind of a way of saying that our own self image of ourselves and what we’re doing is that we’re acting as fiduciaries and trying to build the best services for people. Where I think that this ends up getting interesting is then the question of who gets to decide in the legal sense or the policy sense of what’s in people’s best interest? Right? So, we come in every day and think, “Hey, we’re building a service where we’re ranking newsfeed trying to show people the most relevant content with an assumption that’s backed by data; that, in general, people want us to show them the most relevant content. But, at some level, you could ask the question which is “Who gets to decide that ranking newsfeed or showing relevant ads?” or any of the other things that we choose to work on are actually in people’s interest. And we’re doing the best that we can to try to build the services [ph?] that we think are the best. At the end of the day, a lot of this is grounded in “People choose to use it.” Right? Because, clearly, they’re getting some value from it. But then there are all these questions like you say about, you have– about where people can effectively give consent and not.

Jonathan Zittrain: Yes.

Mark Zuckerberg: So, I think that there’s a lot of interesting questions in this to unpack about how you’d implement a model like that. But, at a high level I think, you know, one of the things that I think about in terms of we’re running this big company; it’s important in society that people trust the institutions of society. Clearly, I think we’re in a position now where people rightly have a lot of questions about big internet companies, Facebook in particular, and I do think getting to a point there there’s the right regulation and rules in place just provides a kind of societal guardrail framework where people can have confidence that, okay, these companies are operating within a framework that we’ve all agreed. That’s better than them just doing whatever they want. And I think that that would give people confidence. So, figuring out what that framework is, I think, is a really important thing. And I’m sure we’ll talk about that as it relates–

Jonathan Zittrain: Yes.

Mark Zuckerberg: –to a lot of the content areas today. But getting to that question of how do you– “Who determines what’s in people’s best interest, if not people themselves?”Jonathan Zittrain: Yes.

Mark Zuckerberg: –is a really interesting question.

Jonathan Zittrain: Yes, so, we should surely talk about that. So, on our agenda is the “Who decides?” question.

Mark Zuckerberg: All right.

Jonathan Zittrain: Other agenda items include– just as you say, the fiduciary framework sounds nice to you– doctors, patients, Facebook users. And I hear you saying that’s pretty much where you’re wanting to end up anyway. There are some interesting questions about what people want, versus what they want to want.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: People will say “On January 1st, what I want–” New Year’s resolution– “is a gym membership.” And then on January 2nd, they don’t want to go to the gym. They want to want to go to the gym, but they never quite make it. And then, of course, a business model of pay for the whole year ahead of time and they know you’ll never turn up develops around that. And I guess a specific area to delve into for a moment on that might be on the advertising side of things, maybe the dichotomy between personalization and does it ever going into exploitation? Now, there might be stuff– I know Facebook, for example, bans payday loans as best it can.

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: That’s just a substantive area that it’s like, “All right, we don’t want to do that.”

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: But when we think about good personalization so that Facebook knows I have a dog and not a cat, and a targeter can then offer me dog food and not cat food. How about, if not now, a future day in which an advertising platform can offer to an ad targeter some sense of “I just lost my pet, I’m really upset, I’m ready to make some snap decisions that I might regret later, but when I make them–“

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: “–I’m going to make them.” So, this is the perfect time to tee up

Mark Zuckerberg: Yeah.

Jonathan Zittrain: –a Cubic Zirconia or whatever the thing is that– .

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: That seems to me a fiduciary approach would say, ideally– how we get there I don’t know, but ideally we wouldn’t permit that kind of approach to somebody using the information we’ve gleaned from them to know they’re in a tough spot–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: –and then to exploit them. But I don’t know. I don’t know how you would think about something like that. Could you write an algorithm to detect something like that?

Mark Zuckerberg: Well, I think one of the key principles is that we’re trying to run this company for the long term. And I think that people think that a lot of things that– if you were just trying to optimize the profits for next quarter or something like that, you might want to do things that people might like in the near term, but over the long term will come to resent. But if you actually care about building a community and achieving this mission and building the company for the long term, I think you’re just much more aligned than people often think companies are. And it gets back to the idea before, where I think our self image is largely acting as– in this kind of fiduciary relationship as you’re saying– and across– we could probably go through a lot of different examples. I mean, we don’t want to show people content that they’re going to click on and engage with, but then feel like they wasted their time afterwards. Where we don’t want to show them things that they’re going to make a decision based off of that and then regret later. I mean, there’s a hard balance here which is– I mean if you’re talking about what people want to want versus what they want– you know, often people’s revealed preferences of what they actually do shows a deeper sense of what they want than what they think they want to want. So, I think there’s a question between when something is exploitative versus when something is real, but isn’t what you would say that you want.

Jonathan Zittrain: Yes.

Mark Zuckerberg: And that’s a really hard thing to get at.

Jonathan Zittrain: Yes.

Mark Zuckerberg: But on a lot of these cases my experience of running the company is that you start off building a system, you have relatively unsophisticated signals to start, and you build up increasingly complex models over time that try to take into account more of what people care about. And there are all these examples that we can go through. I think probably newsfeed and ads are probably the two most complex ranking examples–

Jonathan Zittrain: Yes.

Mark Zuckerberg: –that we have. But it’s– like we were talking about a second ago, when we started off with the systems, I mean, just start with newsfeeds– but you could do this on ads, too– you know, the most naïve signals, right, are what people click on or what people “Like”. But then you just very quickly realize that that doesn’t– it approximates something, but it’s a very crude approximation of the ground truth of what people actually care about. So, what you really want to get to is as much as possible getting real people to look at the real candidates for content and tell you in a multi-dimensional way what matters to them and try to build systems that model that. And then you want to be kind of conservative on preventing downside. So, your example of the payday loans– and when we’ve talked about this in the past, your– you’ve put the question to me of “How do you know when a payday loan is going to be exploitative?” right? “If you’re targeting someone who is in a bad situation?” And our answer is, “Well, we don’t really know when it’s going to be exploitative, but we think that the whole category potentially has a massive risk of that, so we just ban it–

Jonathan Zittrain: Right. Which makes it an easy case.

Mark Zuckerberg: Yes. And I think that the harder cases are when there’s significant upside and significant downside and you want to weigh both of them. So, I mean, for example, once we started putting together a really big effort on preventing election interference, one of the initial ideas that came up was “Why don’t we just ban all ads that relate to anything that is political?” And they you pretty quickly get into, all right, well, what’s a political ad? The classic legal definition is things that are around elections and candidates, but that’s not actually what Russia and other folks were primarily doing. Right? It’s– you know, a lot of the issues that we’ve seen are around issue ads, right, and basically sewing division on what are social issues. So, all right, I don’t think you’re going to get in the way of people’s speech and ability to promote and do advocacy on issues that they care about. So, then the question is “All right, well, so, then what’s the right balance?” of how do you make sure that you’re providing the right level of controls, that people who aren’t supposed to be participating in these debates aren’t or that at least you’re providing the right transparency. But I think we’ve veered a little bit from the original questionJonathan Zittrain: Yes.

Mark Zuckerberg: –but the– but, yeah. So, let’s get back to where you were

Jonathan Zittrain: Well, here’s– and this is a way of maybe moving it forward, which is: A platform as complete as Facebook is these days offers lots of opportunities to shape what people see and possibly to help them with those nudges, that it’s time to go to the gym or to avoid them from falling into the depredations of the payday loan. And it is a question of so long as the platform to do it, does it now have an ethical obligation to do it, to help people achieve the good life?

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: And I worry that it is too great a burden for any company to bear to have to figure out, say, if not the perfect, the most reasonable newsfeed for every one of the– how many? Two and a half billion active users? Something like that.

Mark Zuckerberg: Yeah. On that order.

Jonathan Zittrain: All the time and there might be some ways that start a little bit to get into the engineering of the thing that would say, “Okay, with all hindsight, are there ways to architect this so that the stakes aren’t as high, aren’t as focused on just, “Gosh, is Facebook doing this right?” It’s as if there was only one newspaper in the whole world or one or two, and it’s like, “Well, then what The New York Times chooses to put on it’s home page, if it were the only newspaper, would have outsize importance.”

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: So, just as a technical matter, a number of the students in this room had a chance to hear from Tim Berners-Lee, inventor of the World Wide Web, and he has a new idea for something called “Solid”. I don’t know if you’ve heard of Solid. It’s a protocol more than it is a product. So, there’s no car to move off the lot today. But its idea is allowing people to have the data that they generate as they motor around the web end up in their own kind of data locker. Now, for somebody like Tim, it might mean literally in a locker under his desk and he could wake up in the middle of the night and see where his data is. For others, it might mean Iraq somewhere, guarded perhaps by a fiduciary who’s looking out for them, the way that we put money in a bank and then we can sleep at night knowing the bankers are– this is maybe not the best analogy in 2019, but watching.

Mark Zuckerberg: We’ll get there.

Jonathan Zittrain: We’ll get there. But Solid says if you did that, people would then– or their helpful proxies– be able to say, “All right, Facebook is coming along. It wants the following data from me and including that data that it has generated about me as I use it, but stored back in my locker and it kind of has to come back to my well to draw water each time. And that way if I want to switch to Schmacebook or something, it’s still in my well and I can just immediately grant permission to Schmacebook to see it and I don’t have to do a kind of data slurp and then re-upload it. It’s a fully distributed way of thinking about data. And I’m curious from an engineering perspective does this seem doable with something of the size and the number of spinning wheels that Facebook has and does it seem like a

Mark Zuckerberg: Yeah–

Jonathan Zittrain: –and I’m curious your reaction to an idea like that.

Mark Zuckerberg: So, I think it’s quite interesting. Certainly, the level of computation that Facebook is doing and all the services that we’re building is really intense to do in a distributed way. I mean, I think as a basic model I think we’re building out the data center capacity over the next five years and our plan for what we think we need to do that we think is on the order of all of what AWS and Google Cloud are doing for supporting all of their customers. So, okay, so, this is like a relatively computationally intense thing.

Over time you assume you’ll get more compute. So, decentralized things which are less efficient computationally will be harder– sorry, they’re harder to do computation on, but eventually maybe you have the compute resources to do that. I think the more interesting questions there are not feasibility in the near term, but are the philosophical questions of the goodness of a system like that.

So, one question if you want to– so, we can get into decentralization, one of the things that I’ve been thinking about a lot is a use of blockchain that I am potentially interesting in– although I haven’t figured out a way to make this work out, is around authentication and bringing– and basically granting access to your information and to different services. So, basically, replacing the notion of what we have with Facebook Connect with something that’s fully distributed.

Jonathan Zittrain: “Do you want to login with your Facebook account?” is the status quo

Mark Zuckerberg: Basically, you take your information, you store it on some decentralized system and you have the choice of whether to login to different places and you’re not going through an intermediary, which is kind of like what you’re suggesting here–

Jonathan Zittrain: Yes.

Mark Zuckerberg: –in a sense. Okay, now, there’s a lot of things that I think would be quite attractive about that. You know, for developers one of the things that is really troubling about working with our system, or Google’s system for that matter, or having your services through Apple’s app store, is that you don’t want to have an intermediary between serving your– the people who are using your service and you, right, where someone can just say, “Hey, we as a developer have to follow your policy and if we don’t, then you can cut off access to the people we’re serving.” That’s kind of a difficult and troubling position to be in. I think developers–

Jonathan Zittrain: –you’re referring to a recent incident.

Mark Zuckerberg: No, well, I was– well, sure

Mark Zuckerberg: But I think it underscores the– I think every developer probably feels this: People are using any app store but also login with Facebook, with Google; any of these services, you want a direct relationship with the people you serve.

Jonathan Zittrain: Yes.

Mark Zuckerberg: Now, okay, but let’s look at the flip side. So, what we saw in the last couple of years with Cambridge Analytica, was basically an example where people chose to take data that they– some of it was their data, some of it was data that they had seen from their friends, right? Because if you want to do things like making it so alternative services can build a competing newsfeed, then you need to be able to make it so that people can bring the data that they see you [ph?] within the system. Okay, theybasically, people chose to give their data to a developer who’s affiliated with Cambridge University, which is a really respected institution, and then that developer turned around and sold the data to the firm Cambridge Analytica, which is in violation of our policies. So, we cut off the developers’ access. And, of course, in a fully distributed system there would be no one who could cut off the developers’ access. So, the question is if you have a fully distributed system, it dramatically empowers individuals on the one hand, but it really raises the stakes and it gets to your questions around, well, what are the boundaries on consent and how people can really actually effectively know that they’re giving consent to an institution?

In some ways it’s a lot easier to regulate and hold accountable large companies like Facebook or Google, because they’re more visible, they’re more transparent than the long tail of services that people would chose to then go interact with directly. So, I think that this is a really interesting social question. To some degree I think this idea of going in the direction of blockchain authentication is less gated on the technology and capacity to do that. I think if you were doing fully decentralized Facebook, that would take massive computation, but I’m sure we could do fully decentralized authentication if we wanted to. I think the real question is do you really want that?

Jonathan Zittrain: Yes.

Mark Zuckerberg: Right? And I think you’d have more cases where, yes, people would be able to not have an intermediary, but you’d also have more cases of abuse and the recourse would be much harder.

Jonathan Zittrain: Yes. What I hear you saying is people as they go about their business online are generating data about themselves that’s quite valuable, if not to themselves, to others who might interact with them. And the more they are empowered, possibly through a distributed system, to decide where that data goes, with whom they want to share it, the more they could be exposed to exploitation. this is a genuine dilemma–

Mark Zuckerberg: Yeah, yeah.

Jonathan Zittrain: –because I’m a huge fan of decentralization.

Mark Zuckerberg: Yeah, yeah.

Jonathan Zittrain: But I also see the problem. And maybe one answer is there’s some data that’s just so toxic there’s no vessel we should put it in; it might eat a whole through it or something, metaphorically speaking. But, then again, innocuous data can so quickly be assembled into something scary. So, I don’t know if the next election–

Mark Zuckerberg: Yeah. [ph?] I mean, I think in general we’re talking about the large-scale of data being assembled into meaning something different from what the individual data points mean.

Jonathan Zittrain: Yes.

Mark Zuckerberg: And I think that’s the whole challenge here. But I philosophically agree with you thatI mean, I want to think about the– like, I do think about the work that we’re doing as a decentralizing force in the world, right? A lot of the reason why I think people of my generation got into technology is because we believe that technology gives individuals power and isn’t massively centralizing. Now you’ve built a bunch of big companies in the process, but I think what has largely happened is that individuals today have more voice, more ability to affiliate with who they want, and stay connected with people, ability to form communities in ways that they couldn’t before, and I think that’s massively empowering to individuals and that’s philosophically kind of the side that I tend to be on. So, that’s why I’m thinking about going back to decentralized or blockchain authentication. That’s why I’m kind of bouncing around how could you potentially make this work, because from my orientation is to try to go in that direction.

Jonathan Zittrain: Yes.

Mark Zuckerberg: An example where I think we’re generally a lot closer to going in that direction is encryption. I mean, this is, like, one of the really big debates today is basically what are the boundaries on where you would want a messaging service to be encrypted. And there are all these benefits from a privacy and security perspective, but, on the other hand, if what we’re trying to do– one of the big issues that we’re grappling with content governance and where is the line between free expression and, I suppose, privacy on one side, but safety on the other as people do really bad things, right, some of the time. And I think people rightfully have an expectation of us that we’re going to do everything we can to stop terrorists from recruiting people or people from exploiting children or doing different things. And moving in the direction of making these systems more encrypted certainly reduces some of the signals that we would have access to be able to do some of that really important work.

But here we are, right, we’re sitting in this position where we’re running WhatsApp, which is the largest end-to-end encrypting service in the world; we’re running messenger, which is another one of the largest messaging systems in the world where encryption is an option, but it isn’t the default. I don’t think long term it really makes sense to be running different systems with very different policies on this. I think this is sort of a philosophical question where you want to figure out where you want to be on it. And, so, my question for you– now,

I’ll talk about how I’m thinking about this– is all right, if you were in my position and you got to flip a switch is probably too glib, because there’s a lot of work that goes into this, and go in one direction for both of those services, who would you think about that?

Jonathan Zittrain: Well, the question you’re putting on the table, which is a hard one is “Is it okay,” and let’s just take the simple case, “for two people to communicate with each other in a way that makes it difficult for any third party to casually listen in?” Is that okay? And I think that the way we normally answer that question is kind of a form of what you might call status quo-ism, which is not satisfying. It’s whatever has been the case is—

Mark Zuckerberg: Yeah, yeah.

Jonathan Zittrain: –whatever has been the case is what should stay the case.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And, so, for WhatsApp, it’s like right now WhatsApp, as I understand it, you could correct me if I’m wrong, is pretty hard to get into if–

Mark Zuckerberg: It’s fully end-to-end encrypted.

Jonathan Zittrain: Right. So, if Facebook gets handed a subpoena or a warrant or something from name-your-favorite-country–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: –and you’re just like, “Thank you for playing. We have nothing to–”

Mark Zuckerberg: Oh, yeah, we’ve had employees thrown in jail because we have gotten court orders that we have to turnover data that we wouldn’t probably anyway, but we can’t because it’s encrypted.

Jonathan Zittrain: Yes. And then, on the other hand, and this is not as clean as it could be in theory, but Messenger is sometimes encrypted, sometimes not. If it doesn’t happen to have been encrypted by the users, then that subpoena could work and, more than that, there could start to be some automated systems either on Facebook’s own initiative or under pressure from governments in the general case, not a specific warrant, to say, “Hey, if the following phrases appear, if there’s some telltale that says, “This is somebody going after a kid for exploitation,” it should be forwarded up. If that’s already happening and we can produce x-number of people who have been identified and a number of crimes averted that way, who wants to be the person to be like, “Lock it down!” Like, “We don’t want any more of that!” But I guess, to put myself now to your question, when I look out over years rather than just weeks or months, the ability to casually peek at any conversation going on between two people or among a small group of people or even to have a machine do it for you, so, you can just set your alert list, you know, crudely speaking, and get stuff back, that– it’s always trite to call something Orwellian, but it makes Orwell look like a piker. I mean, it seems like a classic case where you– the next sentence would be “What could possible go wrong?”

Jonathan Zittrain: And we can fill that in! And it does mean, though, I think that we have to confront the fact that if we choose to allow that kind of communication, then there’s going to be crimes unsolved that could’ve been solved. There’s going to be crimes not prevented that could have been prevented. And the only thing that kind of blunts it a little is it is not really all or nothing. The modern surveillance states of note in the world, have a lot of arrows in their quivers. And just being able to darken you door and demand surveillance of a certain kind, that might be a first thing they would go to, but they’ve got a Plan B, and Plan C, and a Plan D. And I guess it really gets to what’s your threat model? If you think everybody is kind of a threat, think about the battles of copyright 15 years ago. Everybody is a potential infringer. All they have to do is fire up Napster, then you’re wanting some massive technical infrastructure to prevent the bad thing. If what you’re thinking is instead, they are a few really bad apples and they tend to– when they congregate online or otherwise with one another– tend to identify themselves and then we might have to send somebody near their house to listen with a cup at the window, metaphorically speaking. That’s a different threat model and [sic] might not need it.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: Is that getting to an answer to your question?

Mark Zuckerberg: Yeah, and I think I generally agree. I mean, I’ve already said publically that my inclination is to move these services in the direction of being all encrypted, at least the private communication version. I basically think if you want to kind of talk in metaphors, messaging is like people’s living room, right? And I think we– you know, we definitely don’t want a society where there’s a camera in everyone’s living room watching the content of those conversations.

Jonathan Zittrain: Even as we’re now– I mean, it is 2019, people are happily are putting cameras in their living rooms.

Mark Zuckerberg: That’s their choice, but I guess they’re putting cameras in their living rooms, well, for a number of reasons, but–

Jonathan Zittrain: And Facebook has a camera that you can go into your living room- Mark Zuckerberg: That is, I guess–

Jonathan Zittrain: I just want to be clear.

Mark Zuckerberg: Yeah, although that would be encrypted in this world.

Jonathan Zittrain: Encrypted between you and Facebook!

Mark Zuckerberg: No, no, no. I think– but it also–

Jonathan Zittrain: Doesn’t it have like a little Alexa functionality, too?

Mark Zuckerberg: Well, Portal works over Messenger. So, if we go towards encryption on Messenger, then that’ll be fully encrypted, which I think, frankly, is probably what people want.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: The other model, beside the living room is the town square and that, I think, just has different social norms and different policies and norms that should be at play around that. But I do think that these things are very different. Right? You’re not going to– you may end up in a world where the town square is a fully decentralized or fully encrypted thing, but it’s not clear what value there is in encrypting something that’s public content anyway, or very broad.

Jonathan Zittrain: But, now, you were put to it pretty hard in that as I understand it there’s now a change to how WhatsApp works, that there’s only five forwards permitted.

Mark Zuckerberg: Yeah, so, this is a really interesting point, right? So, when people talk about how encryption will darken some of the signals that we’ll be able to use, you know, both for potentially providing better services and for preventing harm. One of the– I guess, somewhat surprising to me, findings of the last couple of years of working on content governance and enforcement is that it often is much more effective to identify fake accounts and bad actors upstream of them doing something bad by patterns of activity rather than looking at the content.

Jonathan Zittrain: So-called meta data.

Mark Zuckerberg: Sure.

Jonathan Zittrain: “I don’t know what they’re saying, but here’s who’s they’re calling” kind of thing.

Mark Zuckerberg: Yeah, or just like they– this account doesn’t seem to really act like a person, right?

And I guess as AI gets more advanced and you build these adversarial networks or generalized adversarial networks, you’ll get to a place where you have Ai that can probably more effectively

Jonathan Zittrain: Go under mimic [ph?] cover. Mimic act like another person–

Mark Zuckerberg: –for a while.

Mark Zuckerberg: Yeah. But, at the same time, you’ll be building up contrary AI on the other side, but is better at identifying AIs that are doing that. But this has certainly been the most effective tactic across a lot of the areas where we’ve needed to focus to preventing harm. You know, the ability to identify fake accounts, which, like, a huge amount of the– under any category of issue that you’re talking about, a lot of the issues downstream come from fake accounts or people who are clearly acting in some malicious or not normal way. You can identify a lot of that without necessarily even looking at the content itself. And if you have to look at a piece of content, then in some cases, you’re already late, because the content exists and the activity has already happened. So, that’s one of the things that makes me feel like encryption for these messaging services is really the right direction to go, because you’re– it’s a very proprivacy and per security move to give people that control and assurance and I’m relatively confident that even though you are losing some tools to– on the finding harmful content side of the ledger, I don’t think at the end of the day that those are going to end up being the most important tools

Jonathan Zittrain: Yes.

Mark Zuckerberg: –for finding the most of the–

Jonathan Zittrain: But now connect it up quickly to the five forwards thing.

Mark Zuckerberg: Oh, yeah, sure. So, that gets down to if you’re not operating on a piece of content directly, you need to operate on patterns of behavior in the network. And what we, basically found was there weren’t that many good uses for people forwarding things more than five times except to basically spam or blast stuff off. It was being disproportionately abused. So, you end up thinking about different tactics when you’re not operating on content specifically; you end up thinking about patterns of usage more.

Jonathan Zittrain: Well, spam, I get and that– I’m always in favor of things that reduce spam. However, you could also say the second category was just to spread content. You could have the classic, I don’t know, like Les Mis, or Paul Revere’s ride, or Arab Spring-esque in the romanticized vision of it: “Gosh, this is a way for people to do a tree,” and pass along a message that “you can’t stop the signal,” to use a Joss Whedon reference. You really want to get the word out. This would obviously stop that, too.

Mark Zuckerberg: Yeah, and then I think the question is you’re just weighing whether you want this private communication tool where the vast majority of the use and the reason why it was designed was the vast majority of just one-on-one; there’s a large amount of groups that people communicate into, but it’s a pretty small edge case of people operating this with, like– you have a lot of different groups and you’re trying to organize something and almost hack public content-type or public sharing- type utility into an encrypted space and, again, there I think you start getting into “Is this the living room or is this the town square?” And when people start trying to use tools that are designed for one thing to get around what I think the social norms are for the town square, that’s when I think you probably start to have some issues. This is not– we’re not done addressing these issues. There’s a lot more to think through on this

Jonathan Zittrain: Yeah.

Mark Zuckerberg: –but that’s the general shape of the problem that at least I perceive from the work that we’re doing.

Jonathan Zittrain: Well, without any particular segue, let’s talk about fake news.

Jonathan Zittrain: So, insert your favorite segue here. There’s some choice or at least some decision that gets made to figure out what’s going to be next in my newsfeed when I scroll up a little more.

Mark Zuckerberg: Mm-hm.

Jonathan Zittrain: And in the last conversation bit, we were talking about how much we’re looking at content versus telltales and metadata, things that surround the content.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: For knowing about what that next thing in the newsfeed should be, is it a valid desirable material consideration, do you think, for a platform like Facebook to say is the thing we are about to present true, whatever true means?

Mark Zuckerberg: Well, yes, because, again, getting at trying to serve people, people tell us that they don’t want fake content. Right. I mean, I don’t know anyone who wants fake content. I think the whole issue is, again, who gets to decide. Right. So broadly speaking, I don’t know any individual who would sit there and say, “Yes, please show me things that you know are false and that are fake.” People want good quality content and information. That said, I don’t really think that people want us to be deciding what is true for them and people disagree on what is true. And, like, truth is, I mean, there are different levels of when someone is telling a story, maybe the meta arc is talking about something that is true but the facts that were used in it are wrong in some nuanced way but, like, it speaks to some deeper experience. Well, was that true or not? And do people want that disqualified from to them? I think different people are going to come to different places on this.

Now, so I’ve been very sensitive, which, on, like, we really want to make sure that we’re showing people high quality content and information. We know that people don’t want false information. So we’re building quite advanced systems to be able to– to make sure that we’re emphasizing and showing stuff that is going to be high quality. But the big question is where do you get the signal on what the quality is? So the kind of initial v.1 of this was working with third party fact checkers.

Right, I believe very strongly that people do not want Facebook and that we should not be the arbiters of truth in deciding what is correct for everyone in the society. I think people already generally think that we have too much power in deciding what content is good. I tend to also be concerned about that and we should talk about some of the governance stuff that we’re working on separately to try to make it so that we can bring more independent oversight into that.

Jonathan Zittrain: Yes.

Mark Zuckerberg: But let’s put that in a box for now and just say that with those concerns in mind, I’m definitely not looking to try to take on a lot more in terms of also deciding in addition to enforcing all the content policies, also deciding what is true for everyone in the world. Okay, so v.1 of that is we’re going to work with–

Jonathan Zittrain: Truth experts.

Mark Zuckerberg: We’re working with fact checkers.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: And, and they’re experts and basically, there’s like a whole field of how you go and assess certain content. They’re accredited. People can disagree with the leaning of some of these organizations.

Jonathan Zittrain: Who does accredited fact checkers?

Mark Zuckerberg: The Poynter Institute for Journalism.

Jonathan Zittrain: I should apply for my certification.

Mark Zuckerberg: You may.

Jonathan Zittrain: Okay, good.

Mark Zuckerberg: You’d probably get it, but you have to– You’d have to go through the process.

Mark Zuckerberg: The issue there is there aren’t enough of them, right. So there’s a large content. There’s obviously a lot of information is shared every day and there just aren’t a lot of fact checkers. So then the question is okay, that is probably

Jonathan Zittrain: But the portion– You’re saying the food is good, it’s just the portions are small. But the food is good.

Mark Zuckerberg: I think in general, but so you build systems, which is what we’ve done especially leading up to elections where I think are some of the most fraught times around this where people really are aggressively trying to spread misinformation.

Jonathan Zittrain: Yes.

Mark Zuckerberg: You build systems that prioritize content that seems like it’s going viral because you want to reduce the prevalence of how widespread the stuff gets, so that way the fact checkers have tools to be able to, like, prioritize what they need to go– what they need to go look at. But it’s still getting to a relatively small percent of the content. So I think the real thing that we want to try to get to over time is more of a crowd sourced model where people, it’s not that people are trusting some sort, some basic set of experts who are accredited but are in some kid of lofty institution somewhere else. It’s like do you trust, yeah, like, if you get enough data points from within the community of people reasonably looking at something and assessing it over time, then the question is can you compound that together into something that is a strong enough signal that we can then use that?

Jonathan Zittrain: Kind of in the old school like a slash-dot moderating system

Mark Zuckerberg: Yeah.

Jonathan Zittrain: With only the worry that if the stakes get high enough, somebody wants to Astroturf that.

Mark Zuckerberg: Yes.

Jonathan Zittrain: I’d be–

Mark Zuckerberg: There are a lot of questions here, which is why I’m not sitting here and announcing a new program.

Mark Zuckerberg: But what I’m saying is this is, like,–

Jonathan Zittrain: Yeah,

Mark Zuckerberg: This is the general direction that I think we should be thinking about when we haveand I think that there’s a lot of questions and–

Jonathan Zittrain: Yes.

Mark Zuckerberg: And we’d like to run some tests in this area to see whether this can help out. Which would be upholding the principles which are that we want to stop–

Jonathan Zittrain: Yes.

Mark Zuckerberg: The spread of misinformation.

Jonathan Zittrain: Yes.

Mark Zuckerberg: Knowing that no one wants misinformation. And the other principle, which is that we do not want to be arbiters of truth.

Jonathan Zittrain: Want to be the decider, yes.

Mark Zuckerberg: And I think that that’s the basic– those are the basic contours I think of that, of that problem.

Jonathan Zittrain: So let me run an idea by you that you can process in real time and tell me the eight reasons I have not thought of why this is a terrible idea. And that would be people see something in their Facebook feed. They’re about to share it out because it’s got a kind of outrage factor to it. I think of the classic story from two years ago in The Denver Guardian about “FBI agent suspected in Hilary Clinton email leak implicated in murder-suicide.” I have just uttered fake news.

None of that was true if you clicked through The Denver Guardian. There was just that article. There is Denver Guardian. If you live in Denver, you cannot subscribe. Like, it is unambiguously fake. And it was shared more times than the most shared story during the election season of The Boston Globe. And so

Mark Zuckerberg: So, and this is actually an example, by the way, of where trying to figure out fake accounts is a much simpler solution.

Jonathan Zittrain: Yes.

Mark Zuckerberg: Than trying to down–

Jonathan Zittrain: So if newspaper has one article–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: Wait for ten more before you decide they’re a newspaper.

Mark Zuckerberg: Yeah. Or, you know, I mean, it’s there are any number of systems that you could build to basically detect, “Hey, this is–”

Jonathan Zittrain: A Potemkin.

Mark Zuckerberg: This is a fraudulent thing.

Jonathan Zittrain: Yes.

Mark Zuckerberg: And then you can take that down. And again, that ends up being a much less controversial decision because you’re doing it upstream based on the basis of inauthenticity.

Jonathan Zittrain: Yes.

Mark Zuckerberg: In a system where people are supposed to be their real and represent that they’re their real selves than downstream, trying to say, “Hey, is this true or false?”

Jonathan Zittrain: I made a mistake in giving you the easy case.

Mark Zuckerberg: Okay.

Jonathan Zittrain: So I should have not used that example.

Mark Zuckerberg: Too simple.

Jonathan Zittrain: You’re right and you knocked that one out of the park and, like, Denver Guardian, come up with more articles and be real and then come back and talk to us.

Jonathan Zittrain: So, here’s the harder case which is something that might be in an outlet that is, you know, viewed as legitimate, has a number of users, et cetera. So you can’t use the metadata as easily.

Imagine if somebody as they shared it out could say, “By the way, I want to follow this. I want to learn a little bit more about this.” They click a button that says that. And I also realized when I talked earlier to somebody at Facebook on this that adding a new button to the homepage is, like, everybody’s first idea

Mark Zuckerberg: Oh, yeah.

Jonathan Zittrain: And it’s–

Mark Zuckerberg: But it’s a reasonable thought experiment, even though it would lead to a very bad UI.

Jonathan Zittrain: Fair enough. I understand this is already–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: In the land of fantasy. So they add the button. They say, “I want to follow up on this.”

If enough people are clicking comparatively on the same thing to say, “I want to learn more about this. If anything else develops, let me know, Facebook,” that, then, if I have my pneumatic tube, it then goes to a convened virtually panel of three librarians. We go to the librarians of the nation and the world at public and private libraries across the land who agree to participate in this program. Maybe we set up a little foundation for it that’s endowed permanently and no long connected to whoever endowed it. And those librarians together discuss the piece and they come back with what they would tell a patron if somebody came up to them and said, “I’m about to cite this in my social studies paper. What do you think?” And librarians, like, live for questions like that.

Mark Zuckerberg: Mm-hmm, yeah.

Jonathan Zittrain: They’re like, “Wow. Let us tell you.” And they have a huge fiduciary notion of patron duty that says, “I may disapprove of you even studying this, whatever, but I’m here to serve you, the user.”

Mark Zuckerberg: Yeah.

Jonathan Zittrain: “And I just think you should know, this is why maybe it’s not such a good source.” And when they come up with that they can send it back and it gets pushed out to everybody who asks for follow-up–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And they can do with it as they will. And last piece of the puzzle, we have high school students who apprentice as librarian number three for credit.

Jonathan Zittrain: And then they can get graded on how well they participated in this exercise which helps generate a new generation of librarian-themed people who are better off at reading things, so.

Mark Zuckerberg: All right, well, I think you have a side goal here which I haven’t been thinking about on the librarian thing.

Mark Zuckerberg: Which is the evil goal of promoting libraries.

Jonathan Zittrain: Well, it’s

Mark Zuckerberg: No, but I mean, look, I think solving– preventing misinformation or spreading misinformation is hard enough without also trying to develop high school students in a direction.

Jonathan Zittrain: Ah. My colleague Charlies Foote–

Mark Zuckerberg: So, that’s solving a problem with a problem.

Jonathan Zittrain: All right. Well, anyway, yes.

Mark Zuckerberg: So I actually think I agree with most of what you have in there. It doesn’t need to be a button on the home page, it can be– I mean, it turns out that there’s so many people using these services that even if you get– even if you put something that looks like it’s not super prominent, like, behind the three dots on a given newsfeed story, you have the options, yeah, you’re not– not everyone is going tois going to like something.

Jonathan Zittrain: If 1 out of 1000 do it, you still get 10,000 or 100,000 people, yeah.

Mark Zuckerberg: You get pretty good signal. But I actually think you could do even better, which is, it’s not even clear that you need that signal. I think that that’s super helpful. I think really what matters is looking at stuff that’s getting a lot of distribution. So, you know, I think that there’s kind of this notion, and I’m going back to the encryption conversation, which is all right, if I say something that’s wrong to you in a one-on-one conversation, I mean, does that need to be fact checked? I mean, it’s, yeah, it would be good if you got the most accurate information.

Jonathan Zittrain: I do have a personal librarian to accompany me for most conversations, yes. There you go.

Mark Zuckerberg: Well, you are–

Jonathan Zittrain: Unusual.

Mark Zuckerberg: Yeah, yeah. Yes.

Mark Zuckerberg: That’s the word I was looking for.

Jonathan Zittrain: I’m not sure I believe you, but yes.

Mark Zuckerberg: It’s– But I think that there’s limited– I don’t think anyone would say that every message that goes back and forth in especially an encrypted messaging service should be

Jonathan Zittrain: Fact checked.

Mark Zuckerberg: Should be fact checked.

Jonathan Zittrain: Correct.

Mark Zuckerberg: So I think the real question is all right, when something starts going viral or getting a lot of distribution, that’s when it becomes most socially important for it to be– have some level of validation or at least that we know where that the community in general thinks that this is a reasonable thing. So it’s actually, while it’s helpful to have the signal of whether people are flagging this as something that we should look at, I actually think increasingly you want to be designing systems that just prevent like alarming or sensational content from going viral in the first place. And making sure that that, that the stuff that is getting wide distribution is doing so because it’s high quality on whatever front you care about. So then, okay–

Jonathan Zittrain: And that quality is still generally from Poynter or some external party that

Mark Zuckerberg: Well, well quality has many dimensions.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: But certainly accuracy is one dimension of it. You also, I mean, you pointed out I think in one of your questions, is this piece of content prone to incite outrage. If you don’t mind, I’ll get to your panel of three things in a second, but as a slight detour on this.

Jonathan Zittrain: Yes.

Mark Zuckerberg: One of the findings that has been quite interesting is, you know, there’s this question about whether social media in general increases, basically makes it so that sensationalist content gets the most distribution. And what we’ve found is that, all right, so we’re going to have rules, right, about what content is allowed. And what we found is that generally within whatever rules you set up, as content approaches the line of what is allowed, it often gets more distribution. So if you’ll have some rule on, you know, what– And take a completely different example and our nudity policies. Right. It’s like, okay, you have to define what is unacceptable nudity in some way. As you get as close to that as possible it’s like, all right. Like, this is maybe a photo of someone–

Jonathan Zittrain: The skin to share ratio goes up until it gets banned at which point it goes to zero.

Mark Zuckerberg: Yes. Okay. So that is a bad property of a system, right, that I think you want to generally address. Or you don’t want to design a community where or systems for helping to build a community where things that get as close to the line as what is bad get the most distribution.

Jonathan Zittrain: So long as we have the premise, which in many cases is true, but I could probably try to think of some where it wouldn’t be true, that as you near the line, you are getting worse.

Mark Zuckerberg: That’s a good point. That’s a good point. There’s–

Jonathan Zittrain: You know, there might be humor that’s really edgy.

Mark Zuckerberg: That’s true.

Jonathan Zittrain: And that conveys a message that would be impossible to convey without the edginess, while not still–

Mark Zuckerberg: That is–

Jonathan Zittrain: But, I–

Mark Zuckerberg: That’s true.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: So but then you get the question of what’s the cost benefit of allowing that. And obviously, where you can accurately separate what’s good and bad which you, like in the case of misinformation I’m not sure you could do it fully accurately, but you can try to build systems that approximate that, there’s certainly the issue, which is that, I mean, there is misinformation which leads to massive public harm, right. So if it’s misinformation that is also spreading hate and leading to genocide or public attacks or, it’s like, okay, we’re not going to allow that. Right. That’s coming down. But then generally if you say something that’s wrong, we’re not going to try to block that.

Jonathan Zittrain: Yes.

Mark Zuckerberg: We’re just going to try to not show it to people widely because people don’t want content that is wrong. So then the question is as something is approaching the line, how do you assess that? This is a general theme in a lot of the content governance and enforcement work that we’re doing, which is there’s one piece of this which is just making sure that we can as effectively as possible enforce the policies that exist. Then there’s a whole other stream of work, which I called borderline content, which is basically this issue of as content approaches the line of being against the policies, how do you make sure that that isn’t the content that is somehow getting the most distribution? And a lot of the things that we’ve done in the last year were focused on that problem and it really improves the quality of the service and people appreciate that.

Jonathan Zittrain: So this idea would be stuff that you’re kind of letting down easy without banning and letting down easy as it’s going to somehow have a coefficient of friction for sharing that goes up. It’s going to be harder–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: For it to go viral.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And–

Mark Zuckerberg: So it’s fascinating because it’s just against– Like, you can take almost any category of policy that we have, so I used nudity a second ago. You know, gore and violent imagery.

Jonathan Zittrain: Yes.

Mark Zuckerberg: Hate speech.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: Any of these things. I mean, there’s, like, hate speech, there’s content that you would just say is mean or toxic, but that did not violate– But that you would not want to have a society that banned being able to say that thing. But it’s, but you don’t necessarily want that to be the content that is getting the most distribution.

Jonathan Zittrain: So here’s a classic transparency question around exactly that system you described.

And when you described this, I think you did a post around this a few months ago. This was fascinating.

You had graphs in the post depicting this, which was great. How would you feel about sharing back to the person who posted or possibly to everybody who encounters it its coefficient of friction? Would that freak people out? Would it be, like, all right, I– And in fact, they would then probably start conforming their posts, for better or worse,–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: To try to maximize the sharability. But that rating is already somewhere in there by design. Would it be okay to surface it?

Mark Zuckerberg: So, as a principle, I think that that would be good, but I don’t– The way that the systems are designed isn’t that you get a score of how inflammatory or sensationalist a piece of content is. The way that it basically works is you can build classifiers that identify specific types of things. Right.

So we’re going down the list of, like, all right, there’s 20 categories of harmful content that you’re trying to identify. You know, everything from terrorist propaganda on the one hand to self-harm issues to hate speech and election interference. And basically, each of these things while it uses a lot of the same underlying machine learning infrastructure, you’re doing specific work for each of them. So if you go back to the example on Nudity for a second, you know, what you– you’re not necessarily scoring everything on a scale of not at all nude to nude. You[‘re basically enforcing specific policies. So, you know, you’re saying, “Okay, if–”

Jonathan Zittrain: So by machine learning it would just be give me an estimate of the odds by which if a human looked at it who was employed to enforce policy–

Mark Zuckerberg: Well, basically–

Jonathan Zittrain: Whether it violates the policy.

Mark Zuckerberg: And you have a sense of, okay, this is– So what are the things that are adjacent to the policy, right? So you night say, okay, well, if the person is completely naked, that is something that you can definitely build a classifier to be able to identify with relatively high accuracy. But even if they’re not, you know, then the question is you kind of need to be able to qualitatively describe what are the things that are adjacent to that. So maybe the person is wearing a bathing suit and is in a sexually suggestive position. Right. It’s not like any piece of content you’re going to score from not at all nude to nude. But you kind of have the cases for what you think are adjacent to the issues and, and again, you ground this and qualitatively, people, like, people might click on it, they might engage with it, but at the end, they don’t necessarily feel good about it. And you want to get at when you’re designing these systems not just what people do, but also you want to make sure we factor in, too, like is this the content that people say that they really want to be seeing? Do they–?

Jonathan Zittrain: The constitutional law, there’s a formal kind of definition that’s emerged for the word “prurient.” If something appeals to the prurient interest–

Mark Zuckerberg: Okay.

Jonathan Zittrain: As part of a definition of obscenity, the famous Miller test, which was not a beeroriented test. And part of a prurient interest is basically it excites me and yet it completely disgusts me.

And it sounds like you’re actually converging to the Supreme Court’s vision of prurience with this.

Mark Zuckerberg: Maybe.

Jonathan Zittrain: And it might be– Don’t worry, I’m not trying to nail you down on that. But it’s very interesting that machine learning, which you invoked, is both really good, I gather, at something like this.

It’s the kind of thing that’s like just have some people tell me with their expertise, does this come near to violating the policy or not and I’ll just through a Spidey sense start to tell you whether it would.

Mark Zuckerberg: Mm-hmm.

Jonathan Zittrain: Rather than being able to throw out exactly what the factors are. I know the person’s fully clothed, but it still is going to invoke that quality. So all of the benefits of machine learning and all of, of course, all the drawbacks where it classifies something and somebody’s like, “Wait a minute. That was me doing a parody of blah, blah, blah.” That all comes to the fore.

Mark Zuckerberg: Yeah and I mean, when you ask people what they want to see in addition to looking at what they actually engage with, you do get a completely different sense of what people value and you can build systems that approximate that. But going back to your question, I think rather than giving people a score of the friction–

Jonathan Zittrain: Yes.

Mark Zuckerberg: I think you can probably give people feedback of, “Hey, this might make people uncomfortable in this way, in this specific way.” And this fits your–

Jonathan Zittrain: It might affect how much it gets– how much it gets shared.

Mark Zuckerberg: Yeah. And this gets down to a different– There’s a different AI ethics question which I think is really important here, which is designing AI systems to be understandable by people

Jonathan Zittrain: Right.

Mark Zuckerberg: Right and to some degree, you don’t just want it to spit out a score of how offensive or, like, where it scores on any given policy. You want it to be able to map to specific things that might be problematic.

Jonathan Zittrain: Yes.

Mark Zuckerberg: And that’s the way that we’re trying to design the systems overall.

Jonathan Zittrain: Yes. Now we have something parked in the box we should take out, which is the external review stuff. But before we do, one other just transparency thing maybe to broach. It basically just occurred to me, I imagine it might be possible to issue me a score of how much I’ve earned for Facebook this year. It could simply say, “This is how much we collected on the basis of you in particular being exposed to an ad.” And I know sometimes people, I guess, might compete to get their numbers up. But I’m just curious, would that be a figure? I’d kind of be curious to know, in part because it might even lay the groundwork of being like, “Look, Mark, I’ll double it. You can have double the money and then don’t show me any ads.” Can we get a car off of that lot today?

Mark Zuckerberg: Okay, well, there’s a lot–

Mark Zuckerberg: There’s a lot in there.

Jonathan Zittrain: It was a quick question.

Mark Zuckerberg: So there’s a question in what you’re saying which is so we built an ad-supported system. Should we have an option for people to pay to not see ads.

Jonathan Zittrain: Right.

Mark Zuckerberg: I think is kind of what you’re saying. I mean, just as the basic primer from first principles on this. You know, we’re building this service. We want to give everyone a voice. We want everyone to be able to connect with who they care about. If you’re trying to build a service for everyone,

Jonathan Zittrain: Got to be free. That’s just

Mark Zuckerberg: If you want them to use it, that’s just going to be the argument. Yes, yes.

Jonathan Zittrain: Okay. All right.

Mark Zuckerberg: So then, so this is a kind of a tried and true thing. There are a lot of companies over time that have been ad supported. In general what we find is that if people are going to see ads, they want them to be relevant. They don’t want them to be junk. Right. So then within that you give people control over how their data is used to show them ads. But the vast majority of people say, like, show me the most relevant ads that you can because I get that I have to see ads. This is a free service. So now the question is, all right, so there’s a whole set of questions around that that we could get into, but but then

Jonathan Zittrain: For which we did talk about enough to reopen it, the personalization exploitation.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: Or even just philosophical question. Right now, Uber or Lyft are not funded that way.

We could apply this ad model to Uber or Lyft, “Free rides. Totally free. It’s just every fifth ride takes you to Wendy’s and idles outside the drive through window.”

Jonathan Zittrain: “Totally up to you what you want to do, but you’re going to sit here for a while,” and then you go on your way. I don’t know how– and status quo-ism would probably say people would have a problem with that, but it would give people rides that otherwise wouldn’t get rides.

Mark Zuckerberg: I have not thought about that case in their–

Mark Zuckerberg: In their business, so, so–

Jonathan Zittrain: Well, that’s my patent, damn it, so don’t you steal it.

Mark Zuckerberg: But certainly some services, I think tend themselves better towards being ad supported than others.

Jonathan Zittrain: Okay.

Mark Zuckerberg: Okay and I think generally information-based ones tend to–

Jonathan Zittrain: Than my false imprisonment hypo, I’d– Okay, fair enough.

Mark Zuckerberg: I mean, that seems

Jonathan Zittrain: Yeah.

Mark Zuckerberg: There might be, you know, more– more issues there. But okay, but go to the subscription thing.

Jonathan Zittrain: Yes.

Mark Zuckerberg: When people have questions about the ad model on Facebook, I don’t think the questions are just about the ad model, I think they’re about both seeing ads and data use around ads.

And the thing that I think, so when I think about this it’s, I don’t just think you want to let people pay to not see ads because I actually think then the question is the questions are around ads and data use and I don’t think people are going to be that psyched about not seeing ads but then not having different controls over how their data is used. Okay, but now you start getting into a principle question which is are we going to let people pay to have different controls on data use than other people. And my answer to that is a hard no, right. So the prerequisite–

Jonathan Zittrain: What’s an example of data use that isn’t ad-based, just so we know what we’re talking about?

Mark Zuckerberg: That isn’t ad-based?

Jonathan Zittrain: Yeah.

Mark Zuckerberg: Like what do you mean?

Jonathan Zittrain: You were saying, I don’t want to see ads. But you’re saying that’s kind of just the wax on the car. What’s underneath is how the data gets used.

Mark Zuckerberg: So, well, look– Maybe– let me keep going with this explanation and then I think this’ll be clear.

Jonathan Zittrain: Yeah, sure.

Mark Zuckerberg: So one of the things that we’ve been working on is this tool that we call clear history. And the basic idea is it is you can kind of analogize it to a web browser where you can clear your cookies. That’s kind of a normal thing. You know that when you clear your cookies you’re going to get logged out of a bunch of stuff. A bunch of stuff might get more annoying.

Jonathan Zittrain: Which is why my guess is, am I right, probably nobody clears their cookies.

Mark Zuckerberg: I don’t know.

Jonathan Zittrain: They might use incognito mode or something, but.

Mark Zuckerberg: I think– I don’t know. How many of you guys clear your cookies every once in a while, right?

Jonathan Zittrain: This is not a representative group, damn it.

Mark Zuckerberg: Okay. Like, maybe once a year or something I’ll clear my cookies.

Jonathan Zittrain:

Mark Zuckerberg: But no, it’s, I think–

Jonathan Zittrain: Happy New Year.

Mark Zuckerberg: No, over some period of time, all right, but–

Jonathan Zittrain: Yeah, okay.

Mark Zuckerberg: But not necessarily every day. But it’s important that people have that tool even though it might in a local sense make their experience worse.

Jonathan Zittrain: Yes.

Mark Zuckerberg: Okay. So that kind of content of what different services, websites and apps send to Facebook that, you know, we use to help measure the ads in effectiveness there, right, so things like, you know, if you’re an app developer and you’re trying to pay for ads to help grow your app, we want to only charge you when we actually, when something that we show leads to an install, not just whether someone sees the ad or clicks on it, but if they add–

Jonathan Zittrain: That requires a whole infrastructure to, yeah.

Mark Zuckerberg: Okay, so then, yeah, so you build that out. It helps us show people more relevant ads.

It can help show more relevant content. Often a lot of these signals are super useful also on the security side for some of the other things that we’ve talked about, so that ends up being important. But fundamentally, you know, looking at the model today, it seems like you should have something like this ability to clear history. It turns out that it’s a much more complex technical project. I’d talked about this at our developer conference last year, about how I’d hoped that we’d roll it out by the end of 2018 and just, the plumbing goes so deep into all the different systems that it’s, that– But we’re still working on it and we’re going to do it. It’s just it’s taking a little bit longer.

Jonathan Zittrain: So clear history basically means I am as if a newb, I just show

Mark Zuckerberg: Yes.

Jonathan Zittrain: Even though I’ve been using Facebook for a while, it’s as if it knows nothing about me and it starts accreting again.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And I’m just trying to think just as a plain old citizen, how would I make an informed judgment about how often to do that or when I should do it? What–?

Mark Zuckerberg: Well, hold on. Let’s go to that in a second.

Jonathan Zittrain: Okay.

Mark Zuckerberg: But one thing, just to connect the dots on the last conversation.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: Clear history is a prerequisite, I think, for being able to do anything like subscriptions.

Right. Because, like, partially what someone would want to do if they were going to really actually pay for a not ad supported version where their data wasn’t being used in a system like that, you would want to have a control so that Facebook didn’t have access or wasn’t using that data or associating it with your account. And as a principled matter, we are not going to just offer a control like that to people who pay.

Right. That’s going to, if we’re going to give controls over data use, we’re going to do that for everyone in the community. So that’s the first thing that I think we need to go do.

Mark Zuckerberg: So that’s, so that’s kind of– This is sort of the how we’re thinking about the projects and this is a really deep and big technical project but we’re committed to doing it because I think it’s that’s what it’s there for. [ph?] +++

Jonathan Zittrain: And I guess like an ad block or somebody could then write a little script for your browser that would just clear your history every time you visit or something.

Mark Zuckerberg: Oh, yeah, no, but the plan would also be to offer something that’s an ongoing thing.

Jonathan Zittrain: I see.

Mark Zuckerberg: In your browser, but I think the analogy here is you kind of have, in your browser you have the ability to clear your cookies. And then, like, in some other place you have under your, like, nuclear settings, like, don’t ever accept any cookies in my browser. And it’s like, all right, your browser’s not really going to work that well.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: But, but you can do that if you want because you should have that control. I think that these are part and parcel, right. It’s I think a lot of people might go and clear their history on a periodic basis because they– Or, or actually in the research that we’ve done on this as we’ve been developing it, the real thing that people have told us that they want is similar to cookie management, not necessarily wiping everything, because that ends in inconvenience of getting logged out of a bunch of things, but there are just certain services or apps that you don’t want that data to be connected to your Facebook account. So having the ability on an ad hoc basis to go through and say, “Hey, stop associating this thing,” is going to end up being a quite important thing that I think we want to try to deliver. So that’s, this is partially as we’re getting into this, it’s a more complex thing but I think it’s very valuable. And I think if any conversation around the– around subscriptions, I think you would want to start with giving people these, make sure that everyone has these kind of controls. So that’s, we’re kind of in the early phases of doing that. The philosophical downstream question of whether you also let people pay to not have ads, I don’t know. There were a bunch of questions around whether that’s actually a good thing, but I personally don’t believe that very many people would like to pay to not have ads. That all of the research that we have, it’s it may still end up being the right thing to offer that as a choice down the line, but all of the data that I’ve seen suggests that the vast, vast, vast majority of people want a free service and that the ads, in a lot of places are not even that different from the organic content in terms of the quality of what people are being able to see.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: People like being able to get information from local businesses and things like that too, so. So there’s a lot of good there.

Jonathan Zittrain: Yeah. Forty years ago it would have been the question of ABC versus HBO and the answer turned out to be yes.

Jonathan Zittrain: So you’re right. And people might have different things.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: There’s a little paradox lingering in there about if something’s so important and vital that we wouldn’t want to deprive anybody of access to it but therefore nobody gets it until we figured out how to remove it for everybody.

Mark Zuckerberg: What we– [ph?] +++

Jonathan Zittrain: In other words, if I could buy my way out of ads and data collection it wouldn’t be fair to those who can’t and therefore we all subsist with it until the advances you’re talking about.

Mark Zuckerberg: Yeah, but I guess what I’m saying is on the data use, I don’t believe that that’s something that people should buy. I think the data principles that we have need to be uniformly available to everyone. That to me is a really important principle. It’s, like, maybe you could have a conversation about whether you should be able to pay and not see ads. That doesn’t feel like a moral question to me.

Jonathan Zittrain: Yes.

Mark Zuckerberg: But the question of whether you can pay to have different privacy controls feels wrong. So that to me is something that in any conversation about whether we’d evolve towards having a subscription service, I think you have to have these controls first and it’s a very deep thing. A technical problem to go do, but we’re– that’s why we’re working through that.

Jonathan Zittrain: Yes. So long as the privacy controls that we’re not able to buy our way into aren’t controls that people ought to have. You know, it’s just the kind of underlying question of is the system as it is that we can’t opt out of a fair system. And that’s of course, you know, you have to go into the details to figure out what you mean by it. But let’s in the remaining time we have left

Mark Zuckerberg: How are we doing on time?

Jonathan Zittrain: We’re good. We’re 76 minutes in.

Mark Zuckerberg: All right, into–

Mark Zuckerberg: We’re going to get through maybe half the topics.

Jonathan Zittrain: Yeah, yeah, yeah.

Mark Zuckerberg: And I’ll come back and do another one later.

Jonathan Zittrain: I’m going to bring this in for a landing soon. On my agenda left includes such things as taking out of the box the independent review stuff, chat a little bit about that. I’d be curious, and this might be a nice thing, really, as we wrap up, which would be a sense of any vision you have for what would Facebook look like in 10 or 15 years and how different would it be than the Facebook of 10 years ago is compared to today. So that’s something I’d want to talk about. Is there anything big on your list that you want to make sure we talk about?

Mark Zuckerberg: Those are good. Those are good topics.

Jonathan Zittrain: Fair enough.

Mark Zuckerberg:

Jonathan Zittrain: So all right, the external review board.

Mark Zuckerberg: Yeah. So one of the big questions that I have just been thinking about is, you know, we make a lot of decisions around content enforcement and what stays up and what comes down. And having gone through this process over the last few years of working on the systems, one of the themes that I feel really strongly about is that we shouldn’t be making so many of these decisions ourselves. You know, one of the ways that I try to reason about this stuff is take myself out of the position of being CEO of the company, almost like a Rawlsian perspective. If I was a different person, what would I want the CEO of the company to be able to do? And I would not want so many decisions about content to be concentrated with any individual. So–

Jonathan Zittrain: It is weird to see big impactful, to use a terrible word, decisions about what a huge swath of humanity does or doesn’t see inevitably handled as, like, a customer service issue. It does feel like a mismatch, which is what I hear you saying.

Mark Zuckerberg: So let’s, yeah, so I actually think the customer service analogy is a really interesting one. Right. So when you email Amazon, because they don’t, they make a mistake with your package, that’s customer support. Right. I mean, they are trying to provide a service and generally, they can invest more in customer support and make people happier. We’re doing something completely different, right.

When someone emails us with an issue or flags some content, they’re basically complaining about something that someone else in the community did. So it’s more like it’s almost more like a court system in that sense. Doing more of that does not make people happy because in every one of those transactions one person ends up the winner and one is the loser. Either you said that that content, that the content was fine, in which case the person complaining is upset, or you the someone’s content down, in which case the person is really upset because you’re now telling them that they don’t have the ability to express something that they feel is a valid thing that they should be able to express.

So in some deep sense while some amount of what we do is customer support, people get locked out of their account, et cetera, you know, we now have, like, more than 30,000 people working on content review and safety review, doing the kind of judgments that, you know, it’s basically a lot of the stuff, we have machine learning systems that flag things that could be problematic in addition to people in the community flagging things, but making these assessments of whether the stuff is right or not. So one of the questions that I just think about, it’s like, okay, well, you have many people doing this.

Regardless of how much training they have, we’re going to make mistakes, right. So you want to start building in principles around, you know, what you would kind of think of as due process, right. So we’re building in an ability to have an appeal, right, which already is quite good in that we are able to overturn a bunch of mistakes that the first line people make in making these assessments. But at some level I think you also want a level of kind of independent appeal, right, where if, okay, let’s say, so the appeals go to maybe a higher level of Facebook employee who is a little more trained in the nuances of the policies; but at some point, I think you also need an appeal to an independent groups, which is, like, is this policy fair? Was this–? Like is this piece of content really getting on the wrong side of the balance of free expression and safety? And I just don’t think at the end of the day that that’s something that you want centralized in a single company. So now the question is how do you design that system and that’s a real question, right, so that we don’t pretend to have the answers on this. What we’re basically working through is we have a draft proposal and we’re working with a lot of experts around the world to run a few pilots in the first half of this year that can hopefully we can codify into something that’s a longer term thing. But I just, I believe that this is just an incredibly important thing. As a person and if I take aside the role that I have as CEO of the company, I do not want the company being able to make all of those final decisions without a check and balance and accountability, so I want to use the position that I’m in to help build that kind of an institution.

Jonathan Zittrain: Yes. And when we talk about an appeal, then, it sounds like you could appeal two distinct things. One is this was the rule but it was applied wrong to me. This, in fact, was parody [ph?] so it shouldn’t be seen as near the line.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And I want the independent body to look at that. The other would be the rule is wrong. The rule should change because–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: And you’re thinking the independent body could weigh in on both of those?

Mark Zuckerberg: Yeah. Over time, I would like the role of the independent oversight board to be able to expand to do additional things as well. I think the question is it’s hard enough to even set something up that’s going to codify the values that we have around expression and safety on a relatively defined topic.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: So I think the question is if you kind of view this as an experiment in institution building where we’re trying to build this thing that is going to have real power toJonathan Zittrain: Yes.

Mark Zuckerberg: I mean, like, I will not be able to make a decision that overturns what they say. Which I think is good. I think also just it raises the stakes. You need to make sure we get this right, so.

Jonathan Zittrain: It’s fascinating. It’s huge. I think the way you’re describing it, I wouldn’t want to understate–

Mark Zuckerberg: Yeah.

Jonathan Zittrain: That this is not a usual way of doing business.

Mark Zuckerberg: Yeah, but I think it– I think this is– I really care about getting this right.

Jonathan Zittrain: Yeah.

Mark Zuckerberg: But I think you want to start with something that’s relatively well-defined and then hopefully expand it to be able to cover more things over time. So in the beginning I think one question that could come up is my understanding, I mean, it’s always dangerous talking about legal precedence when I’m, this might be one of my first times at Harvard Law School. I did not spend a lot of time here

Mark Zuckerberg: When I was an undergrad. But, you know what I mean, the, if the Supreme Court overturns something, they don’t tell Congress what the law should be, they just say there’s an issue here, right. And then basically there’s a process. All right. So if I’m getting that wrong

Mark Zuckerberg: All right. I shouldn’t have done that.

Jonathan Zittrain: No, no. That’s quite honest. [ph?]

Mark Zuckerberg: I knew that was dangerous.

Mark Zuckerberg: And that that was a mistake.

Jonathan Zittrain: There are people who do agree with you.

Mark Zuckerberg: Okay. Oh, so that’s an open question that that’s how it works.

Jonathan Zittrain: It’s a highly debated question, yes.

Mark Zuckerberg: All right.

Jonathan Zittrain: There’s the I’m just the umpire calling balls and strikes and in fact, the first type of question we brought up, which was, “Hey, we get this is the standard. Does it apply here?” lends itself a little more to, you know, you get three swings and if you miss them all, like, you can’t keep playing. The umpire can usher you away from the home plate. This is, I’m really digging deep into my knowledge now of baseball. There’s another thing about, like,–

Mark Zuckerberg: That’s okay. I’m not the person who’s going to call you out on getting something wrong there.

Jonathan Zittrain: I appreciate that.

Mark Zuckerberg: That’s why I also need to have a librarian next to me at all times.

Jonathan Zittrain: Very good. I wonder how much librarians tend to know about baseball.

Mark Zuckerberg: Aww.

Jonathan Zittrain: But we digress. Ah, we’re going to get letters, mentions.

Mark Zuckerberg: Yeah.

Jonathan Zittrain: But whether or not the game is actually any good with a three strikes rule, maybe there should be two or four or whatever, starts to ask of the umpire more than just, you know, your best sense of how that play just went. Both may be something. Both are surely beyond standard customer service issues, so both could maybe be usefully externalized. What you’d ask the board to do in the category one kind of stuff maybe it’s true that, like, professional umpirage [ph?] could help us and there are people who are jurists who can do that worldwide. For the other, whether it’s the Supreme

Jonathan Zittrain: –court, or the so-called common law and state courts where often a state supreme court will be like, “Henceforth, 50 feet needs to be the height of a baseball net,” and like, “If you don’t agree, Legislature, we’ll hear from you, but until then it’s 50 feet.” They really do kind of get into the weeds. They derive maybe some legitimacy for decisions like that from being close to their communities, and it really regresses them to a question of: Is Facebook a global community, a community of 2.X billion people worldwide, transcending any national boundaries, and for which I think so far on these issues, it’s meant to be, “The rule is the rule,” it doesn’t really change in terms of service from one place to anotherversus how much do we think of it as somehow localized– whether or not localized through governmentbut where different local communities make their own judgments?

Mark Zuckerberg: That is one of the big questions. I mean, right now we have community standards that are global. We follow local laws, as you say. But I think the idea is– I don’t think we want to end up in a place where we have very different norms in different places, but you want to have some sense of representation and making sure that the body that can deliberate on this has a good diversity of views. So these are a lot of the things that we’re trying to figure out, is like: Well, how big is the body? When decisions are made, are they made by the whole body, or do you have panels of people that are smaller sets? If there are panels, how do you make sure that you’re not just getting a random sample that kind of skews in the values perspective towards one thing? So then there a bunch of mechanisms like, okay, maybe one panel that’s randomly constituted decides on whether the board will take up a question or one of the issues, but then a separate random panel of the group actually does the decisions, so that way you eliminate some risk that any given panel is going to be too ideologically skewed. So there’s a bunch of things that I think we need to think through and work through, but the goal on this is to, over time, have it grow into something that can provide greater accountability and oversight to potentially more of the hard questions that we face, but I think it’s so high-stakes that starting with something that’s relatively defined is going to be the right way to go in the beginning. So regardless of the fact that I was unaware of the controversy around the legal point that I made a second ago, I do think in our case it makes sense to start with not having this group say what the policies are going to be, but just have there be– have it be able to say, “Hey, we think that you guys are on the wrong side on this, and maybe you should rethink where the policy is because we think you’re on the wrong side.” There’s one other thing that I think is worth calling out, which is in a typical kind of judicial analog, or at least here in the U.S., my understanding, is there’s the kind of appeal route to the independent board considering an issue, but I also think that we want to have an avenue where we as the company can also just raise hard issues that come up to the board without having– which I don’t actually know if there’s any mechanism for that.

Jonathan Zittrain: It’s called an advisory opinion.

Jonathan Zittrain: But under U.S. federal law, it’s not allowed because of Article III Case or Controversy requirement, but state courts do it all the time. You’ll have a federal court sometimes say– because it’s a federal court but it’s deciding something under state law. It’ll be like, “I don’t know, ask Florida.” And they’ll be like, “Hey Florida,” and then Florida is just Florida.

Mark Zuckerberg: Sure. So I think that–

Jonathan Zittrain: So you can do an advisory opinion.

Mark Zuckerberg: –that’ll end up being an important part of this too. We’re never going to be able to get out of the business of making frontline judgments. We’ll have the AI systems flag content that they think is against policies or could be, and then we’ll have people– this set of 30 thousand people, which is growing– that is trained to basically understand what the policies are. We have to make the frontline decisions, because a lot of this stuff needs to get handled in a timely way, and a more deliberative process that’s thinking about the fairness and the policies overall should happen over a different timeframe than what is often relevant, which is the enforcement of the initial policy. But I do think overall for a lot of the biggest questions, I just want to build a more independent process.

Jonathan Zittrain: Well, as you say, it’s an area with fractal complexity in the best of ways, and it really is terra incognito, and it’d be exciting to see how it might be built out. I imagine there’s a number of law professors around the world, including some who come from civil rather than common law jurisdictions, who are like, “This is how it works over here,” from which you could draw. Another lingering question would be– lawyers often have a bad reputation. I have no idea why. But they often are the glue for a system like this so that a judge does not have to be oracular or omniscient. There’s a process where the lawyer for one side does a ton of work and looks at prior decisions of this board and says, “Well, this is what would be consistent,” and the other lawyer comes back, and then the judge just gets to decide between the two, rather than having to just know everything. There’s a huge tradeoff here for every appealed content decision, how much do we want to build it into a case, and you need experts to help the parties, versus they each just sort of come before Solomon and say, “This kind of happened,” and– or Judge Judy maybe is a more contemporary reference.

Mark Zuckerberg: Somewhere between the two, yeah.

Jonathan Zittrain: Yeah. So it’s a lot of stuff– and for me, I both find myself– I don’t know if this is the definition of prurient– both excited by it and somewhat terrified by it, but very much saying that it’s better than a status quo, which is where I think you and I are completely agreeing, and maybe a model for other firms out there. So that’s the last question in this area that pops to my mind, which is: What part of what you’re developing at Facebook– a lot of which is really resource-intensive– is best thought of as a public good to be shared, including among basically competitors, versus, “That’s part of our comparative advantage and our secret sauce”? If you develop a particularly good algorithm that can really well detect fake news or spammers or bad actors– you’ve got the PhDs, you’ve got the processors– is that like, “In your face, Schmitter [ph?],” or is like, “We should have somebody that– some body– that can help democratize that advance”? And it could be the same to be said for these content decisions. How do you think about that?

Mark Zuckerberg: Yeah, so certainly the threat-sharing and security work that you just referenced is a good area where there’s much better collaboration now than there was historically. I think that that’s just because everyone recognizes that it’s such a more important issue. And by the way, there’s much better collaboration with governments now too on this, and not just our own here in the U.S., and law enforcement, but around the world with election commissions and law enforcement, because there’s just a broad awareness that these are issues and that–

Jonathan Zittrain: Especially if you have state actors in the mix as the adversary.

Mark Zuckerberg: Yes. So that’s certainly an area where there’s much better collaboration now, and that’s good. There’s still issues. For example, if you’re law enforcement or intelligence and you have developed a– “source” is not the right word– but basically if you’ve identified someone as a source of signals that you can watch and learn about, then you may not want to come to us and tell us, “Hey, we’ve identified that this state actor is doing this bad thing,” because then the natural thing that we’re going to want to do is make sure that they’re not on our system doing bad things, or that they’re not– either they’re not in the system at all or that we’re interfering with the bad things that they’re trying to do. So there’s some mismatch of incentives, but as you build up the relationships and trust, you can get to that kind of a relationship where they can also flag for you, “Hey, this is what we’re at.” So I just think having that kind of baseline where you build that up over time is helpful. And I think on security and safety is probably the biggest area of that kind of collaboration now, across all the different types of threats; not just election and democratic process type stuff, but any kind of safety issue. The other area where I tend to think about what we’re doing is– it should be open– is just technical infrastructure overall. I mean, that is probably a less controversial piece, but we open-source a lot of the basic stuff that runs our systems, and I think that that is a– that’s a contribution that I’m quite proud of that we do.

We have sort of pioneered this way of thinking about how people connect, and the data model around that is more of a graph, and the idea of graph database and a lot of the infrastructure for being able to efficiently access that kind of content I think is broadly applicable beyond the context of a social network.

When I was here as an undergrad, even though I wasn’t here for very long, I studied psychology and computer science, and to me– I mean, my grounding philosophy on this stuff is that basically people should be at the center of more of the technology that we build. I mean, one of the early things that I kind of recognized when I was a student was like– at the time, there were internet sites for finding almost anything you cared about, whether it’s books or music or news or information or businesses– but as people, we think about the world primarily in terms of other people, not in terms of other objects, not cutting things up in terms of content or commerce or politics or different things, but it’s like– the stuff should be organized around the connections that people have, where people are at the centerpiece of that, and one of the missions that I care about is over time just pushing more technology development in the tech industry overall to develop things with that mindset. I think– and this is a little bit of a tangentbut the way that our phones work today, and all computing systems, organized around apps and tasks is fundamentally not how people– how our brains work and how we approach the world. It’s not– so that’s one of the reasons why I’m just very excited longer-term about especially things like augmented reality, because it’ll give us a platform that I think actually is how we think about stuff. We’ll be able to bring the computational objects into the world but fundamentally we’ll be interacting as people around them. The whole thing won’t be organized around an app or a task; it’ll be organized around people, and that I think is a much more natural and human system for how our technology should be organized. So opensourcing all of that infrastructure– to do that, and enabling not just us but other companies to kind of get that mindset into more of their thinking and the technical underpinning of that, is just something that I care really deeply about.

Jonathan Zittrain: Well, this is nice, and this is bringing us in for our landing, because we’re talking about 10, 20, 30 years ahead. As a term of art, I understand augmented reality to mean, “I’ve got a visor”version 0.1 was Google Glass– something where I’m kind of out in the world but I’m literally online at the same time because there’s data coming at me in some– that’s what you’re talking about, correct?

Mark Zuckerberg: Yeah, although it really should be glasses like what you have. I think we’ll probablymaybe they’ll have to be a little bigger, but not too much bigger or else it would start to get weird.

Mark Zuckerberg: So I don’t think a visor is going to catch. I don’t think anyone is psyched about that feature.

Jonathan Zittrain: And anything involving surgery starts to sound a little bad too.

Mark Zuckerberg: No, no, we’re definitely focused on–

Mark Zuckerberg: –on external things. Although–

Jonathan Zittrain: Like, “Don’t make news, don’t make news, don’t make news.”

Mark Zuckerberg: No, no, no. Although we have showed this demo of basically can someone type by thinking, and of course when you’re talking about brain-computer interfaces, there’s two dimensions of that work. There’s the external stuff, and there’s the internal stuff, and invasive, and yes, of course if you’re actually trying to build things that everyone is going to use, you’re going to want to focus on the noninvasive things.

Jonathan Zittrain: Yes. Can you type by thinking?

Mark Zuckerberg: You can.

Jonathan Zittrain: It’s called a Ouija Board. No. But you’re subvocalizing enough or there’s enough of a read of–

Mark Zuckerberg: No, no, no. So there’s actually a bunch of the research here– there’s a question of throughput and how quickly can you type and how many bits can you express efficiently, but the basic foundation for the research is someone– a bunch of folks who are doing this research showed a bunch of people images– I think it was animals– so, “Here’s an elephant, here’s a giraffe”– while having kind of a net on their head, noninvasive, but shining light and therefore looking at the level of blood activity andjust blood flow and activity in the brain– trained a machine learning basically on what the pattern of that imagery looked like when the person was looking at different animals, then told the person to think about an animal, right? So think about– just pick one of the animals to think about, and can predict what the person was thinking about in broad strokes just based on matching the neural activity. So the question is, so you can use that to type.

Jonathan Zittrain: Fifth amendment implications are staggering.

Jonathan Zittrain: Sorry.

Mark Zuckerberg: Well, yes. I mean, presumably this would be something that someone would choose to use a product. I’m not– yeah, yeah. I mean, yes, there’s of course all the other implications, but yeah, I think that this is going to be– that’s going to be an interesting thing down the line.

Jonathan Zittrain: But basically your vision then for a future–

Mark Zuckerberg: I don’t know how we got onto that.

Jonathan Zittrain: You can’t blame me. I think you brought this up.

Mark Zuckerberg: I did, but of all the things that– I mean, this is exciting, but we haven’t even covered yet how we should talk about– tech regulation and all this stuff I figured we’d get into. I mean, we’ll be here for like six or seven hours. I don’t know how many days you want to spend here to talking about this, but–

Jonathan Zittrain: “We’re here at the Zuckerberg Center and hostage crisis.”

Jonathan Zittrain: “The building is surrounded.”

Mark Zuckerberg: Yeah. But I think a little bit on future tech and research is interesting too, so.

Jonathan Zittrain: Please.

Mark Zuckerberg: Yeah, we’re good.

Jonathan Zittrain: Oh, we did cover it, is what you’re saying.

Mark Zuckerberg: I mean, but going back to your question about what– if this is the last topic– what I’m excited about for the next 10 or 20 years– I do think over the long term, reshaping our computing platforms to be fundamentally more about people and how we process the world is a really fundamental thing. Over the nearer term– so call it five years– I think the clear trend is towards more private communication. If you look at all of the different ways that people want to share and communicate across the internet– but we have a good sense of the cross-strength, everything from one-on-one messages to kind of broadcasting publicly– the thing that is growing the fastest is private communication. Right?

So between WhatsApp and Messenger, and Instagram now, just the number of private messages– it’s about 100 billion a day through those systems alone, growing very quickly, growing much faster than the amount that people want to share or broadcast into a feed-type system. Of the type of broadcast content that people are doing, the thing that is growing by far the fastest is stories. Right?

So ephemeral sharing of, “I’m going to put this out, but I want to have a timeframe after which the data goes away.” So I think that that just gives you a sense of where the hub of social activity is going. It also is how we think about the strategy of the company. I mean, people– when we talk about privacy, I think a lot of the questions are often about privacy policies and legal or policy-type things, and privacy as a thing not to be breached, and making sure that you’re within the balance of what is good. But I actually think that there’s a much more– there’s another element of this that’s really fundamental, which is that people want tools that give them new contexts to communicate, and that’s also fundamentally about giving people power through privacy, not just not violating privacy, right? So not violating privacy is a backstop, but actually– you can kind of think about all the success that Facebook has had– this is kind of a counterintuitive thing– has been because we’ve given people new private or semi-private ways to communicate things that they wouldn’t have had before.

So thinking about Facebook as an innovator in privacy is certainly not the mainstream view, but going back to the very first thing that we did, making it so Harvard students could communicate in a way that they had some confidence that their content and information would be shared with only people within that community, there was no way that people had to communicate stuff at that scale, but not have it either be completely public or with just a small set of people before. And people’s desire to be understood and express themselves and be able to communicate with all different kinds of groups is, in the experience that I’ve had, nearly unbounded, and if you can give people new ways to be able to communicate safely and express themselves, then that is something that people just have a deep thirst and desire for.

So encryption is really important, because I mean, we take for granted in the U.S. that there’s good rule of law, and that the government isn’t too much in our business, but in a lot of places around the world, especially where WhatsApp is the biggest, people can’t take that for granted. So having it so that you really have confidence that you’re sharing something one-on-one and it’s not– and it really is one-on-one, it’s not one-on-one and the government there– actually makes it so people can share things that they wouldn’t be comfortable otherwise doing it. That’s power that you’re giving people through building privacy innovations.

Stories I just think is another example of this, where there are a lot of things that people don’t want as part of the permanent record but want to express, and it’s not an accident that that is becoming the primary way that people want to share with all of their friends, not putting something in a feed that goes on their permanent record. There will always be a use for that too– people want to have a record and there’s a lot of value that you can build around that– you can have longer-term discussions– it’s harder to do that around stories. There’s different value for these things. But over the next five years, I think we’re going to see all of social networking kind of be reconstituted around this base of private communication, and that’s something that I’m just very excited about. I think that that’s– it’s going to unlock a lot of people’s ability to express themselves and communicate things that they haven’t had the tools to do before, and it’s going to be the foundation for building a lot of really important tools on top of that too.

Jonathan Zittrain: That’s so interesting to me. I would not have predicted that direction for the next five years. I would have figured, “Gosh, if you already know with whom you want to speak, there are so many tools to speak with them,” some of which are end-to-end, some of which aren’t, some of which are rollyourown and open-source, and there’s always a way to try to make that easier and better, but that feels a little bit to me like a kind of crowded space, not yet knowing of the innovations that might lie ahead and means of communicating with the people you already know you want to talk to. And for that, as you say, if that’s where it’s at, you’re right that encryption is going to be a big question, and otherwise technical design so that if the law comes knocking on the door, what would the company be in a position to say.

This is the Apple iPhone Cupertino– sorry, San Bernardino case– and it also calls to mind will there be peer-to-peer implementations of the things you’re thinking about that might not even need the server at all, and it’s basically just an app that people use, and if it’s going to deliver an ad, it can still do that appside, and how much governments will abide it. They have not, for the most part, demanded technology mandates to reshape how the technology works. They’re just saying, “If you’ve got it”– in part you’ve got it because you want to serve ads– “we want it.” But if you don’t even have it, it’s been rare for the governments to say, “Well, you’ve got to build your system to do it.” It did happen with the telephone system back in the day. CALEA, the Communications Assistance to Law Enforcement Act, did have federal law in the United States saying, “If you’re in the business of building a phone network, AT&T, you’ve got to make it so we can plug in as you go digital,” and we haven’t yet seen those mandates in the internet software side so much. So we can see that coming up again. But it’s so funny, because if you’d asked me, I would have figured it’s encountering people you haven’t met before and interacting with them, for which all of the stuff about air traffic control of what goes into your feed and how much your stuff gets shared– all of those issues start to rise to the fore, and it gets me thinking about, “I ought to be able to make a feed recipe that’s my recipe, and fills it according to Facebook variables, but I get to say what the variables are.” But I could see that if you’re just thinking about people communicating with the people they already know and like, that is a very different realm.

Mark Zuckerberg: It’s not necessarily– it’s not just the people that you already know. I do think– we’ve really focused on friends and family for the last 10 or 15 years, and I think a big part of what we’re going to focus on now is around building communities in different ways and all the utility that you can build on top of, once you have a network like this in place. So everything from how people can do commerce better to things like dating, which is– a lot of dating happens on our services, but we haven’t built any tools specifically for that.

Jonathan Zittrain: I do remember the Facebook joint experiment– “experiment” is such a terrible wordstudy, by which one could predict when two Facebook members are going to declare themselves in a relationship, months ahead of the actual declaration. I was thinking some of the ancillary products were in-laws.

Mark Zuckerberg: That was very early. Yeah. So you’re right that a lot of this is going to be about utility that you can build on top of it, but a lot of these things are fundamentally private, right? So if you’re thinking about commerce, that people have a higher expectation for privacy, and the question is: Is the right context for that going to be around an app like Facebook, which is broad, or an app like Instagram?

I think part of it is– the discovery part of it, I think we’ll be very well served there– but then we’ll also transition to something that people want to be more private and secure. Anyhow, we could probably go on for many hours on this, but maybe we should save this for the Round 2 of this that we’ll do in the future.

Jonathan Zittrain: Indeed. So thanks so much for coming out, for talking at such length, for covering such a kaleidoscopic range of topics, and we look forward to the next time we see you.

Mark Zuckerberg: Yeah. Thanks.

Jonathan Zittrain: Thanks.

Powered by WPeMatico

Senator Warner calls on Zuckerberg to support market research consent rules

Posted by | Apps, Facebook, Facebook Policy, facebook privacy, facebook research, Government, mark warner, market research, Mobile, Policy, privacy, senate, Social, vpn | No Comments

In response to TechCrunch’s investigation of Facebook paying teens and adults to install a VPN that lets it analyze all their phone’s traffic, Senator Mark Warner (D-VA) has sent a letter to Mark Zuckerberg. It admonishes Facebook for not spelling out exactly which data the Facebook Research app was collecting or giving users adequate information necessary to determine if they should accept payment in exchange for selling their privacy. Following our report, Apple banned Facebook’s Research app from iOS and shut down its internal employee-only workplace apps too as punishment, causing mayhem in Facebook’s office.

Warner wrote to Zuckerberg, “In both the case of Onavo and the Facebook Research project, I have concerns that users were not appropriately informed about the extent of Facebook’s data-gathering and the commercial purposes of this data collection. Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me.”

Warner is working on writing new laws to govern data collection initiatives like Facebook Research. He asks Zuckerberg, “Will you commit to supporting legislation requiring individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users?”

Senator Blumenthal’s fierce statement

Meanwhile, Senator Richard Blumenthal (D-CT) provided TechCrunch with a fiery statement regarding our investigation. He calls Facebook anti-competitive, which could fuel calls to regulate or break up Facebook, says the FTC must address the issue and that he’s planning to work with congress to safeguard teens’ privacy:

“Wiretapping teens is not research, and it should never be permissible. This is yet another astonishing example of Facebook’s complete disregard for data privacy and eagerness to engage in anti-competitive behavior. Instead of learning its lesson when it was caught spying on consumers using the supposedly ‘private’ Onavo VPN app, Facebook rebranded the intrusive app and circumvented Apple’s attempts to protect iPhone users. Facebook continues to demonstrate its eagerness to look over everyone’s shoulder and watch everything they do in order to make money. 

Mark Zuckerberg’s empty promises are not enough. The FTC needs to step up to the plate, and the Onavo app should be part of its investigation. I will also be writing to Apple and Google on Facebook’s egregious behavior, and working in Congress to make sure that teens are protected from Big Tech’s privacy intrusions.”

Senator Markey says stop surveiling teens

And finally, Senator Edward J. Markey (D-MA) requests that Facebook stop recruiting teens for its Research program, and notes he’ll push his “Do Not Track Kids” act in Congress:

“It is inherently manipulative to offer teens money in exchange for their personal information when younger users don’t have a clear understanding how much data they’re handing over and how sensitive it is. I strongly urge Facebook to immediately cease its recruitment of teens for its Research Program and explicitly prohibit minors from participating. Congress also needs to pass legislation that updates children’s online privacy rules for the 21st century. I will be reintroducing my ‘Do Not Track Kids Act’ to update the Children’s Online Privacy Protection Act by instituting key privacy safeguards for teens. 

But my concerns also extend to adult users. I am alarmed by reports that Facebook is not providing participants with complete information about the extent of the information that the company can access through this program. Consumers deserve simple and clear explanations of what data is being collected and how it being used.”

The senators’ statements do go a bit overboard. Though Facebook Research was aggressively competitive and potentially misleading, Blumenthal calling it “anti-competitive” is a stretch. And Warner’s questioning on whether “any user reasonably understood that they were giving Facebook root device access through the enterprise certificate” or that it uses the data to track competitors oversteps the bounds. Surely some savvy technologists did, but the question is whether all the teens and everyone else understood.

Facebook isn’t the only one paying users to analyze all their phone data. TechCrunch found that Google had a similar program called Screenwise Meter. Though it was more upfront about it, Google also appears to have violated Apple’s employee-only Enterprise Certificate rules. We may be seeing the start to an industry-wide crack down on market research surveillance apps that dangle gift cards in front of users to get them to give up a massive amount of privacy.

Warner’s full letter to Zuckerberg can be found below:

Dear Mr. Zuckerberg: 

I write to express concerns about allegations of Facebook’s latest efforts to monitor user activity. On January 29th, TechCrunch revealed that under the auspices of partnerships with beta testing firms, Facebook had begun paying users aged 13 to 35 to install an enterprise certificate, allowing Facebook to intercept all internet traffic to and from user devices. According to subsequent reporting by TechCrunch, Facebook relied on intermediaries that often “did not disclose Facebook’s involvement until users had begun the signup process.” Moreover, the advertisements used to recruit participants and the “Project Disclosure” make no mention of Facebook or the commercial purposes to which this data was allegedly put.

This arrangement comes in the wake of revelations that Facebook had previously engaged in similar efforts through a virtual private network (VPN) app, Onavo, that it owned and operated. According to a series of articles by the Wall Street Journal, Facebook used Onavo to scout emerging competitors by monitoring user activity – acquiring competitors in order to neutralize them as competitive threats, and in cases when that did not work, monitor usage patterns to inform Facebook’s own efforts to copy the features and innovations driving adoption of competitors’ apps. In 2017, my staff contacted Facebook with questions about how Facebook was promoting Onavo through its Facebook app – in particular, framing the app as a VPN that would “protect” users while omitting any reference to the main purpose of the app: allowing Facebook to gather market data on competitors.

Revelations in 2017 and 2018 prompted Apple to remove Onavo from its App Store in 2018 after concluding that the app violated its terms of service prohibitions on monitoring activity of other apps on a user’s device, as well as a requirement to make clear what user data will be collected and how it will be used. In both the case of Onavo and the Facebook Research project, I have concerns that users were not appropriately informed about the extent of Facebook’s data-gathering and the commercial purposes of this data collection.

Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me. As you recall, I wrote the Federal Trade Commission in 2014 in the wake of revelations that Facebook had undertaken a behavioral experiment on hundreds of thousands of users, without obtaining their informed consent. In submitted questions to your Chief Operating Officer, Sheryl Sandberg, I once again raised these concerns, asking if Facebook provided for “individualized, informed consent” in all research projects with human subjects – and whether users had the ability to opt out of such research. In response, we learned that Facebook does not rely on individualized, informed consent (noting that users consent under the terms of the general Data Policy) and that users have no opportunity to opt out of being enrolled in research studies of their activity. In large part for this reason, I am working on legislation to require individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users. 

Fair, robust competition serves as an impetus for innovation, product differentiation, and wider consumer choice. For these reasons, I request that you respond to the following questions: 

1. Do you think any user reasonably understood that they were giving Facebook root device access through the enterprise certificate? What specific steps did you take to ensure that users were properly informed of this access? 

2. Do you think any user reasonably understood that Facebook was using this data for commercial purposes, including to track competitors?

3. Will you release all participants from the confidentiality agreements Facebook made them sign?

4. As you know, I have begun working on legislation that would require large platforms such as Facebook to provide users, on a continual basis, with an estimate of the overall value of their data to the service provider. In this instance, Facebook seems to have developed valuations for at least some uses of the data that was collected (such as market research). This further emphasizes the need for users to understand fully what data is collected by Facebook, the full range of ways in which it is used, and how much it is worth to the company. Will you commit to supporting this legislation and exploring methods for valuing user data holistically?

5. Will you commit to supporting legislation requiring individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users?

I look forward to receiving your responses within the next two weeks. If you should have any questions or concerns, please contact my office at 202-224-2023.

Powered by WPeMatico

Facebook pays teens to install VPN that spies on them

Posted by | Apps, Facebook, Facebook Policy, facebook privacy, facebook research, Facebook Teens, Mobile, Onavo, Policy, privacy, Social, vpn | No Comments

Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms.

Facebook admitted to TechCrunch it was running the Research program to gather data on usage habits, and it has no plans to stop.

Since 2016, Facebook has been paying users ages 13 to 35 up to $20 per month plus referral fees to sell their privacy by installing the iOS or Android “Facebook Research” app. Facebook even asked users to screenshot their Amazon order history page. The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.

Facebook’s Research app requires users to ‘Trust’ it with extensive access to their data

We asked Guardian Mobile Firewall’s security expert Will Strafach to dig into the Facebook Research app, and he told us that “If Facebook makes full use of the level of access they are given by asking users to install the Certificate, they will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed.” It’s unclear exactly what data Facebook is concerned with, but it gets nearly limitless access to a user’s device once they install the app.

The strategy shows how far Facebook is willing to go and how much it’s willing to pay to protect its dominance — even at the risk of breaking the rules of Apple’s iOS platform on which it depends. Apple could seek to block Facebook from continuing to distribute its Research app, or even revoke it permission to offer employee-only apps, and the situation could further chill relations between the tech giants. Apple’s Tim Cook has repeatedly criticized Facebook’s data collection practices. Facebook disobeying iOS policies to slurp up more information could become a new talking point. TechCrunch has spoken to Apple and it’s aware of the issue, but the company did not provide a statement before press time.

Facebook’s Research program is referred to as Project Atlas on sign-up sites that don’t mention Facebook’s involvement

“The fairly technical sounding ‘install our Root Certificate’ step is appalling,” Strafach tells us. “This hands Facebook continuous access to the most sensitive data about you, and most users are going to be unable to reasonably consent to this regardless of any agreement they sign, because there is no good way to articulate just how much power is handed to Facebook when you do this.”

Facebook’s surveillance app

Facebook first got into the data-sniffing business when it acquired Onavo for around $120 million in 2014. The VPN app helped users track and minimize their mobile data plan usage, but also gave Facebook deep analytics about what other apps they were using. Internal documents acquired by Charlie Warzel and Ryan Mac of BuzzFeed News reveal that Facebook was able to leverage Onavo to learn that WhatsApp was sending more than twice as many messages per day as Facebook Messenger. Onavo allowed Facebook to spot WhatsApp’s meteoric rise and justify paying $19 billion to buy the chat startup in 2014. WhatsApp has since tripled its user base, demonstrating the power of Onavo’s foresight.

Over the years since, Onavo clued Facebook in to what apps to copy, features to build and flops to avoid. By 2018, Facebook was promoting the Onavo app in a Protect bookmark of the main Facebook app in hopes of scoring more users to snoop on. Facebook also launched the Onavo Bolt app that let you lock apps behind a passcode or fingerprint while it surveils you, but Facebook shut down the app the day it was discovered following privacy criticism. Onavo’s main app remains available on Google Play and has been installed more than 10 million times.

The backlash heated up after security expert Strafach detailed in March how Onavo Protect was reporting to Facebook when a user’s screen was on or off, and its Wi-Fi and cellular data usage in bytes even when the VPN was turned off. In June, Apple updated its developer policies to ban collecting data about usage of other apps or data that’s not necessary for an app to function. Apple proceeded to inform Facebook in August that Onavo Protect violated those data collection policies and that the social network needed to remove it from the App Store, which it did, Deepa Seetharaman of the WSJ reported.

But that didn’t stop Facebook’s data collection.

Project Atlas

TechCrunch recently received a tip that despite Onavo Protect being banished by Apple, Facebook was paying users to sideload a similar VPN app under the Facebook Research moniker from outside of the App Store. We investigated, and learned Facebook was working with three app beta testing services to distribute the Facebook Research app: BetaBound, uTest and Applause. Facebook began distributing the Research VPN app in 2016. It has been referred to as Project Atlas since at least mid-2018, around when backlash to Onavo Protect magnified and Apple instituted its new rules that prohibited Onavo. [Update: Previously, a similar program was called Project Kodiak.] Facebook didn’t want to stop collecting data on people’s phone usage and so the Research program continued, in disregard for Apple banning Onavo Protect.

Facebook’s Research App on iOS

Ads (shown below) for the program run by uTest on Instagram and Snapchat sought teens 13-17 years old for a “paid social media research study.” The sign-up page for the Facebook Research program administered by Applause doesn’t mention Facebook, but seeks users “Age: 13-35 (parental consent required for ages 13-17).” If minors try to sign-up, they’re asked to get their parents’ permission with a form that reveal’s Facebook’s involvement and says “There are no known risks associated with the project, however you acknowledge that the inherent nature of the project involves the tracking of personal information via your child’s use of apps. You will be compensated by Applause for your child’s participation.” For kids short on cash, the payments could coerce them to sell their privacy to Facebook.

The Applause site explains what data could be collected by the Facebook Research app (emphasis mine):

“By installing the software, you’re giving our client permission to collect data from your phone that will help them understand how you browse the internet, and how you use the features in the apps you’ve installed . . . This means you’re letting our client collect information such as which apps are on your phone, how and when you use them, data about your activities and content within those apps, as well as how other people interact with you or your content within those apps. You are also letting our client collect information about your internet browsing activity (including the websites you visit and data that is exchanged between your device and those websites) and your use of other online services. There are some instances when our client will collect this information even where the app uses encryption, or from within secure browser sessions.”

Meanwhile, the BetaBound sign-up page with a URL ending in “Atlas” explains that “For $20 per month (via e-gift cards), you will install an app on your phone and let it run in the background.” It also offers $20 per friend you refer. That site also doesn’t initially mention Facebook, but the instruction manual for installing Facebook Research reveals the company’s involvement.

Facebook’s intermediary uTest ran ads on Snapchat and Instagram, luring teens to the Research program with the promise of money

 

Facebook seems to have purposefully avoided TestFlight, Apple’s official beta testing system, which requires apps to be reviewed by Apple and is limited to 10,000 participants. Instead, the instruction manual reveals that users download the app from r.facebook-program.com and are told to install an Enterprise Developer Certificate and VPN and “Trust” Facebook with root access to the data their phone transmits. Apple requires that developers agree to only use this certificate system for distributing internal corporate apps to their own employees. Randomly recruiting testers and paying them a monthly fee appears to violate the spirit of that rule.

Security expert Will Strafach found Facebook’s Research app contains lots of code from Onavo Protect, the Facebook-owned app Apple banned last year

Once installed, users just had to keep the VPN running and sending data to Facebook to get paid. The Applause-administered program requested that users screenshot their Amazon orders page. This data could potentially help Facebook tie browsing habits and usage of other apps with purchase preferences and behavior. That information could be harnessed to pinpoint ad targeting and understand which types of users buy what.

TechCrunch commissioned Strafach to analyze the Facebook Research app and find out where it was sending data. He confirmed that data is routed to “vpn-sjc1.v.facebook-program.com” that is associated with Onavo’s IP address, and that the facebook-program.com domain is registered to Facebook, according to MarkMonitor. The app can update itself without interacting with the App Store, and is linked to the email address PeopleJourney@fb.com. He also discovered that the Enterprise Certificate indicates Facebook renewed it on June 27th, 2018 — weeks after Apple announced its new rules that prohibited the similar Onavo Protect app.

“It is tricky to know what data Facebook is actually saving (without access to their servers). The only information that is knowable here is what access Facebook is capable of based on the code in the app. And it paints a very worrisome picture,” Strafach explains. “They might respond and claim to only actually retain/save very specific limited data, and that could be true, it really boils down to how much you trust Facebook’s word on it. The most charitable narrative of this situation would be that Facebook did not think too hard about the level of access they were granting to themselves . . . which is a startling level of carelessness in itself if that is the case.”

“Flagrant defiance of Apple’s rules”

In response to TechCrunch’s inquiry, a Facebook spokesperson confirmed it’s running the program to learn how people use their phones and other services. The spokesperson told us “Like many companies, we invite people to participate in research that helps us identify things we can be doing better. Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate. We don’t share this information with others and people can stop participating at any time.”

Facebook’s Research app requires Root Certificate access, which Facebook gather almost any piece of data transmitted by your phone

Facebook’s spokesperson claimed that the Facebook Research app was in line with Apple’s Enterprise Certificate program, but didn’t explain how in the face of evidence to the contrary. They said Facebook first launched its Research app program in 2016. They tried to liken the program to a focus group and said Nielsen and comScore run similar programs, yet neither of those ask people to install a VPN or provide root access to the network. The spokesperson confirmed the Facebook Research program does recruit teens but also other age groups from around the world. They claimed that Onavo and Facebook Research are separate programs, but admitted the same team supports both as an explanation for why their code was so similar.

Facebook’s Research program requested users screenshot their Amazon order history to provide it with purchase data

However, Facebook claim that it doesn’t violate Apple’s Enterprise Certificate policy is directly contradicted by the terms of that policy. Those include that developers “Distribute Provisioning Profiles only to Your Employees and only in conjunction with Your Internal Use Applications for the purpose of developing and testing”. The policy also states that “You may not use, distribute or otherwise make Your Internal Use Applications available to Your Customers” unless under direct supervision of employees or on company premises. Given Facebook’s customers are using the Enterprise Certificate-powered app without supervision, it appears Facebook is in violation.

Facebook disobeying Apple so directly could hurt their relationship. “The code in this iOS app strongly indicates that it is simply a poorly re-branded build of the banned Onavo app, now using an Enterprise Certificate owned by Facebook in direct violation of Apple’s rules, allowing Facebook to distribute this app without Apple review to as many users as they want,” Strafach tells us. ONV prefixes and mentions of graph.onavo.com, “onavoApp://” and “onavoProtect://” custom URL schemes litter the app. “This is an egregious violation on many fronts, and I hope that Apple will act expeditiously in revoking the signing certificate to render the app inoperable.”

Facebook is particularly interested in what teens do on their phones as the demographic has increasingly abandoned the social network in favor of Snapchat, YouTube and Facebook’s acquisition Instagram. Insights into how popular with teens is Chinese video music app TikTok and meme sharing led Facebook to launch a clone called Lasso and begin developing a meme-browsing feature called LOL, TechCrunch first reported. But Facebook’s desire for data about teens riles critics at a time when the company has been battered in the press. Analysts on tomorrow’s Facebook earnings call should inquire about what other ways the company has to collect competitive intelligence.

Last year when Tim Cook was asked what he’d do in Mark Zuckerberg’s position in the wake of the Cambridge Analytica scandal, he said “I wouldn’t be in this situation . . . The truth is we could make a ton of money if we monetized our customer, if our customer was our product. We’ve elected not to do that.” Zuckerberg told Ezra Klein that he felt Cook’s comment was “extremely glib.”

Now it’s clear that even after Apple’s warnings and the removal of Onavo Protect, Facebook is still aggressively collecting data on its competitors via Apple’s iOS platform. “I have never seen such open and flagrant defiance of Apple’s rules by an App Store developer,” Strafach concluded. If Apple shuts the Research program down, Facebook will either have to invent new ways to surveil our behavior amidst a climate of privacy scrutiny, or be left in the dark.

Additional reporting by Zack Whittaker.

Powered by WPeMatico

With trust destroyed, Facebook is haunted by old data deals

Posted by | Apps, BlackBerry, Facebook, facebook platform, Facebook Policy, facebook privacy, Mobile, Netflix, Social, Spotify, TC, Yahoo | No Comments

As Facebook colonized the rest of the web with its functionality in hopes of fueling user growth, it built aggressive integrations with partners that are coming under newfound scrutiny through a deeply reported New York Times investigationSome of what Facebook did was sloppy or unsettling, including forgetting to shut down APIs when it cancelled its Instant Personalization feature for other sites in 2014, and how it used contact syncing to power friend recommendations.

But other moves aren’t as bad as they sound. Facebook did provide Spotify and Netflix the ability to access users messages, but only so people could send friends songs or movies via Facebook messages without leaving those apps. And Facebook did let Yahoo and Blackberry access people’s News Feeds, but to let users browse those feeds within social hub features inside those apps. These partners could only access data when users logged in and connected their Facebook accounts, and were only approved to use this data to provide Facebook-related functionality. That means Spotify at least wasn’t supposed to be rifling through everyone’s messages to find out what bands they talk about so it could build better curation algorithms, and there’s no evidence yet that it did.

Thankfully Facebook has ditched most of these integrations, as the dominance of iOS and Android have allowed it to build fewer, more standardized, and better safeguarded access points to its data. And it’s battened down the hatches in some ways, forcing users to shortcut from Spotify into the real Facebook Messenger rather than giving third-parties any special access to offer Facebook Messaging themselves.

The most glaring allegation Facebook hasn’t adequately responded to yet is that it used data from Amazon, Yahoo, and Huawei to improve friend suggestions through People You May Know — perhaps its creepiest feature. The company needs to accept the loss of growth hacking trade secrets and become much more transparent about how it makes so uncannily accurate recommendations of who to friend request — as Gizmodo’s Kashmir Hill has documented.

In some cases, Facebook has admitted to missteps, with its Director of Developer Platforms and Programs Konstantinos Papamiltiadis writing “we shouldn’t have left the APIs in place after we shut down instant personalization.”

In others, we’ll have decide where to draw the line between what was actually dangerous and what gives us the chills at first glance. You don’t ask permission from friends to read an email from them on a certain browser or device, so should you worry if they saw your Facebook status update on a Blackberry social hub feature instead of the traditional Facebook app? Well that depends on how the access is monitored and meted out.

The underlying question is whether we trust that Facebook and these other big tech companies actually abided by rules to oversee and not to overuse data. Facebook has done plenty wrong, and after repeatedly failing to be transparent or live up to its apologies, it doesn’t deserve the benefit of the doubt. For that reason, I don’t want it giving any developer — even ones I normally trust like Spotify — access to sensitive data protected merely by their promise of good behavior despite financial incentives for misuse.

Facebook’s former chief security officer Alex Stamos tweeted that “allowing for 3rd party clients is the kind of pro-competition move we want to see from dominant platforms. For ex, making Gmail only accessible to Android and the Gmail app would be horrible. For the NY Times to try to scandalize this kind of integration is wrong.” But countered that by noting that “integrations that are sneaky or send secret data to servers controlled by others really is wrong.”

Even if Spotify and Netflix didn’t abuse the access Facebook provided, there’s always eventually a Cambridge Analytica. Tech companies have proven their word can’t necessarily be trusted. The best way to protect users is to properly lock down the platforms with ample vetting, limits, and oversight so there won’t be gray areas that require us to put our faith in the kindness of businesses.

Powered by WPeMatico

Facebook ends platform policy banning apps that copy its features

Posted by | Apps, Developer, Facebook, facebook platform, Facebook Policy, Mobile, Policy, Social, TC | No Comments

Facebook will now freely allow developers to build competitors to its features upon its own platform. Today Facebook announced it will drop Platform Policy section 4.1, which stipulates “Add something unique to the community. Don’t replicate core functionality that Facebook already provides.”

That policy felt pretty disingenuous given how aggressively Facebook has replicated everyone else’s core functionality, from Snapchat to Twitter and beyond. Facebook had previously enforced the policy selectively to hurt competitors that had used its Find Friends or viral distribution features. Apps like Vine, Voxer, MessageMe, Phhhoto and more had been cut off from Facebook’s platform for too closely replicating its video, messaging or GIF creation tools. Find Friends is a vital API that lets users find their Facebook friends within other apps.

The move will significantly reduce the risk of building on the Facebook platform. It could also cast it in a better light in the eyes of regulators. Anyone seeking ways Facebook abuses its dominance will lose a talking point. And by creating a more fair and open platform where developers can build without fear of straying too close to Facebook’s history or road map, it could reinvigorate its developer ecosystem.

A Facebook spokesperson provided this statement to TechCrunch:

We built our developer platform years ago to pave the way for innovation in social apps and services. At that time we made the decision to restrict apps built on top of our platform that replicated our core functionality. These kind of restrictions are common across the tech industry with different platforms having their own variant including YouTube, Twitter, Snap and Apple. We regularly review our policies to ensure they are both protecting people’s data and enabling useful services to be built on our platform for the benefit of the Facebook community. As part of our ongoing review we have decided that we will remove this out of date policy so that our platform remains as open as possible. We think this is the right thing to do as platforms and technology develop and grow.

The change comes after Facebook locked down parts of its platform in April for privacy and security reasons in the wake of the Cambridge Analytica scandal. Diplomatically, Facebook said it didn’t expect the change to impact its standing with regulators but it’s open to answering their questions.

Earlier in April, I wrote a report on how Facebook used Policy 4.1 to attack competitors it saw gaining traction. The article, “Facebook shouldn’t block you from finding friends on competitors,” advocated for Facebook to make its social graph more portable and interoperable so users could decamp to competitors if they felt they weren’t treated right in order to coerce Facebook to act better.

The policy change will apply retroactively. Old apps that lost Find Friends or other functionality will be able to submit their app for review and, once approved, will regain access.

Friend lists still can’t be exported in a truly interoperable way. But at least now Facebook has enacted the spirit of that call to action. Developers won’t be in danger of losing access to that Find Friends Facebook API for treading in its path.

Below is an excerpt from our previous reporting on how Facebook has previously enforced Platform Policy 4.1 that before today’s change was used to hamper competitors:

  • Voxer was one of the hottest messaging apps of 2012, climbing the charts and raising a $30 million round with its walkie-talkie-style functionality. In early January 2013, Facebook copied Voxer by adding voice messaging into Messenger. Two weeks later, Facebook cut off Voxer’s Find Friends access. Voxer CEO Tom Katis told me at the time that Facebook stated his app with tens of millions of users was a “competitive social network” and wasn’t sharing content back to Facebook. Katis told us he thought that was hypocritical. By June, Voxer had pivoted toward business communications, tumbling down the app charts and leaving Facebook Messenger to thrive.
  • MessageMe had a well-built chat app that was growing quickly after launching in 2013, posing a threat to Facebook Messenger. Shortly before reaching 1 million users, Facebook cut off MessageMe‘s Find Friends access. The app ended up selling for a paltry double-digit millions price tag to Yahoo before disintegrating.
  • Phhhoto and its fate show how Facebook’s data protectionism encompasses Instagram. Phhhoto’s app that let you shoot animated GIFs was growing popular. But soon after it hit 1 million users, it got cut off from Instagram’s social graph in April 2015. Six months later, Instagram launched Boomerang, a blatant clone of Phhhoto. Within two years, Phhhoto shut down its app, blaming Facebook and Instagram. “We watched [Instagram CEO Kevin] Systrom and his product team quietly using PHHHOTO almost a year before Boomerang was released. So it wasn’t a surprise at all . . . I’m not sure Instagram has a creative bone in their entire body.”
  • Vine had a real shot at being the future of short-form video. The day the Twitter-owned app launched, though, Facebook shut off Vine’s Find Friends access. Vine let you share back to Facebook, and its six-second loops you shot in the app were a far cry from Facebook’s heavyweight video file uploader. Still, Facebook cut it off, and by late 2016, Twitter announced it was shutting down Vine.

Powered by WPeMatico

Facebook must police Today In, its local news digest launching in 400 cities

Posted by | Apps, Facebook, Facebook Fake News, Facebook Journalism Project, Facebook Local News, Facebook News Feed, Facebook Policy, Facebook Today In, Government, Media, Mobile, Policy, Social, TC | No Comments

Facebook has a new area of its app it will have to police for fake news and biased sensationalism. Facebook is launching “Today In”, its local news aggregator it began testing in January, in 400 small to medium-sized US cities. It’s also now testing it in its first overseas spot in Australia. iOS and Android users can open the Today In bookmark or opt in to getting digests of its local news in their feed. The feature includes previews that link out to news sites about top headlines, current discussions, school announcements and more.

“We have a number of misinformation filters in place to ensure that fake news and clickbait does not surface on Today In. We also provide people the ability to report suspicious content on Facebook and within Today In specifically” a Facebook spokesperson tells me. “The misinformation filters are the same across Facebook that we’ve previously talked about – downranking clickbait, ratings from third-party fact checkers” they said. However, “the content in the surface is pulled by algorithm”, so there’s always a chance that problematic content slips through. For now, there will be no ads in Today In.

 

 

Facebook is also now testing Local Alerts with 100 local government and first responder Pages that can be issued to inform citizens about urgent issues or emergencies, such as where to take shelter from a hurricane. The Local Alerts are delivered via News Feed, Today In, and Pages can also target users with notifications about them. Again, while Facebook may be vetting which Pages get access to the Local Alerts feature, it must closely monitor to make sure they’re using it to provide vital info to their communities rather than just grab traffic at sensitive moments.

Facebook is hoping to fill a void after surveys found 50 percent of users wanted more local news through Facebook. It previously tested Today In with New Orleans, La.; Little Rock, Ark.; Billings, Mont.; Peoria, Ill.; Olympia, Wash.; and Binghamton, N.Y. The feature could give local outlets a referral traffic boost that could help offset the fact that Facebook has drained ad dollars from journalism into its own News Feed ads. And to make sure “news deserts” without enough local outlets still have robust Today In sections, Facebook will collect headlines from surrounding areas.

But the launch also opens up a new vector for policy issues, and it’s curious that Facebook would push forward on this given all its policy troubles as of late. It will have to ensure that Today In only aggregates content from reliable and fact-focused local outlets and doesn’t end up peddling fake news. But that in turn could open it to criticism suggesting it’s biased against fringe political outlets that believe their clickbait is the real story.

Users who want to check if they have access to Today In can visit this interactive map. The list includes Facebook’s hometown of Menlo Park and nearby Oakland, but not San Francisco. It’s also skipping big cities like New York and Washington, D.C. in favor of places like Mobile, Alabama; and Provo, Utah.

To find the mobile-only feature in Facebook (there’s no desktop version), users will hit the three-line “More” hamburger button and scroll down looking for “Today In [their city]”. Otherwise, they may stumble across one of its digests showing the headlines, thumbnail images, and publications for three of the biggest local news stories.

After tapping through or opening the Today In bookmark, they’ll be able to horizontally swipe through different sections like In The News that features recent stories and can be toggled to display sports. As per usual, Facebook isn’t above promoting its own content, like user and Page News Feed posts discussing local topics, Groups you could join, or Events you could RSVP to. Once you hit the end of a daily edition, you’ll see a “You’re all caught up” notice, similar to Instagram’s feature designed to keep you from over-scrolling.

Facebook infamously turned away from news in favor of content from friends at the start of 2018, precipitating a significant decline in News Feed reach and referral traffic for links to articles. That left a lot of outlets feeling burned, as many had staffed up thanks to the that flow of traffic and the ad dollars it generated. Now some are having to lay off journalists, especially those making video content that Facebook also dialed down.

By resurfacing local news, Facebook could help strengthen ties in local communities as part of its new mission statement to “bring the world closer together”. But if that news contains heavy partisan bias or hypes up nothingburgers, it could lead to more polarization. Facebook already has trouble finding enough third-party fact checkers to verify viral news stories. Now it may expose itself to even more liability to be the arbiter of truth now that it’s fragmented the news space into hundreds of distinct digests.

This conundrum will play out again and again. Facebook wants to keep pushing forward with product launches it thinks can help society, but it in turn takes on even greater responsibility to protect us that it hasn’t proven it deserves.

Powered by WPeMatico