At least acknowledge and respect what FB is doing here. Over the past month, everyone here was up in arms on how FB was collecting their data from 3rd party sites and there is no easy way to opt out or delete it. Now you have a way to do exactly that.
You can't have it both ways. FB is collecting data to target better ads but they are also providing much stronger controls for users to control what data you want to share. FB could've not done this (at least outside Europe) but chose to do it.
As a contrary example, look at Google or Twitter. They also have to follow GDPR guidelines wrt data erasure from 3rd party sites/apps. THey aren't choosing to offer this functionality outside Europe when, at least in the case of Google, they probably more data than Facebook.
So please acknowledge this effort from Facebook rather than staying on your high horse and being cynical about everything.
It would be so much easier to not be cynical if FB did this more than a month prior to the GDPR deadline.
BTW, picking Google as your example was bad - you could download, remove, modify your Google data since ... basically forever, I think; now that option is in "My Account" - "Personal Info & Privacy", but I remember it being there long ago; I actually did a data science course a few years back where the participants downloaded & explored their own personal information, so I'm quite certain this is not a new feature.
Thank you, Facebook, for not restricting this feature you were legally required to implement to only the users you were legally required to offer it to. That sound better?
But only if you had a google account. No deleting your shadow profile User:1239875742, that feature is reserved only for those willing to give us their phone number.
Is there any evidence that Google has a shadow profile for people? I know that it was revealed that Facebook did/does and everyone assumed that Google probably does too but I don't think I've ever seen evidence that this is the case.
Disclosure: I work for Google, but I'm genuinely curious. I've seen no evidence of "shadow profiles" but it is a big company so I couldn't say for sure one way or another.
When they launched Wave there were reports of all kinds of chaos because people were automatically added. I don't remember if this was a case of "oh, you had this contact? We'll add them to your friends automatically." or those people crossed some classification threshold, but there were cases of stalkers and abusive exes being added without permission.
I think the chances that Google had some type of profiling system for non users is well above 80%.
Post-GDPR both companies will be required to. GDPR entitles European citizens to go dynamite fishing by sending companies requests to delete any data that is identifiable as being associated with that citizen.
You have to identify yourself to make the request, but the process should be self healing because they are then required to also delete the PII in your request to delete your PII (unless it's required for regulatory reasons, but this applies more to banks than google or facebook).
And before that we were already entitled to request that data, which FB "respectfully" dragged their heels over when people actually tried to use that right.
It's exactly this setting of low expectations from tech companies that work with billions of user's data that has taken us to where we are.
A majority of Facebook user's aren't'techies'. It was Facebook's responsibility to make such features available/easy to access in the first place. It shouldn't have to be a legal requirement. Google/Twitter doing or not doing it doesn't have anything to do with it.
But now they are offering this delete feature. What do you want them to do? Shut down the company because of the mistakes they committed in the past?
Also, Google and Twitter are relevant here since they are collecting 3rd party data and not offering this delete functionality. But no one is taking that up. Sometimes I wonder if this is really about privacy or just about Facebook.
> But now they are offering this delete feature. What do you want them to do? Shut down the company because of the mistakes they committed in the past?
This is indeed what happens to companies that cannot comply with the law because of mistakes committed in the past, yes.
> Over the past month, everyone here was up in arms on how FB was collecting their data from 3rd party sites and there is no easy way to opt out or delete it. Now you have a way to do exactly that.
You mean collecting data FOR third parties for profit and the impact of these tactics of misinformation had real impacts. There is not much to "respect" Facebook for given what (little) we know now.
You're conflating healthy skepticism with being cynical.
>So please acknowledge this effort from Facebook rather than staying on your high horse and being cynical about everything.
Please acknowledge FB fundamentally doesn't operate with our best interests in mind and this is why the default attitude to the company should be one of being skeptical and cautious.
You can defend however you want. The original comment was a snark and the way it was written clearly showered cynicism when I read it.
>Please acknowledge FB fundamentally doesn't operate with our best interests in mind and this is why the default attitude to the company should be one of being skeptical and cautious.
No I will not acknowledge this. Personally, I like that FB ads are well targeted, that I am able to discover new content, and also the fact that I am able to keep in touch with a number of my friends (who otherwise I wouldn't have) because of it. This is your opinion and you are totally entitled to it.
> No I will not acknowledge this. Personally, I like that FB ads are well targeted
That's cute but as far as I can tell from your comment history, you don't even live in the EU, you don't get to speak for us (I only looked because I didn't want to assume). The laws in the USA must be just to your liking, because for at least the past month, you seem to have been doing nothing but arguing for data collection overreach and against privacy, while simultaneously playing the "what about Google/Twitter/FB/the other one" card.
A terrorist takes a hostage, and a cop asks the terrorist not to kill the hostage and allows the terrorist to keep causing terror insofar as it doesn't involve killing hostages, and the terrorist doesn't kill the hostage, and the hostage is grateful with the terrorist for not having killed him even when he is kept hostage.
This effort doesn't need to be acknowledged, just like it doesn't need to be acknowledged if you stop for a red light. It's something you should do, nothing more.
How do you know? Did you see the source code? For all I know they can clear it in user-facing UX only but keep it secretly on servers in international waters or wherever and use it batch-wise to compute stuff about you, including sharing it with 3rd parties you wouldn't want to be ever involved with. Those 3rd parties then can use FB Cayman Islands or a similar branch to get dirty data. Do you think all those intelligence and society-engineering think tanks would be happy losing their main source of data and won't try to find a way to continue doing it?
Oh yeah, like if what we learned in the past 6 years about what was going on wasn't sufficient to beat our wildest fears... If something could be done, it is being done by somebody already.
> FB could've not done this (at least outside Europe) but chose to do it.
Could they, really ? Would it have made a difference ? You can just log in, change your location to a European country and then delete everything.
> As a contrary example, look at Google or Twitter. They also have to follow GDPR guidelines wrt data erasure from 3rd party sites/apps. THey aren't choosing to offer this functionality outside Europe when, at least in the case of Google, they probably more data than Facebook.
Again, change your location and just delete it anyway. Do you expect them to ask for proof of residence ?
Possibly. They’ve asked people for images of their IDs before, supposedly to prove they are not using a pseudonym. I wouldn’t be surprised if they asked you to confirm your location for something drastic and not-desired-by-fb such as account and data deletion.
They will not ask for location like that, because it wouldn't make a difference - EU citizens in a non-EU part of the world still have the rights outlined in the GDPR.
Clarification beforehand: I'm not mad at you, I'm mad at Facebook.
Why the hell do I need to respect Facebook? What respectful thing have they done? You say it as if they have some kind of right to be respected for having to be dragged into following the EU rules on privacy.
Do you remember how much shit they pulled when people tried to use the EU rights we already had before the GDPR? You know the thing where you ask a business for a full report on all the personal data they have on you?
FB was dragging its heels in the sand over that, because ooohh it was too impractical because they had too much fucking data. Well guess what, having way too much data on their user profiles is on them. That is exactly why those laws exist, to deter corporations from collecting ridiculous amounts of data they can't fully inform their users about. Those rules existed already when they started collecting the data and they did it regardless of knowing that they could never comply to the law. Tried to make a big sad show about it when someone called them on it: "look at these gigantic stacks of dead tree paper, are we supposed to mail them to anyone who just requests them?", no you fucks, you should've never let those stacks grow this huge in the first place.
For years, they've knowingly gone way WAY too far in collecting private data from Europeans, and now they're getting burned for that. People, also here on HN, have been pointing out years ago already that existing EU regulations about privacy, let alone these regulations that have been looming on the horizon, when these regulations will be enacted they are going to hurt like hell for FB.
Unlike human rights to life and freedom etc, there's no corporate right to exist as a business.
They could have prepared by taking a good look at themselves, realizing they were collecting way too much data to ever comply to the spirit of the EU regulations, which was pretty damn clearly past any sort of reasonable. But they did nothing to limit the amount of data they were collecting, instead they amped it up! They took that gamble, keep doing what we're doing and hope we'll get away with it. And isn't it crazy how in a functioning regulatory system, when corporations keep sidestepping it, we tend to update the letter of the law to reflect the spirit of it? Sucks for FB, but they already chose the non-respectable route quite a few years ago.
FB did nothing except try to push back when called on it, instead of respectfully listening. Only now, with the GDPR and the fire to their heels, you see them trying all the wrong things. They don't get points for trying any more. They could have, had they tried when the warnings were just warnings. But when the warnings turn law, you're gonna get burned. They should be burning their data centres.
There's no "damned if you do, damned if you don't", there's only a "damned if you keep the data around that prohibits you from following the law".
And now they're forced to play by the rules. Barely. They don't get any respect for that, they get a "well at least you seem to play by the rules NOW" for that. Respect is earned by acting upon that spirit for years, not by grudgingly doing it once.
Even in the linked article, Zuckerberg admits himself, he only learned to listen last week when he was dragged to testify to congress. "Respectfully", that's way too late and FB deserves to go the way of MySpace over that.
There's also some stipulations in the GDPR about having to provide clearly worded language about how they use your data. Except the language I've seen so far is very passive aggressive and emotionally manipulative as hell. It's partially a cultural thing, American customers don't seem to mind being talked down to by businesses (unless you tip them?). And you still have to translate Termsofserviceolese to human language to make any sense of it (even then, I still don't understand all of their wording).
This is on them. They're trying to defend the indefensible. Just asking the users "do you want us to sell your data to advertisers? (click here to read more) YES/NO", nobody needs to read more, and everyone who does, still clicks NO.
They're also supposed to provide clear and easy-to-use controls to control how your private data is used. Except they CAN'T provide these because they've been collecting WAY too much data on you all to EVER be able to provide a clear interface for a single person to manage it. Fact is, the controls are NOT easy to use. They just aren't. Because it's too much channels, data and ways it is sold to whoever. Again this is a hard, near-impossible problem they brought down on themselves. They're not too big to fail.
About the manipulative language I mentioned above; I don't have a FB account myself but I read along with my girlfriends' pop up dialog about "new ways to choose about what data we collect or something", that everybody gets. I simply can't respect any corporation that thinks it can talk down to me like that. The way that piece of garbage was worded was disrespectful as fuck. You know how they tried to guilt-trip her into not disabling face detection?
Repeating, several times, that if she disabled it, it was her fault if blind people couldn't use FB because they wouldn't know about photos she appears in but wasn't tagged in. I gotta give it to Facebook, that is a most creative way to put a positive spin on the word "panopticon".
The other reasoning was threatening her that people would use her photos and likeness to impersonate her if she dared to disable face recognition. Again, repeated multiple times throughout the dialog. Fuck you, Facebook.
I'll respect FB when I hear from my girlfriend that she got a similarly threatening dialog warning her about privacy implications and advising to try to use this Clear History at least once, nagging a few times perhaps. Just to say "we may be passive aggressive emotionally manipulative dicks in our communication, but at least we're respectfully balanced about it". But I don't think regular users are going to get a dialog presenting the existence of this feature at all.
And in the linked article, Zuckerberg warns you that if you clear your "FB history" they will make FB experience worse. They don't have to, but he makes it sounds like they do. The comparison to browser cookies is disgustingly disingenuous: People disable browser cookies mainly because they allow bad actors to do bad things, and have to weigh this against good websites using the same technology for benign purposes. But in this case, there is only ONE actor, Facebook, and it's doing both things. It's not like there's a "bad Facebook" that Zuckerberg can't control (well, unless there is, in which case we definitely should shut the whole thing down).
At least acknowledge and respect what FB is doing here. Over the past month, everyone here was up in arms on how FB was collecting their data from 3rd party sites and there is no easy way to opt out or delete it. Now you have a way to do exactly that.
You can't have it both ways. FB is collecting data to target better ads but they are also providing much stronger controls for users to control what data you want to share. FB could've not done this (at least outside Europe) but chose to do it.
As a contrary example, look at Google or Twitter. They also have to follow GDPR guidelines wrt data erasure from 3rd party sites/apps. THey aren't choosing to offer this functionality outside Europe when, at least in the case of Google, they probably more data than Facebook.
So please acknowledge this effort from Facebook rather than staying on your high horse and being cynical about everything.