Home / News & Analysis / A brief history of Facebook’s privacy hostility ahead of Zuckerberg’s testimony

A brief history of Facebook’s privacy hostility ahead of Zuckerberg’s testimony

The Facebook founder will be questioned by the Senate Judiciary and Senate Commerce Committees later today — in a session entitled “Facebook, Social Media Privacy, and the Use and Abuse of Data.”

Mark Zuckerberg is also due to testify before Congress on Wednesday — to be asked about the company’s use and protection of user data.

As we’ve pointed out already, his written testimony is pretty selective and self-serving in terms of what he does and doesn’t include in his version of events.

Indeed, in the face of the snowballing Cambridge Analytica data misuse scandal, the company’s leadership (see also: Sheryl Sandberg) has been quick to try to spin an idea that it was simply too “idealistic and optimistic” — and that ‘bad actors’ exploited its surfeit of goodwill.

This of course is pure fiction.

Facebook’s long history of privacy hostility should make that plain to any thinking person. As former FTC director David Vladeck wrote earlier this month: “Facebook can’t claim to be clueless about how this happened. The FTC consent decree put Facebook on notice.”

To be clear, that’s the 2011 FTC consent decree — ergo, a major regulatory privacy sanction that Facebook incurred well over six years ago.

Every Facebook privacy screw up since is either carelessness or intention.

Vladeck’s view is that Facebook’s actions were indeed calculated. “All of Facebook’s actions were calculated and deliberate, integral to the company’s business model, and at odds with the company’s claims about privacy and its corporate values,” he argues.

So we thought it would be helpful to compile an alternative timeline ahead of Zuckerberg’s verbal testimony, highlighting some curious details related to the Cambridge Analytica data misuse scandal — such as why Facebook hired (and apparently still employs) the co-director of the company that built the personality quiz app that “improperly shared” so much Facebook data with the controversial company — as well as detailing some of its other major privacy missteps over the years.

There are A LOT of these so forgive us if we’ve missed anything — and feel free to put any additions in the comments.

Facebook: An alternative timeline

February 2004 — Facebook is launched by Harvard College student Mark Zuckerberg

September 2006 — Facebook launches News Feed, broadcasting the personal details of Facebook users — including relationship changes — without their knowledge or consent. Scores of users protest at the sudden privacy intrusion. Facebook goes on to concede: “We really messed this one up… we did a bad job of explaining what the new features were and an even worse job of giving you control of them.”

November 2007 — Facebook launches a program called Beacon, injecting personal information such as users’ online purchases and video rentals on third party sites into the News Feed without their knowledge or consent. There’s another massive outcry — and a class action lawsuit is filed. Facebook eventually pays $9.5M to settle the lawsuit. It finally shutters the controversial program in 2009

May 2008 — a complaint is filed with the Privacy Commissioner of Canada concerning the “unnecessary and non-consensual collection and use of personal information by Facebook”. The following year the company is found to be “in contravention” of the country’s Personal Information Protection and Electronic Documents Act. Facebook is told to make changes to its privacy policy and tools — but the Commissioner is still expressing concerns at the end of 2009

February 2009 — Facebook revises its terms of service to state that users can’t delete their data when they leave the service and there’s another outcry. Backpeddling furiously in a subsequent conference call, Zuckerberg says: “We do not own user data, they own their data. We never intended to give that impression and we feel bad that we did”

November & December 2009 — Facebook again revises its privacy policy and the privacy settings for users and now, in a fell swoop, it makes a range of personal information public by default — available for indexing on the public web. We describe this as a privacy fiasco. Blogging critically about the company’s actions, the EFF also warns: “Major privacy settings are now set to share with everyone by default, in some cases without any user choice”

December 2009 — a complaint (and supplementary complaint) is filed by EPIC with the FTC about Facebook’s privacy settings and privacy policy, with the coalition of privacy groups asserting these are inconsistent with the site’s information sharing practices, and that Facebook is misleading users into believing they can still maintain control over their personal information. The FTC later writes a letter saying the complaint “raises issues of particular interest for us at this time”

April 2010 — four senators call on Facebook to change its policies after it announces a product called Instant Personalization — which automatically hands over some user data to certain third-party sites as soon as a person visits them. The feature has an opt-out but Facebook users are default opted in. “[T]his class of information now includes significant and personal data points that should be kept private unless the user chooses to share them,” the senators warn

May 2010 — following another user backlash against settings changes Facebook makes changes to its privacy controls yet again. “We’re really going to try not to have another backlash,” says Facebook’s VP of product Chris Cox. “If people say they want their stuff to be visible to friends only, it will apply to that stuff going forward”

May 2010 — EPIC complains again to the FTC, requesting an investigation. The watchdog quietly begins an investigation the following year

May 2010 — Facebook along with games developer Zynga is reported to the Norwegian data protection agency. The complaint focuses on app permissions, with the Consumer Council warning about “unreasonable and unbalanced terms and conditions”, and how Facebook users are unwittingly granting permission for personal data and content to be sold on

June 2011 — EPIC files another complaint to the FTC, focused on Facebook’s use of facial recognition technology to automatically tag users in photos uploaded to its platform

August 2011 — lawyer and privacy campaigner Max Schrems files a complaint against Facebook Ireland flagging its app permissions data sinkhole. “Facebook Ireland could not answer me which applications have accessed my personal data and which of my friends have allowed them to do so,” he writes. “Therefore there is practically no way how I could ever find out if a developer of an application has misused data it got from Facebook Ireland in some way”

November 2011 — Facebook settles an eight-count FTC complaint over deceptive privacy practices, agreeing to make changes opt-in going forward and to gain express consent from users to any future changes. It must also submit to privacy audits every two years for the next 20 years; bar access to content on deactivated accounts; and avoid misrepresenting the privacy or security of user data. The settlement with the FTC is finalized the following year. Facebook is not fined

December 2011 — Facebook agrees to make some changes to how it operates internationally following Schrems’ complaint leading to an audit of its operations by the Irish Data Protection Commission

September 2012 — Facebook turns off an automatic facial recognition feature in Europe following another audit by Ireland’s Data Protection Commission. The privacy watchdog also recommends Facebook tightens app permissions on its platform, including to close down developers’ access to friends data

May 2014 — Facebook finally announces at its developer conference that it will be shutting down an API that let developers harvest users’ friends data without their knowledge or consent, initially for new developer users — giving existing developers a year-long window to continue sucking this data

May 2014 — Facebook only now switches off the public default for users’ photos and status updates, setting default visibility to ‘friends’

May 2014 — Cambridge University professor Aleksandr Kogan runs a pilot of a personality test app (called thisisyourdigitallife) on Facebook’s platform with around 10,000 users. His company, GSR, then signs a data-licensing contract with political consultancy Cambridge Analytica, in June 2014, to supply it with psychological profiles linked to US voters. Over the summer of 2014 the app is downloaded by around 270,000 Facebook users and ends up harvesting personal information on as many as 87 million people — the vast majority of whom would have not known or consented to data being passed

February 2015 — a highly critical report by Belgium’s data watchdog examining another updated Facebook privacy policy asserts the company is breaching EU privacy law including by failing to obtain valid consent from users for processing their data

May 2015 — Facebook finally shutters its friends API for existing developers such as Kogan — but he has already been able to use this to suck out and pass on a massive cache of Facebook data to Cambridge Analytica

June 2015 — the Belgian privacy watchdog files a lawsuit against Facebook over the tracking of non-users via social plugins. Months later the court agrees. Facebook says it will appeal

November 2015Facebook hires Joseph Chancellor, the other founding director of GSR, to work as a quantitative social psychologist. Chancellor is still listed as a UX researcher at Facebook Research

December 2015 — the Guardian publishes a story detailing how the Ted Cruz campaign had paid UK academics to gather psychological profiles about the US electorate using “a massive pool of mainly unwitting US Facebook users built with an online survey”. After the story is published Facebook tells the newspaper it is “carefully investigating this situation” regarding the Cruz campaign

February 2016 — the French data watchdog files a formal order against Facebook, including for tracking web browsing habits and collecting sensitive user data such as political views without explicit consent

August 2016 — Facebook-owned WhatsApp announces a major privacy U-turn, saying it will start sharing user data with its parent company — including for marketing and ad targeting purposes. It offers a time-bound opt-out for the data-sharing but pushes a pre-ticked opt-in consent screen to users

November 2016 — facing the ire of regulators in Europe Facebook agrees to suspend some of the data-sharing between WhatsApp and Facebook (this regional ‘pause’ continues to this day). The following year the French data watchdog also puts the company on formal warning that data transfers it is nonetheless carrying out — for ‘business intelligence’ purposes — still lack a legal basis

November 2016 — Zuckerberg describes the idea that fake news on Facebook’s platform could have influenced the outcome of the US election as “a pretty crazy idea” — a comment he later describes as flippant and a mistake

May 2017 –– Facebook is fined $122M in Europe for providing “incorrect or misleading” information to competition regulators who cleared its 2014 acquisition of WhatsApp. It had told them it could not automatically match user accounts between the two platforms, but two years later announced it would indeed be linking accounts

September 2017Facebook is fined $1.4M by Spain’s data watchdog, including for collecting data on users ideology and tracking web browsing habits without obtaining adequate consent. Facebook says it will appeal

October 2017 — Facebook says Russian disinformation distributed via its platform may have reached as many as 126 million Facebook users — upping previous estimates of the reach of ‘fake news’. It also agrees to release the Russian ads to Congress, but refuses to make them public

February 2018 — Belgian courts again rule Facebook’s tracking of non-users is illegal. The company keeps appealing

March 2018the Guardian and New York Times publish fresh revelations, based on interviews with former Cambridge Analytica employee Chris Wylie, suggesting as many as 50M Facebook users might have had their information passed to Cambridge Analytica without their knowledge or consent. Facebook confirms 270,000 people downloaded Kogan’s app. It also finally suspends the account of Cambridge Analytica and its affiliate, SCL, as well as the accounts of Kogan and Wylie

March 21, 2018 — Zuckerberg gives his first response to the revelations about how much Facebook user data was passed to Cambridge Analytica — but omits to explain why the company delayed investigating

March 2018 — the FTC confirms it is (re)investigating Facebook’s privacy practices in light of the Cambridge Analytica scandal and the company’s prior settlement. Facebook also faces a growing number of lawsuits

March 2018 — Facebook outs new privacy controls, as part of its compliance with the EU’s incoming GDPR framework, consolidating settings from 20 screens to just one. However it will not confirm whether all privacy changes will apply for all Facebook users — leading to a coalition of consumer groups to call for a firm commitment from the company to make the new standard its baseline for all services

April 2018 — the UK’s data watchdog confirms Facebook is one of 30 companies it’s investigating as part of an almost year-long probe into the use of personal data and analytics for political targeting

April 2018 — Facebook announces it has shut down a swathe of Russian troll farm accounts

April 2018 — Zuckerberg agrees to give testimony in front of US politicians — but continues to ignore calls to appear before UK politicians to answer questions about the role of fake news on its platform and the potential use of Facebook data in the UK’s Brexit referendum

April 2018 — the Canadian and British Columbian privacy watchdogs announce they are combining existing investigations into Facebook and a local data firm, AggregateIQ, which has been linked to Cambridge Analytica. The next day Facebook reportedly suspends AggregateIQ‘s account on its platform

April 2018 — Facebook says it has started telling affected users whether their information was improperly shared with Cambridge Analytica

Check Also

Amazon’s next conquest will be apparel

Sunny Dhillon Contributor Sunny Dhillon is a partner at Signia Venture Partners. More posts by this contributor The rise of experiential commerce Approaching e-commerce investments in the age of Amazon Late last year, after Amazon announced it had acquired the rights to J.R.R. Tolkien’s epic “Lord of the Rings” saga for $250 million, I wrote how the move underscored Amazon’s relentless pursuit to build one platform to “rule them all.” Now that Amazon is investing half a billion dollars into developing a Middle Earth show – making it the most expensive TV series ever made – it won’t be a surprise to see Jeff Bezos front and center at the Emmys soon. But Hollywood isn’t the only industry Amazon wants to upend. Based on the company’s great ambitions in apparel, it may not be long before we also see Bezos at New York Fashion Week next to Anna Wintour. The 800-Pound Gorilla in the Fashion World As traditional retail continues to recede, direct to commerce fashion brands continue to emerge. I’ve previously shared how Stitch Fix, Warby Parker, Everlane and Allbirds are just a few innovative companies proving the success of this model. As the master of D2C commerce, Amazon has been fine-tuning its fashion operation for over 15 years. Amazon originally got into apparel all the way back in 2002 and acquired online shoe retailer Zappos for $1.2 billion in 2009, marking the largest purchase in its history at the time. But the company’s quest to dominate fashion has faced several historical obstacles, chief among them that people have not trusted buying apparel online out of a desire to try on the items first and that Amazon was not perceived as a “cool” brand. Headwinds are now tailwinds. Online shopping for apparel took off and is now the highest online-penetration CPG sector; the majority of women have shopped for clothing online. E-commerce accounts for nearly twice as big a proportion of total clothing sales as it does for retail more broadly (17 percent vs. 10 percent). Amazon, meanwhile, has honed its apparel strategy, providing free returns, better photography and greater selection. Today, the company is the largest apparel retailer by gross merchandise volume. Mission accomplished? Not quite. Building A Private-Label ‘Fashion House’ An actual Amazon fashion shoot Bonobos CEO Andy Dunn once said, “Selling a bunch of other people’s stuff is a low margin game that requires a lot of capital and, ultimately, it’s hard to beat Jeff Bezos at that.” This is true, but when it comes to apparel, Bezos has greater ambitions than selling other people’s stuff. Currently, though, that’s mostly what Amazon does. According to analysis from Coresight Research, nearly 14 percent of listings on the U.S. Amazon Fashion site are from Amazon itself, while third-party sellers account for the remaining 86 percent. Amazon is highly incentivized to increase its share of that pie. Apparel is a highly profitable category for the company, with 40 percent peak gross margins in the last 10 years. Additionally, Prime members heavily overindex for buying apparel on Amazon – nearly two-thirds have done so in the past year. As it ramps up its private-label offerings, Amazon is clearly keen to move beyond selling the apparel equivalent of batteries and diapers through its Amazon Essentials brand. It started selling thigh-high velvet boots in September, and Coresight’s analysis indicates that the company is focusing on higher-value categories. If its recent Lord of the Rings rights acquisition was an attempt to further capture young affluent consumers’ eyeballs, and Whole Foods an attempt to lock down their stomachs, it follows that Amazon would want to ensnare their wardrobes as well. Acquiring a hot digitally native vertical brand – or brands – would be a speedy way to accomplish that. Walmart has already pursued this strategy by buying Bonobos, Modcloth and others; Amazon could take a similar path and seek to bring buzzy brands like Everlane into the everything store. This could also go a long way in helping Amazon shed its “uncool” label. Becoming A Fashion (Power)House The Echo Look is just one sign Amazon is serious about dominating fashion Last year, Amazon introduced a number of innovations designed to turbocharge its apparel business and make the online shopping experience as frictionless as possible. It launched Prime Wardrobe, a Stitch Fix-style service that allows you to try three or more items on at home before sending back the items you don’t want for free in a resealable box with a prepaid label. It also debuted Echo Look, a new Alexa-powered device that the company dubs a “hands-free camera and style assistant.” The addition of a camera enables the device to record and comment on its owner’s clothing choices, using a combination of machine learning and human stylist feedback. This advice also takes the form of recommendations, which can drive revenue to Amazon Fashion, and specifically its private-label brands. Amazon is iterating on and rolling out more features for the Echo Look, including curated content and even crowdsourced (human!) style feedback. It also created an AI algorithm for designing clothes and patented an AR mirror that lets you virtually try on clothes. The value of such a mirror was validated recently by L’Oreal’s acquisition of ModiFace, a company that produces technology that powers similar applications in beauty AR. Analyzing all these moves together, Amazon’s apparel strategy begins to crystallize. First it sells tons of clothes to learn how clothes are sold. Then it starts selling its own clothes to generate higher gross margin. And now has it has Prime Wardrobe to increase lock-in and reduce points at which customers can choose not to buy Amazon’s own clothing (all while gathering more data about individual preferences); and Echo Look to be its data collection and voice-commerce portal (and as an added bonus, it can route ambiguous purchase requests to its growing inventory of private-label items). If this strategy is successful, it will give Amazon an enormous data moat to drive high-margin sales – a competitive advantage that will be extremely difficult for fashion retailers and brands to replicate. Bezos doesn’t need to even ask. Amazon has become increasingly dominant in several increasingly important arenas: cloud services, voice assistants, self-serving brick-and-mortar stores with Amazon Go, and of course its now-traditional role as the online everything store. The company is poised to add apparel to this growing list as it changes the way people shop for clothing (again) and entices more of its customers to buy Amazon’s own threads. And it bears mentioning that Amazon Fashion will get a helpful hand from Amazon Studios as well. Bezos once shared that, “When we win a Golden Globe, it helps us sell more shoes.” If he has his way, Amazon will be doing a lot more of both in the coming years.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.