Altro whistleblower, questa volta un interno di Facebook: "i controlli ci sarebbero, ma nessuno li usa". 'Utterly horrifying': ex-Facebook insider says covert data harvesting was routine <https://www.theguardian.com/news/2018/mar/20/facebook-data-cambridge-analyti...> Hundreds of millions of Facebook <https://www.theguardian.com/technology/facebook> users are likely to have had their private information harvested by companies that exploited the same terms as the firm that collected data and passed it on to Cambridge Analytica, according to a new whistleblower. Sandy Parakilas, the platform operations manager at Facebook responsible for policing data breaches by third-party software developers between 2011 and 2012, told the Guardian he warned senior executives at the company that its lax approach to data protection risked a major breach. “My concerns were that all of the data that left Facebook servers to developers could not be monitored by Facebook, so we had no idea what developers were doing with the data,” he said. Parakilas said Facebook had terms of service and settings that “people didn’t read or understand” and the company did not use its enforcement mechanisms, including audits of external developers, to ensure data was not being misused. Parakilas, whose job was to investigate data breaches by developers similar to the one later suspected of Global Science Research, which harvested tens of millions of Facebook profiles and provided the data to Cambridge Analytica, said the slew of recent disclosures had left him disappointed with his superiors for not heeding his warnings. “It has been painful watching,” he said, “because I know that they could have prevented it.” Asked what kind of control Facebook had over the data given to outside developers, he replied: “Zero. Absolutely none. Once the data left Facebook servers there was not any control, and there was no insight into what was going on.” Parakilas said he “always assumed there was something of a black market” for Facebook data that had been passed to external developers. However, he said that when he told other executives the company should proactively “audit developers directly and see what’s going on with the data” he was discouraged from the approach. He said one Facebook executive advised him against looking too deeply at how the data was being used, warning him: “Do you really want to see what you’ll find?” Parakilas said he interpreted the comment to mean that “Facebook was in a stronger legal position if it didn’t know about the abuse that was happening”. He added: “They felt that it was better not to know. I found that utterly shocking and horrifying.” Parakilas first went public with his concerns about privacy at Facebook four months ago, but his direct experience policing Facebook data given to third parties throws new light on revelations over how such data was obtained by Cambridge Analytica. Facebook did not respond to a request for comment on the information supplied by Parakilas, but directed the Guardian to a November 2017 blogpost <https://newsroom.fb.com/news/h/enforcing-our-policies-and-protecting-peoples...> in which the company defended its data sharing practices, which it said had “significantly improved” over the last five years. “While it’s fair to criticise how we enforced our developer policies more than five years ago, it’s untrue to suggest we didn’t or don’t care about privacy,” that statement said. “The facts tell a different story.” [...] On 18/03/2018 15:02, gianlucaquaglia@gmail.com wrote:
Un interessante, e molto preoccupante per quanto riguarda il livello di influenza raggiunto da questi signori sulle democrazie, approfondimento sulla questione
https://www.theguardian.com/news/2018/mar/17/data-war-whistleblower-christop...
GLQ
-------------------------------------------------
Il 18/03/2018 11:26, Enrico Bergamini ha scritto:
Al di là dell'etichetta che vogliamo dare al metodo di harvesting (su cui si può discutere, ma sono d'accordo con te) evidenziavo piuttosto il contenuto dell'intervista, che ci spiega alcuni dei /come /di questa storia
E
Il giorno 17 marzo 2018 18:17, Matteo G.P. Flora <mf@thefool.it <mailto:mf@thefool.it>> ha scritto:
Faccio VERAMENTE fatica a catalogarlo come data breach: i dati erano memorizzati richiedendo esplicitamente agli utenti trite applicazioni di terze parti (quiz e giochi scemi). Si tratta sicuramente di violazione dei TOS di memorizzazione ed uso, ma non c’é DAVVERO nessun breach.
M
Il giorno sab 17 mar 2018 alle 18:11 Enrico Bergamini <enricobergamini1995@gmail.com <mailto:enricobergamini1995@gmail.com>> ha scritto:
Oggi passava in lista il ban di FB a Strategic Communication Lab. Nel caso non l'abbiate vista, qui un'intervista del Guardian al whistleblower (ex data scientist di Cambridge Analytica) che mette i brividi.
https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-in... <https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-in...>
Saluti,
-- Enrico Bergamini
http://enricobergamini.it "All that we are is the result of what we have thought" _______________________________________________ nexa mailing list nexa@server-nexa.polito.it <mailto:nexa@server-nexa.polito.it> https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa <https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa>
-- Matteo G.P. Flora Founder and CEO at The Fool srl
A Via Merano, 16 Milano (MI <https://maps.google.com/?q=Via+Merano,+16+Milano+%28MI&entry=gmail&source=g>) M +39.347.9676430 <tel:+39%20347%20967%206430> E mf@thefool.it <mailto:mf@thefool.it> W http://thefool.it
-- Enrico Bergamini
http://enricobergamini.it "All that we are is the result of what we have thought"
_______________________________________________ nexa mailing list nexa@server-nexa.polito.it https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa
_______________________________________________ nexa mailing list nexa@server-nexa.polito.it https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa