Schlagwort-Archive: Facebook

New Report Highlights the Decline of Facebook and IG, as TikTok Becomes the New Home of Entertainment

https://www.socialmediatoday.com/news/new-report-highlights-the-decline-of-facebook-and-ig-as-tiktok-becomes-the/631694/

By Andrew Hutchinson Content and Social Media Manager

Have you found yourself using Instagram way less of late? The once trendsetting social platform seems to have lost its luster, in large part due to Instagram’s insistence on pumping more content from accounts that you don’t follow into your main IG feed. The ‘inspiration’ for that approach is TikTok, which has seen great success by focusing on content, as opposed to creators, with the app opening to a ‘For You’ feed of algorithmically-selected clips, based on your viewing habits. Instagram, as usual, saw that as an opportunity, and it’s since been working to negate your direct input – i.e. the accounts that you’ve chosen to follow – by showing you more and more stuff that it thinks you’ll like. Which is annoying, and personally, I don’t find Instagram anywhere near as engaging as it once was.

And it seems many other users agree – according to a new report from The Wall Street Journal, Instagram engagement is declining, with Reels, in particular, seeing a significant drop-off in user engagement of late. As reported by WSJ, TikTok users are spending over 10x as many hours consuming content in that app as Instagram users currently spend viewing Reels. According to a leaked internal report, Reels engagement is also in decline, dropping 13.6% in recent months – while ‘most Reels users have no engagement whatsoever.’  Meta has lightly refuted the claims, by stating that the usage data doesn’t provide the full picture. Though it declined to add any more context – which is Meta’s usual process when it can’t dispel such with its own insight. Take, for example, total time spent in its apps. Back in 2016, as part of its regular performance reporting, Meta noted that people were spending more than 50 minutes per day, on average, using Facebook, Instagram and Messenger.

It hasn’t reported any official stats on this ever since, which many believe is because that number has been in steady decline, and Meta sees no value in reporting that it’s losing ground, and has been for years now. Meta, instead, is keen to talk about daily and monthly active users, where its figures are solid. But this almost feels like misdirection – Facebook and Instagram, in particular, have traditionally been based on building your social graph, and establishing a digital connection with the people that you know and want to stay connected with, and informed about.

As such, it makes sense that a lot of people log onto these apps each day just to see if their friends and family have shared anything new. That doesn’t, however, mean that they’re spending a lot of time in these apps. Which is another reason why Meta’s trying to push more interesting content into your main feed, and in between updates from your connections – because if it can hook those people that are just checking in, then logging straight back out, that could be a key way to get its engagement stats back on track. But it’s not working.

Again, Facebook and Instagram have spent years pushing you to establish connections with the people that you care about, even introducing an algorithm to ensure that you see the most important updates from these users and Pages every day. At one point, Facebook noted that an average user was eligible to see over 1,500 posts every day, based on the people and Pages they were connected to – which is way more than they could ever view in a single day. So it brought in the algorithm to help maximize engagement – which also had the added benefit of squeezing Page reach, and forcing more brands to pay up. But now, Facebook is actively working to add in even more content, cluttering your feed beyond the posts that you could already be shown, and making it harder than ever to see posts from the people you actually want to stay updated on. Hard to see how that serves the user interests.

And again, it seems that users are understandably frustrated by this, based on these latest engagement stats, and previously reported info from Facebook which showed that young users are spending less and less time in the app. Facebook usage by age bracket Because it’s fundamentally going against its own ethos, purely for its own gain. Accept it or not, people go to different apps for different purpose, which is the whole point of differentiation and finding a niche in the industry. People go to TikTok for entertainment, not for connecting with friends (worth noting that TikTok has actually labeled itself an ‘entertainment app’, as opposed to a social network), while users go to Facebook and IG to see the latest updates from people they care about.

The focus is not the same, and in this new, more entertainment-aligned paradigm, Meta’s once all-powerful, unmatched social graph is no longer the market advantage that it once was. But Meta, desperately seeking to counter its engagement declines, keeps trying to get people to stick around, which is seemingly having the opposite effect. Of course, Meta needs to try, it needs to seek ways to negate user losses as best it can – it makes sense that it’s testing out these new approaches. But they’re not the solution. How, then, can Instagram and Facebook actually re-engage users and stem the tide of people drifting across to TikTok? There are no easy answers, but I’m tipping the next phase will involve exclusive contracts with popular creators, as they become the key pawns in the new platform wars. TikTok’s monetization systems are not as evolved, and YouTube and Meta could theoretically blow it out of the water if they could rope in the top stars from across the digital ecosphere. That could keep people coming to their apps instead, which could see TikTok engagement wither, like Vine before it.
But other than forcing people to spend more time on Facebook, by hijacking their favorite stars, there’s not a lot of compelling reasons for people to spend more time in Meta’s apps. At least, not right now, as they increasingly dilute any form of differentiation.

  But essentially, it comes down to a major shift in user behaviors, away from following your friends, and seeing all the random stuff that they post, to following trends, and engaging with the most popular, most engaging content from across the platform, as opposed to walling off your own little space.

At one stage, the allure of social media was that it gave everyone their own soapbox, a means to share their voice, their opinion, to be their own celebrity in their own right, at least among their own networks. But over time, we’ve seen the negatives of that too. Over-sharing can lead to problems when it’s saved in the internet’s perfect memory for all time, while increasing division around political movements has also made people less inclined to share their own thoughts, for fear of unwanted criticism or misunderstanding. Which is why entertainment has now become the focus of the next generation – it’s less about personal insights and more about engaging in cultural trends. That’s why TikTok is winning, and why Facebook and Instagram are losing out, despite their frantic efforts.

Werbung

Penlink – A small Nebraska company is helping law enforcement around the world spy on users of Google, Facebook and other tech giants

A small Nebraska company is helping law enforcement around the world spy on users of Google, Facebook and other tech giants. A secretly recorded presentation to police reveals how deeply embedded in the U.S. surveillance machine PenLink has become.


PenLink might be the most pervasive wiretapper you’ve never heard of.

The Lincoln, Nebraska-based company is often the first choice of law enforcement looking to keep tabs on the communications of criminal suspects. It’s probably best known, if it’s known at all, for its work helping convict Scott Peterson, who murdered his wife Laci and their unborn son in a case that fomented a tabloid frenzy in the early 2000s. Nowadays the company has been helping cops keep tabs on suspected wrongdoing by users of Google, Facebook and WhatsApp – whatever web tool that law enforcement requests.

With $20 million revenue every year from U.S. government customers such as the Drug Enforcement Administration, the FBI, Immigration Customs Enforcement (ICE) and almost every other law enforcement agency in the federal directory, PenLink enjoys a steady stream of income. That doesn’t include its sales to local and state police, where it also does significant business but for which there are no available revenue figures. Forbes viewed contracts across the U.S., including towns and cities in California, Florida, Illinois, Hawaii, North Carolina and Nevada.

“PenLink is proud to support law enforcement across the U.S. and internationally in their effort to fight wrongdoing,” the company said. “We do not publicly discuss how our solution is being utilized by our customers.”

Sometimes it takes a spy to get transparency from a surveillance company. Jack Poulson, founder of technology watchdog Tech Inquiry, went incognito at the National Sheriffs’ Association’s winter conference in Washington. He recorded a longtime PenLink employee showing off what the company could do for law enforcement and discussing the scale of its operations. Not only does the recording lift the lid on how deeply involved PenLink is in wiretapping operations across the U.S., it also reveals in granular detail just how tech providers such as Apple, Facebook and Google provide information to police when they’re confronted with a valid warrant or subpoena.

Scott Tuma, a 15-year PenLink veteran, told attendees at the conference that the business got off the ground in 1987 when a law enforcement agency had an abundance of call records that it needed help organizing. It was in 1998 that the company deployed its first wiretap system. “We’ve got those, generally, scattered all over the U.S. and all over the world,” Tuma said. Though he didn’t describe that tool in detail, the company calls it Lincoln.

Today, it’s social media rather than phones that’s proving to be fertile ground for PenLink and its law enforcement customers. Tuma described working with one Justice Department gang investigator in California, saying he was running as many as 50 social media “intercepts.” PenLink’s trade is in collecting and organizing that information for police as it streams in from the likes of Facebook and Google.

The PenLink rep said that tech companies can be ordered to provide near-live tracking of suspects free of charge. One downside is that the social-media feeds don’t come in real time, like phone taps. There’s a delay – 15 minutes in the case of Facebook and its offshoot, Instagram. Snapchat, however, won’t give cops data much more than four times a day, he said. In some “exigent circumstances,” however, Tuma said he’d seen companies providing intercepts in near real time.

Making matters trickier for the police, to get the intercept data from Facebook, they have to log in to a portal and download the files. If an investigator doesn’t log in every hour during an intercept, they get locked out. “This is how big of a pain in the ass Facebook is,” Tuma said. PenLink automates the process, however, so if law enforcement officers have to take a break or their working day ends, they’ll still have the intercept response when they return.

A spokesperson for Meta, Facebook’s owner, said: “Meta complies with valid legal processes submitted by law enforcement and only produces requested information directly to the requesting law enforcement official, including ensuring the type of legal process used permits the disclosure of the information.”

Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union, reviewed the comments made by Tuma. She raised concerns about the amount of information the government was collecting via PenLink. “The law requires police to minimize intercepted data, as well as give notice and show necessity,” she said. “It’s hard to imagine that wiretapping 50 social media accounts is regularly necessary, and I question whether the police are then going back to all the people who comment on Facebook posts or are members of groups to tell them that they’ve been eavesdropped upon.”

She suggested that Tuma’s claim that a “simple subpoena” to Facebook could yield granular information – such as when and where a photo was uploaded, or when a credit-card transaction took place on Facebook Marketplace – may be an overreach of the law.

There’s a lot of nuance involving where government actions might stray over the line, said Randy Milch, a New York University law professor and former general counsel at telecoms giant Verizon Communications. “While I’m sympathetic to the idea that the government is going to ask for more than it needs, simply saying ‘too much data must mean an overreach’ is the kind of arbitrary rule that isn’t workable,” he told Forbes. “The government doesn’t know the amount of the data it’s seeking” before the fact. Milch noted that the Stored Communications Act explicitly allows for subpoenas to collect records including names, addresses, means and source of payment, as well as information on session times and durations.

‘Google’s the best’

In his Washington talk, Tuma gushed over Google’s location-tracking data. Google “can get me within three feet of a precise location,” he said. “I cannot tell you how many cold cases I’ve helped work on where this is five, six, seven years old and people need to put [the suspect] at a hit-and-run or it was a sexual assault that took place.” If people are carrying their phones and have Gmail accounts, he said, law enforcement “can get really lucky. And it happens a lot.” Facebook, by comparison, will get a target within 60 to 90 feet, Tuma said, while Snapchat has started providing more accurate location information within 15 feet.

Snapchat didn’t respond to requests for comment.

Tuma also described having a lot of success in asking Google for search histories. “Multiple homicide investigations, I’ve seen it: ‘How to dispose of a human body,’ ‘best place to dump a body.’ Swear to God, that’s what they search for. It’s in their Google history. They cleared their browser and their cookies and things, they think it’s gone. Google’s the best.” A Google spokesperson said the company tries to balance privacy concerns with the needs of police. “As with all law enforcement requests, we have a rigorous process that is designed to protect the privacy of our users while supporting the important work of law enforcement,” the spokesperson said.

Tuma described Apple’s iCloud warrants as “phenomenal.” “If you did something bad, I bet you I could find it on that backup,” he said. (Apple didn’t respond to requests for comment.) It was also possible, Tuma said, to look at WhatsApp messages, despite the platform’s assurances of tight security. Users who back up messages effectively remove the protection provided by the app’s end-to-end encryption. Tuma said he was working on a case in New York where he was sitting on “about a thousand recordings from WhatsApp.” The Facebook-owned app may not be so susceptible to near real-time interception, however, as backups can only be done as frequently as once a day. Metadata, however, showing how a WhatsApp account was used and which numbers were contacting one another and when, can be tracked with a surveillance technology known as a pen-register. PenLink provides that tool as a service.

All messages on WhatsApp are end-to-end encrypted, said a company spokesperson, and it’s transparent about how it works with law enforcement. “We know that people want their messaging services to be reliable and safe – and that requires WhatsApp to have limited data,” the spokesperson said. “We carefully review, validate and respond to law enforcement requests based on applicable law and in accordance with our terms of service, and are clear about this on our website and in regular transparency reports. This work has helped us lead the industry in delivering private communications while keeping people safe, and has led to arrests in criminal cases.” They pointed to a release last year of a feature that allows users to encrypt their backups in the iCloud or Google Drive, while noting that when they respond to a law enforcement request, they don’t provide the data to any private company like PenLink, but directly to law enforcement.

Going dark or swimming in data?

In recent years, the FBI and various police agencies have raised concerns about end-to-end encryption from Google or Facebook cutting off valuable data sources. But Tuma said that Silicon Valley’s heavyweights aren’t likely to start hiding information from police because it would mean doing the same to advertisers. “I always call B.S. on it for this reason right here: Google’s ad revenue in 2020 was $182 billion,” Tuma said.

Granick of the ACLU said that such claims showed that the FBI, contrary to what the bureau claimed, wasn’t losing sight of suspects because of encrypted apps like WhatsApp. “The fact that backups and other data are not encrypted creates a treasure trove for police,” Granick said. “Far from going dark, they are swimming in data.” It’s noteworthy that Signal, an encrypted communications app that’s become hugely popular in recent years, does not have a feature that allows users to back up their data to the cloud.

Indeed, the amount of data being sent by the likes of Google and Facebook to police can be astonishing. Forbes recently reviewed a search warrant in which the police were sent 27,000 pages of information on a Facebook account of a man accused of giving illegal tours of the Grand Canyon. Tuma said he’d seen even bigger returns, the largest being around 340,000.

Though its headcount is small – less than 100 employees, according to LinkedIn – PenLink’s ability to tap a wide range of telecoms and internet businesses at scale has made the company very attractive to police over the last two decades. Over the last month alone, the DEA ordered nearly $2 million in licenses and the FBI $750,000.

Through a Freedom of Information Act request, Forbes obtained information on a $16.5 million PenLink contract with ICE that was signed in 2017 and continued to 2021. It details a need for the company’s suite of telecommunications analysis and intercept software applications, including what it called its PLX tool. The contract requires PenLink, at a minimum, to help wiretap a large number of providers, including AT&T, Iridium Satellite, Sprint, Verizon, T-Mobile, Cricket, Cablevision, Comcast, Time Warner, Cox, Skype, Vonage, Virgin Mobile and what the government calls “social media and advertising websites” such as Facebook and WhatsApp.

PenLink’s work wouldn’t be possible without the compliance of tech providers, who, according to Granick, “are storing too much data for too long, and then turning too much over to investigators. Social media companies are able to filter by date, type of data, and even sender and recipient. Terabytes of data are almost never going to be responsive to probable cause, which is what the Fourth Amendment requires.”

Follow Thomas on Twitter. Check out his website. Send him a secure tip.

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

WhatsApp assures users that no one can see their messages — but the company has an extensive monitoring operation and regularly shares personal information with prosecutors.

 

Series: The Social Machine

How Facebook Plays by Its Own set of Rules

Clarification, Sept. 8, 2021: A previous version of this story caused unintended confusion about the extent to which WhatsApp examines its users’ messages and whether it breaks the encryption that keeps the exchanges secret. We’ve altered language in the story to make clear that the company examines only messages from threads that have been reported by users as possibly abusive. It does not break end-to-end encryption.

When Mark Zuckerberg unveiled a new “privacy-focused vision” for Facebook in March 2019, he cited the company’s global messaging service, WhatsApp, as a model. Acknowledging that “we don’t currently have a strong reputation for building privacy protective services,” the Facebook CEO wrote that “I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won’t stick around forever. This is the future I hope we will help bring about. We plan to build this the way we’ve developed WhatsApp.”

Zuckerberg’s vision centered on WhatsApp’s signature feature, which he said the company was planning to apply to Instagram and Facebook Messenger: end-to-end encryption, which converts all messages into an unreadable format that is only unlocked when they reach their intended destinations. WhatsApp messages are so secure, he said, that nobody else — not even the company — can read a word. As Zuckerberg had put it earlier, in testimony to the U.S. Senate in 2018, “We don’t see any of the content in WhatsApp.”

 

WhatsApp emphasizes this point so consistently that a flag with a similar assurance automatically appears on-screen before users send messages: “No one outside of this chat, not even WhatsApp, can read or listen to them.”

Given those sweeping assurances, you might be surprised to learn that WhatsApp has more than 1,000 contract workers filling floors of office buildings in Austin, Texas, Dublin and Singapore. Seated at computers in pods organized by work assignments, these hourly workers use special Facebook software to sift through millions of private messages, images and videos. They pass judgment on whatever flashes on their screen — claims of everything from fraud or spam to child porn and potential terrorist plotting — typically in less than a minute.

The workers have access to only a subset of WhatsApp messages — those flagged by users and automatically forwarded to the company as possibly abusive. The review is one element in a broader monitoring operation in which the company also reviews material that is not encrypted, including data about the sender and their account.

Policing users while assuring them that their privacy is sacrosanct makes for an awkward mission at WhatsApp. A 49-slide internal company marketing presentation from December, obtained by ProPublica, emphasizes the “fierce” promotion of WhatsApp’s “privacy narrative.” It compares its “brand character” to “the Immigrant Mother” and displays a photo of Malala ​​Yousafzai, who survived a shooting by the Taliban and became a Nobel Peace Prize winner, in a slide titled “Brand tone parameters.” The presentation does not mention the company’s content moderation efforts.

WhatsApp’s director of communications, Carl Woog, acknowledged that teams of contractors in Austin and elsewhere review WhatsApp messages to identify and remove “the worst” abusers. But Woog told ProPublica that the company does not consider this work to be content moderation, saying: “We actually don’t typically use the term for WhatsApp.” The company declined to make executives available for interviews for this article, but responded to questions with written comments. “WhatsApp is a lifeline for millions of people around the world,” the company said. “The decisions we make around how we build our app are focused around the privacy of our users, maintaining a high degree of reliability and preventing abuse.”

WhatsApp’s denial that it moderates content is noticeably different from what Facebook Inc. says about WhatsApp’s corporate siblings, Instagram and Facebook. The company has said that some 15,000 moderators examine content on Facebook and Instagram, neither of which is encrypted. It releases quarterly transparency reports that detail how many accounts Facebook and Instagram have “actioned” for various categories of abusive content. There is no such report for WhatsApp.

Deploying an army of content reviewers is just one of the ways that Facebook Inc. has compromised the privacy of WhatsApp users. Together, the company’s actions have left WhatsApp — the largest messaging app in the world, with two billion users — far less private than its users likely understand or expect. A ProPublica investigation, drawing on data, documents and dozens of interviews with current and former employees and contractors, reveals how, since purchasing WhatsApp in 2014, Facebook has quietly undermined its sweeping security assurances in multiple ways. (Two articles this summer noted the existence of WhatsApp’s moderators but focused on their working conditions and pay rather than their effect on users’ privacy. This article is the first to reveal the details and extent of the company’s ability to scrutinize messages and user data — and to examine what the company does with that information.)

Many of the assertions by content moderators working for WhatsApp are echoed by a confidential whistleblower complaint filed last year with the U.S. Securities and Exchange Commission. The complaint, which ProPublica obtained, details WhatsApp’s extensive use of outside contractors, artificial intelligence systems and account information to examine user messages, images and videos. It alleges that the company’s claims of protecting users’ privacy are false. “We haven’t seen this complaint,” the company spokesperson said. The SEC has taken no public action on it; an agency spokesperson declined to comment.

Facebook Inc. has also downplayed how much data it collects from WhatsApp users, what it does with it and how much it shares with law enforcement authorities. For example, WhatsApp shares metadata, unencrypted records that can reveal a lot about a user’s activity, with law enforcement agencies such as the Department of Justice. Some rivals, such as Signal, intentionally gather much less metadata to avoid incursions on its users’ privacy, and thus share far less with law enforcement. (“WhatsApp responds to valid legal requests,” the company spokesperson said, “including orders that require us to provide on a real-time going forward basis who a specific person is messaging.”)

WhatsApp user data, ProPublica has learned, helped prosecutors build a high-profile case against a Treasury Department employee who leaked confidential documents to BuzzFeed News that exposed how dirty money flows through U.S. banks.

Like other social media and communications platforms, WhatsApp is caught between users who expect privacy and law enforcement entities that effectively demand the opposite: that WhatsApp turn over information that will help combat crime and online abuse. WhatsApp has responded to this dilemma by asserting that it’s no dilemma at all. “I think we absolutely can have security and safety for people through end-to-end encryption and work with law enforcement to solve crimes,” said Will Cathcart, whose title is Head of WhatsApp, in a YouTube interview with an Australian think tank in July.

The tension between privacy and disseminating information to law enforcement is exacerbated by a second pressure: Facebook’s need to make money from WhatsApp. Since paying $22 billion to buy WhatsApp in 2014, Facebook has been trying to figure out how to generate profits from a service that doesn’t charge its users a penny.

That conundrum has periodically led to moves that anger users, regulators or both. The goal of monetizing the app was part of the company’s 2016 decision to start sharing WhatsApp user data with Facebook, something the company had told European Union regulators was technologically impossible. The same impulse spurred a controversial plan, abandoned in late 2019, to sell advertising on WhatsApp. And the profit-seeking mandate was behind another botched initiative in January: the introduction of a new privacy policy for user interactions with businesses on WhatsApp, allowing businesses to use customer data in new ways. That announcement triggered a user exodus to competing apps.

WhatsApp’s increasingly aggressive business plan is focused on charging companies for an array of services — letting users make payments via WhatsApp and managing customer service chats — that offer convenience but fewer privacy protections. The result is a confusing two-tiered privacy system within the same app where the protections of end-to-end encryption are further eroded when WhatsApp users employ the service to communicate with businesses.

The company’s December marketing presentation captures WhatsApp’s diverging imperatives. It states that “privacy will remain important.” But it also conveys what seems to be a more urgent mission: the need to “open the aperture of the brand to encompass our future business objectives.”


 

I. “Content Moderation Associates”

In many ways, the experience of being a content moderator for WhatsApp in Austin is identical to being a moderator for Facebook or Instagram, according to interviews with 29 current and former moderators. Mostly in their 20s and 30s, many with past experience as store clerks, grocery checkers and baristas, the moderators are hired and employed by Accenture, a huge corporate contractor that works for Facebook and other Fortune 500 behemoths.

The job listings advertise “Content Review” positions and make no mention of Facebook or WhatsApp. Employment documents list the workers’ initial title as “content moderation associate.” Pay starts around $16.50 an hour. Moderators are instructed to tell anyone who asks that they work for Accenture, and are required to sign sweeping non-disclosure agreements. Citing the NDAs, almost all the current and former moderators interviewed by ProPublica insisted on anonymity. (An Accenture spokesperson declined comment, referring all questions about content moderation to WhatsApp.)

When the WhatsApp team was assembled in Austin in 2019, Facebook moderators already occupied the fourth floor of an office tower on Sixth Street, adjacent to the city’s famous bar-and-music scene. The WhatsApp team was installed on the floor above, with new glass-enclosed work pods and nicer bathrooms that sparked a tinge of envy in a few members of the Facebook team. Most of the WhatsApp team scattered to work from home during the pandemic. Whether in the office or at home, they spend their days in front of screens, using a Facebook software tool to examine a stream of “tickets,” organized by subject into “reactive” and “proactive” queues.

Collectively, the workers scrutinize millions of pieces of WhatsApp content each week. Each reviewer handles upwards of 600 tickets a day, which gives them less than a minute per ticket. WhatsApp declined to reveal how many contract workers are employed for content review, but a partial staffing list reviewed by ProPublica suggests that, at Accenture alone, it’s more than 1,000. WhatsApp moderators, like their Facebook and Instagram counterparts, are expected to meet performance metrics for speed and accuracy, which are audited by Accenture.

Their jobs differ in other ways. Because WhatsApp’s content is encrypted, artificial intelligence systems can’t automatically scan all chats, images and videos, as they do on Facebook and Instagram. Instead, WhatsApp reviewers gain access to private content when users hit the “report” button on the app, identifying a message as allegedly violating the platform’s terms of service. This forwards five messages — the allegedly offending one along with the four previous ones in the exchange, including any images or videos — to WhatsApp in unscrambled form, according to former WhatsApp engineers and moderators. Automated systems then feed these tickets into “reactive” queues for contract workers to assess.

Artificial intelligence initiates a second set of queues — so-called proactive ones — by scanning unencrypted data that WhatsApp collects about its users and comparing it against suspicious account information and messaging patterns (a new account rapidly sending out a high volume of chats is evidence of spam), as well as terms and images that have previously been deemed abusive. The unencrypted data available for scrutiny is extensive. It includes the names and profile images of a user’s WhatsApp groups as well as their phone number, profile photo, status message, phone battery level, language and time zone, unique mobile phone ID and IP address, wireless signal strength and phone operating system, as a list of their electronic devices, any related Facebook and Instagram accounts, the last time they used the app and any previous history of violations.

The WhatsApp reviewers have three choices when presented with a ticket for either type of queue: Do nothing, place the user on “watch” for further scrutiny, or ban the account. (Facebook and Instagram content moderators have more options, including removing individual postings. It’s that distinction — the fact that WhatsApp reviewers can’t delete individual items — that the company cites as its basis for asserting that WhatsApp reviewers are not “content moderators.”)

WhatsApp moderators must make subjective, sensitive and subtle judgments, interviews and documents examined by ProPublica show. They examine a wide range of categories, including “Spam Report,” “Civic Bad Actor” (political hate speech and disinformation), “Terrorism Global Credible Threat,” “CEI” (child exploitative imagery) and “CP” (child pornography). Another set of categories addresses the messaging and conduct of millions of small and large businesses that use WhatsApp to chat with customers and sell their wares. These queues have such titles as “business impersonation prevalence,” “commerce policy probable violators” and “business verification.”

Moderators say the guidance they get from WhatsApp and Accenture relies on standards that can be simultaneously arcane and disturbingly graphic. Decisions about abusive sexual imagery, for example, can rest on an assessment of whether a naked child in an image appears adolescent or prepubescent, based on comparison of hip bones and pubic hair to a medical index chart. One reviewer recalled a grainy video in a political-speech queue that depicted a machete-wielding man holding up what appeared to be a severed head: “We had to watch and say, ‘Is this a real dead body or a fake dead body?’”

In late 2020, moderators were informed of a new queue for alleged “sextortion.” It was defined in an explanatory memo as “a form of sexual exploitation where people are blackmailed with a nude image of themselves which have been shared by them or someone else on the Internet.” The memo said workers would review messages reported by users that “include predefined keywords typically used in sextortion/blackmail messages.”

WhatsApp’s review system is hampered by impediments, including buggy language translation. The service has users in 180 countries, with the vast majority located outside the U.S. Even though Accenture hires workers who speak a variety of languages, for messages in some languages there’s often no native speaker on site to assess abuse complaints. That means using Facebook’s language-translation tool, which reviewers said could be so inaccurate that it sometimes labeled messages in Arabic as being in Spanish. The tool also offered little guidance on local slang, political context or sexual innuendo. “In the three years I’ve been there,” one moderator said, “it’s always been horrible.”

The process can be rife with errors and misunderstandings. Companies have been flagged for offering weapons for sale when they’re selling straight shaving razors. Bras can be sold, but if the marketing language registers as “adult,” the seller can be labeled a forbidden “sexually oriented business.” And a flawed translation tool set off an alarm when it detected kids for sale and slaughter, which, upon closer scrutiny, turned out to involve young goats intended to be cooked and eaten in halal meals.

The system is also undercut by the human failings of the people who instigate reports. Complaints are frequently filed to punish, harass or prank someone, according to moderators. In messages from Brazil and Mexico, one moderator explained, “we had a couple of months where AI was banning groups left and right because people were messing with their friends by changing their group names” and then reporting them. “At the worst of it, we were probably getting tens of thousands of those. They figured out some words the algorithm did not like.”

Other reports fail to meet WhatsApp standards for an account ban. “Most of it is not violating,” one of the moderators said. “It’s content that is already on the internet, and it’s just people trying to mess with users.” Still, each case can reveal up to five unencrypted messages, which are then examined by moderators.

The judgment of WhatsApp’s AI is less than perfect, moderators say. “There were a lot of innocent photos on there that were not allowed to be on there,” said Carlos Sauceda, who left Accenture last year after nine months. “It might have been a photo of a child taking a bath, and there was nothing wrong with it.” As another WhatsApp moderator put it, “A lot of the time, the artificial intelligence is not that intelligent.”

Facebook’s written guidance to WhatsApp moderators acknowledges many problems, noting “we have made mistakes and our policies have been weaponized by bad actors to get good actors banned. When users write inquiries pertaining to abusive matters like these, it is up to WhatsApp to respond and act (if necessary) accordingly in a timely and pleasant manner.” Of course, if a user appeals a ban that was prompted by a user report, according to one moderator, it entails having a second moderator examine the user’s content.


 

*£%#£$&@+*&+@@@£#+@&§_$£&£@_§##*$#$§+&+@&&%_$$@@

In public statements and on the company’s websites, Facebook Inc. is noticeably vague about WhatsApp’s monitoring process. The company does not provide a regular accounting of how WhatsApp polices the platform. WhatsApp’s FAQ page and online complaint form note that it will receive “the most recent messages” from a user who has been flagged. They do not, however, disclose how many unencrypted messages are revealed when a report is filed, or that those messages are examined by outside contractors. (WhatsApp told ProPublica it limits that disclosure to keep violators from “gaming” the system.)

By contrast, both Facebook and Instagram post lengthy “Community Standards” documents detailing the criteria its moderators use to police content, along with articles and videos about “the unrecognized heroes who keep Facebook safe” and announcements on new content-review sites. Facebook’s transparency reports detail how many pieces of content are “actioned” for each type of violation. WhatsApp is not included in this report.

When dealing with legislators, Facebook Inc. officials also offer few details — but are eager to assure them that they don’t let encryption stand in the way of protecting users from images of child sexual abuse and exploitation. For example, when members of the Senate Judiciary Committee grilled Facebook about the impact of encrypting its platforms, the company, in written follow-up questions in Jan. 2020, cited WhatsApp in boasting that it would remain responsive to law enforcement. “Even within an encrypted system,” one response noted, “we will still be able to respond to lawful requests for metadata, including potentially critical location or account information… We already have an encrypted messaging service, WhatsApp, that — in contrast to some other encrypted services — provides a simple way for people to report abuse or safety concerns.”

Sure enough, WhatsApp reported 400,000 instances of possible child-exploitation imagery to the National Center for Missing and Exploited Children in 2020, according to its head, Cathcart. That was ten times as many as in 2019. “We are by far the industry leaders in finding and detecting that behavior in an end-to-end encrypted service,” he said.

During his YouTube interview with the Australian think tank, Cathcart also described WhatsApp’s reliance on user reporting and its AI systems’ ability to examine account information that isn’t subject to encryption. Asked how many staffers WhatsApp employed to investigate abuse complaints from an app with more than two billion users, Cathcart didn’t mention content moderators or their access to encrypted content. “There’s a lot of people across Facebook who help with WhatsApp,” he explained. “If you look at people who work full time on WhatsApp, it’s above a thousand. I won’t get into the full breakdown of customer service, user reports, engineering, etc. But it’s a lot of that.”

In written responses for this article, the company spokesperson said: “We build WhatsApp in a manner that limits the data we collect while providing us tools to prevent spam, investigate threats, and ban those engaged in abuse, including based on user reports we receive. This work takes extraordinary effort from security experts and a valued trust and safety team that works tirelessly to help provide the world with private communication.” The spokesperson noted that WhatsApp has released new privacy features, including “more controls about how people’s messages can disappear” or be viewed only once. He added, “Based on the feedback we’ve received from users, we’re confident people understand when they make reports to WhatsApp we receive the content they send us.”


 

III. “Deceiving Users” About Personal Privacy

Since the moment Facebook announced plans to buy WhatsApp in 2014, observers wondered how the service, known for its fervent commitment to privacy, would fare inside a corporation known for the opposite. Zuckerberg had become one of the wealthiest people on the planet by using a “surveillance capitalism” approach: collecting and exploiting reams of user data to sell targeted digital ads. Facebook’s relentless pursuit of growth and profits has generated a series of privacy scandals in which it was accused of deceiving customers and regulators.

By contrast, WhatsApp knew little about its users apart from their phone numbers and shared none of that information with third parties. WhatsApp ran no ads, and its co-founders, Jan Koum and Brian Acton, both former Yahoo engineers, were hostile to them. “At every company that sells ads,” they wrote in 2012, “a significant portion of their engineering team spends their day tuning data mining, writing better code to collect all your personal data, upgrading the servers that hold all the data and making sure it’s all being logged and collated and sliced and packed and shipped out,” adding: “Remember, when advertising is involved you the user are the product.” At WhatsApp, they noted, “your data isn’t even in the picture. We are simply not interested in any of it.”

Zuckerberg publicly vowed in a 2014 keynote speech that he would keep WhatsApp “exactly the same.” He declared, “We are absolutely not going to change plans around WhatsApp and the way it uses user data. WhatsApp is going to operate completely autonomously.”

In April 2016, WhatsApp completed its long-planned adoption of end-to-end encryption, which helped establish the app as a prized communications platform in 180 countries, including many where text messages and phone calls are cost-prohibitive. International dissidents, whistleblowers and journalists also turned to WhatsApp to escape government eavesdropping.

Four months later, however, WhatsApp disclosed it would begin sharing user data with Facebook — precisely what Zuckerberg had said would not happen — a move that cleared the way for an array of future revenue-generating plans. The new WhatsApp terms of service said the app would share information such as users’ phone numbers, profile photos, status messages and IP addresses for the purposes of ad targeting, fighting spam and abuse and gathering metrics. “By connecting your phone number with Facebook’s systems,” WhatsApp explained, “Facebook can offer better friend suggestions and show you more relevant ads if you have an account with them.”

Such actions were increasingly bringing Facebook into the crosshairs of regulators. In May 2017, European Union antitrust regulators fined the company 110 million euros (about $122 million) for falsely claiming three years earlier that it would be impossible to link the user information between WhatsApp and the Facebook family of apps. The EU concluded that Facebook had “intentionally or negligently” deceived regulators. Facebook insisted its false statements in 2014 were not intentional, but didn’t contest the fine.

By the spring of 2018, the WhatsApp co-founders, now both billionaires, were gone. Acton, in what he later described as an act of “penance” for the “crime” of selling WhatsApp to Facebook, gave $50 million to a foundation backing Signal, a free encrypted messaging app that would emerge as a WhatsApp rival. (Acton’s donor-advised fund has also given money to ProPublica.)

Meanwhile, Facebook was under fire for its security and privacy failures as never before. The pressure culminated in a landmark $5 billion fine by the Federal Trade Commission in July 2019 for violating a previous agreement to protect user privacy. The fine was almost 20 times greater than any previous privacy-related penalty, according to the FTC, and Facebook’s transgressions included “deceiving users about their ability to control the privacy of their personal information.”

The FTC announced that it was ordering Facebook to take steps to protect privacy going forward, including for WhatsApp users: “As part of Facebook’s order-mandated privacy program, which covers WhatsApp and Instagram, Facebook must conduct a privacy review of every new or modified product, service, or practice before it is implemented, and document its decisions about user privacy.” Compliance officers would be required to generate a “quarterly privacy review report” and share it with the company and, upon request, the FTC.

Facebook agreed to the FTC’s fine and order. Indeed, the negotiations for that agreement were the backdrop, just four months before that, for Zuckerberg’s announcement of his new commitment to privacy.

By that point, WhatsApp had begun using Accenture and other outside contractors to hire hundreds of content reviewers. But the company was eager not to step on its larger privacy message — or spook its global user base. It said nothing publicly about its hiring of contractors to review content.


 

IV$ “W+ Kill P_op%§ Base@%On$Met§data”

Even as Zuckerberg was touting Facebook Inc.’s new commitment to privacy in 2019, he didn’t mention that his company was apparently sharing more of its WhatsApp users’ metadata than ever with the parent company — and with law enforcement.

To the lay ear, the term “metadata” can sound abstract, a word that evokes the intersection of literary criticism and statistics. To use an old, pre-digital analogy, metadata is the equivalent of what’s written on the outside of an envelope — the names and addresses of the sender and recipient and the postmark reflecting where and when it was mailed — while the “content” is what’s written on the letter sealed inside the envelope. So it is with WhatsApp messages: The content is protected, but the envelope reveals a multitude of telling details (as noted: time stamps, phone numbers and much more).

Those in the information and intelligence fields understand how crucial this information can be. It was metadata, after all, that the National Security Agency was gathering about millions of Americans not suspected of a crime, prompting a global outcry when it was exposed in 2013 by former NSA contractor Edward Snowden. “Metadata absolutely tells you everything about somebody’s life,” former NSA general counsel Stewart Baker once said. “If you have enough metadata, you don’t really need content.” In a symposium at Johns Hopkins University in 2014, Gen. Michael Hayden, former director of both the CIA and NSA, went even further: “We kill people based on metadata.”

U.S. law enforcement has used WhatsApp metadata to help put people in jail. ProPublica found more than a dozen instances in which the Justice Department sought court orders for the platform’s metadata since 2017. These represent a fraction of overall requests, known as pen register orders (a phrase borrowed from the technology used to track numbers dialed by landline telephones), as many more are kept from public view by court order. U.S. government requests for data on outgoing and incoming messages from all Facebook platforms increased by 276% from the first half of 2017 to the second half of 2020, according to Facebook Inc. statistics (which don’t break out the numbers by platform). The company’s rate of handing over at least some data in response to such requests has risen from 84% to 95% during that period.

It’s not clear exactly what government investigators have been able to gather from WhatsApp, as the results of those orders, too, are often kept from public view. Internally, WhatsApp calls such requests for information about users “prospective message pairs,” or PMPs. These provide data on a user’s messaging patterns in response to requests from U.S. law enforcement agencies, as well as those in at least three other countries — the United Kingdom, Brazil and India — according to a person familiar with the matter who shared this information on condition of anonymity. Law enforcement requests from other countries might only receive basic subscriber profile information.

WhatsApp metadata was pivotal in the arrest and conviction of Natalie “May” Edwards, a former Treasury Department official with the Financial Crimes Enforcement Network, for leaking confidential banking reports about suspicious transactions to BuzzFeed News. The FBI’s criminal complaint detailed hundreds of messages between Edwards and a BuzzFeed reporter using an “encrypted application,” which interviews and court records confirmed was WhatsApp. “On or about August 1, 2018, within approximately six hours of the Edwards pen becoming operative — and the day after the July 2018 Buzzfeed article was published — the Edwards cellphone exchanged approximately 70 messages via the encrypted application with the Reporter-1 cellphone during an approximately 20-minute time span between 12:33 a.m. and 12:54 a.m.,” FBI Special Agent Emily Eckstut wrote in her October 2018 complaint. Edwards and the reporter used WhatsApp because Edwards believed the platform to be secure, according to a person familiar with the matter.

Edwards was sentenced on June 3 to six months in prison after pleading guilty to a conspiracy charge and reported to prison last week. Edwards’ attorney declined to comment, as did representatives from the FBI and the Justice Department.

WhatsApp has for years downplayed how much unencrypted information it shares with law enforcement, largely limiting mentions of the practice to boilerplate language buried deep in its terms of service. It does not routinely keep permanent logs of who users are communicating with and how often, but company officials confirmed they do turn on such tracking at their own discretion — even for internal Facebook leak investigations — or in response to law enforcement requests. The company declined to tell ProPublica how frequently it does so.

The privacy page for WhatsApp assures users that they have total control over their own metadata. It says users can “decide if only contacts, everyone, or nobody can see your profile photo” or when they last opened their status updates or when they last opened the app. Regardless of the settings a user chooses, WhatsApp collects and analyzes all of that data — a fact not mentioned anywhere on the page.


 

V. “Opening the Aperture to Encompass Business Objectives”

The conflict between privacy and security on encrypted platforms seems to be only intensifying. Law enforcement and child safety advocates have urged Zuckerberg to abandon his plan to encrypt all of Facebook’s messaging platforms. In June 2020, three Republican senators introduced the “Lawful Access to Encrypted Data Act,” which would require tech companies to assist in providing access to even encrypted content in response to law enforcement warrants. For its part, WhatsApp recently sued the Indian government to block its requirement that encrypted apps provide “traceability” — a method to identify the sender of any message deemed relevant to law enforcement. WhatsApp has fought similar demands in other countries.

Other encrypted platforms take a vastly different approach to monitoring their users than WhatsApp. Signal employs no content moderators, collects far less user and group data, allows no cloud backups and generally rejects the notion that it should be policing user activities. It submits no child exploitation reports to NCMEC.

Apple has touted its commitment to privacy as a selling point. Its iMessage system displays a “report” button only to alert the company to suspected spam, and the company has made just a few hundred annual reports to NCMEC, all of them originating from scanning outgoing email, which is unencrypted.

But Apple recently took a new tack, and appeared to stumble along the way. Amid intensifying pressure from Congress, in August the company announced a complex new system for identifying child-exploitative imagery on users’ iCloud backups. Apple insisted the new system poses no threat to private content, but privacy advocates accused the company of creating a backdoor that potentially allows authoritarian governments to demand broader content searches, which could result in the targeting of dissidents, journalists or other critics of the state. On Sept. 3, Apple announced it would delay implementation of the new system.

Still, it’s Facebook that seems to face the most constant skepticism among major tech platforms. It is using encryption to market itself as privacy-friendly, while saying little about the other ways it collects data, according to Lloyd Richardson, the director of IT at the Canadian Centre for Child Protection. “This whole idea that they’re doing it for personal protection of people is completely ludicrous,” Richardson said. “You’re trusting an app owned and written by Facebook to do exactly what they’re saying. Do you trust that entity to do that?” (On Sept. 2, Irish authorities announced that they are fining WhatsApp 225 million euros, about $267 million, for failing to properly disclose how the company shares user information with other Facebook platforms. WhatsApp is contesting the finding.)

Facebook’s emphasis on promoting WhatsApp as a paragon of privacy is evident in the December marketing document obtained by ProPublica. The “Brand Foundations” presentation says it was the product of a 21-member global team across all of Facebook, involving a half-dozen workshops, quantitative research, “stakeholder interviews” and “endless brainstorms.” Its aim: to offer “an emotional articulation” of WhatsApp’s benefits, “an inspirational toolkit that helps us tell our story,” and a “brand purpose to champion the deep human connection that leads to progress.” The marketing deck identifies a feeling of “closeness” as WhatsApp’s “ownable emotional territory,” saying the app delivers “the closest thing to an in-person conversation.”

WhatsApp should portray itself as “courageous,” according to another slide, because it’s “taking a strong, public stance that is not financially motivated on things we care about,” such as defending encryption and fighting misinformation. But the presentation also speaks of the need to “open the aperture of the brand to encompass our future business objectives. While privacy will remain important, we must accommodate for future innovations.”

WhatsApp is now in the midst of a major drive to make money. It has experienced a rocky start, in part because of broad suspicions of how WhatsApp will balance privacy and profits. An announced plan to begin running ads inside the app didn’t help; it was abandoned in late 2019, just days before it was set to launch. Early this January, WhatsApp unveiled a change in its privacy policy — accompanied by a one-month deadline to accept the policy or get cut off from the app. The move sparked a revolt, impelling tens of millions of users to flee to rivals such as Signal and Telegram.

The policy change focused on how messages and data would be handled when users communicate with a business in the ever-expanding array of WhatsApp Business offerings. Companies now could store their chats with users and use information about users for marketing purposes, including targeting them with ads on Facebook or Instagram.

Elon Musk tweeted “Use Signal,” and WhatsApp users rebelled. Facebook delayed for three months the requirement for users to approve the policy update. In the meantime, it struggled to convince users that the change would have no effect on the privacy protections for their personal communications, with a slightly modified version of its usual assurance: “WhatsApp cannot see your personal messages or hear your calls and neither can Facebook.” Just as when the company first bought WhatsApp years before, the message was the same: Trust us.

Correction

Sept. 10, 2021: This story originally stated incorrectly that Apple’s iMessage system has no “report” button. The iMessage system does have a report button, but only for suspected spam (not for suspected abusive content).

https://www.propublica.org/article/how-facebook-undermines-privacy-protections-for-its-2-billion-whatsapp-users

Apple wants to protect privacy — Facebook wants to ‚inflict pain‘

Facebook, Mark Zuckerberg, literally wants to inflict pain on Apple, on Tim Cook. To make them hurt. To lobby the government against them, to claim anti-trust, to do everything they can to paint Apple dirty. Why? Because Apple wants to give us, the customers, the users, the ability to choose whether or not Facebook gets to track us outside their own apps, across other apps, even across the web. Apple considers this simple level of privacy and dignity a fundamental human right. And… Facebook… well, Facebook seems intent on seeing it as an existential threat.

App Tracking Transparency

Starting in iOS 14.5, if an app wants to track your activities in other apps and on the web — well, it absolutely still can; it just has to ask your permission first. That’s it.

It’s called App Tracking Transparency, and it means that, if you’re in the Facebook app, and you’re in your favorite knitting group or whatever, talking about all the knitting, all the knitting, Facebook can serve you personalized ads about knitting, because they know you’re more likely to click on that than on… something random. And that’s all fine. That’s all 1st-party, meaning all happening in the same app, and nothing about that is changing. Not at all.

If you leave the Facebook app, and then go to Lego.com and then jeep.com, open a journaling app, your to-do list, play a couple of games, and then go back to Facebook, well, normally, Facebook tries to follow you across all those apps and websites as well, across anything that uses any of their software plugins or social hooks, so that they can serve you ads based on what you do in those apps and sites as well. And this is what’s changing, at least a very tiny little bit. This 3rd-party tracking. And all that’s changing is that Apple wants Facebook — or any app for that matter — to ask your permission before tracking you. That’s literally it.

Any app that wants to share your data with another app or service, or sell your activity to a data broker, can still do it. They simply have to ask you first.

1st vs. 3rd Party Tracking

Facebook Ios 14 Tracking PromptSource: MacRumors

It doesn’t even apply to other apps the same company owns. So Facebook can still 1st party track us across the big blue app and Facebook.com, Instagram, WhatsApp, Oculus, Messenger, any other app or website they own. Which is like half the social web at this point. It’s only if they want to track us across apps and websites they don’t own that they have to ask.

It’s no different than what other apps have had to ask before they access our photos or contacts or camera, or our physical location; all this means is that they now have to ask us before they can monitor our digital location as well.

Because, just like we’re concerned an app might steal our private photos, spam our contacts, listen in or spy on us with the camera or mic, or stalk us and sell our location in the real world, we’re increasingly concerned about apps stalking us in the digital world.

It’s why we see so many conspiracy theories about apps like Facebook or Instagram using the mic to listen in to our conversations — because they’re so damn good at serving us targeted ads that we think they must be all up in our brainstems to do it.

But they’re not. They’re just… that… damn… good… That damn good at profiling us based on our behavior so they can target us with those ads. And again, Apple isn’t saying they can’t do that anymore, that they can’t track our digital activity. Just like Apple isn’t saying, apps can’t edit our photos or find our friends or transmit our voices or faces across the internet or give us turn-by-turn traffic directions. All Apple’s saying is… like with all those other apps — they simply have to ask us first.

Some people will be fine with it. We’re getting the ads anyway, so they may prefer those ads be as personalized as possible. Others won’t. They’ll find it creepy and demand it stop. And now, for the first time, we’ll all get what we want.

Except for Facebook, which seems to think giving us a choice is wrong. Probably because they’re worried if we’re given a choice, we’ll choose to block them. To say no.

Make the case

FacebookSource: iMore

Rather than making a case for us to say yes, to argue the value they can deliver, Facebook is taking out ads in newspapers, lobbying governments, claiming anti-trust violations, saying this will hurt small apps and small business — as if any of them, from the biggest tech companies to the smallest online merchants own our data and have a greater right to it than we do. As if it belongs to them, not us. By divine right.

Now, some people are confusing and conflating how App Tracking Transparency applies to Apple’s own apps. Intentionally or accidentally spreading disinformation about Apple having a double standard, not playing fair, giving themselves a separate setting. And… they’re actually right. But not really. Apple’s standard here isn’t double — it’s higher.

That separate setting doesn’t stop Apple from doing 3rd-party tracking or serving personalized ads based on your activity elsewhere because Apple doesn’t do that… at all… to begin with. Not any of it. What that second setting does is stop Apple from serving 1st-party ads. Like, suggested apps in the App Store. The equivalent of Facebook serving you that knitting ad while you’re in the Facebook knitting group.

And that’s the reason it’s a second, separate setting. Because it’s legacy, but also because the new one applies to all apps. The old one, sadly, at this point, only to Apple. And conflating 3rd and 1st party tracking in the same interface panel — well, that’s what would be really confusing.

Other people are saying the wording on the popup is unfair. That „Allow Facebook to Track Your Activities Across Other companies Apps and Websites“ is scary and chilling. That it should be something closer to „Allow Facebook to Serve You Personalized Ads.“

Which is such a steaming pile of poop emojis. And everyone knows it. Because personalizing ads isn’t all they can do with that permission. It’s not all they can do with the access, far from it. And everyone knows that as well. It’s like… a giant Facebook Thirst Trap, and they think we’re all going to fall for it.

Asked and answered

Mark Zuckerberg in front of the Facebook logoSource: iMore

See, Photo apps don’t get to ask for permission to apply filters, contacts apps to find friends, conferencing apps to place video calls, location services for turn-by-turn. They have to ask for full access. For blanket permissions. Because that’s what they get. And once they have it, they can steal our photos, spam our contacts, record what we’re doing, or sell our location to collection agents because that’s the access we’ve given them. So they don’t get to lie about the limitations, cherry-pick the most benign use cases, diminish or try and dismiss the very real risk of an app not just serving us personalized ads but selling our online activity to data brokers. We get to know the full scope, so we get to make the most informed decision.

Even then, Apple’s not stopping any of that anyway. All they’re doing is requiring Facebook and any other app to ask us first and then to respect our decision.

Apple can’t stop all of it anyway. All they can do is block the iOS-specific ad identifier. Not all of Facebook or any other service’s software plugins or web hooks. All they can do is hope Facebook and others honor our choice and cut that stuff out — out of their own accord. Based on the honor system.

Even that — the honor system — seems to be too much for Facebook. Because it’s not ending Facebook or any small apps or businesses, like at all. That’s absurd. They’re too busy doing that themselves with Cambridge Analytica, Onavo VPN, algorithmic malfeasance, betraying WhatsApp and Oculus login promises, and the list goes on and on. If anything, Apple is prompting them to clean up their act. Encouraging them to do the most minimally decent, user-centric thing imaginable so they can start regaining our trust.

Source: https://www.imore.com/apple-wants-protect-privacy-facebook-wants-inflict-pain

The mass surveillance of society has made companies extremely wealthy

The Facebook news ban revealed how problematic it is to rely on corporations to provide fundamental public services

By business reporter Gareth Hutchens

Graphic shows two people on laptops in front of the Facebook logo.
Facebook harvests our personal data in unimaginable quantities, Gareth Hutchens writes.(Reuters: Dado Ruvic)

The fog lifted for a moment.

Last week, when Facebook blocked Australians from viewing and sharing „news content“ on its platform, we saw what role it plays in Australian society.

Community groups, charities, sport clubs, arts centres, unions and emergency services all rely on the social media giant.

Its platform plays the role of an important public messaging board.

But in a country with so little civil society infrastructure, our heavy reliance on a corporation to provide such a fundamental public service is deeply problematic.

Facebook, Inc. doesn’t care about your fundraiser or political protest.

It couldn’t care less about your art exhibition.

What it cares about is your personal data, which it harvests in unimaginable quantities.

And the methods it uses to keep its 2.7 billion monthly active users „engaged“ on its website (so it can keep learning more about them) are also deeply problematic.

Jaron Lanier, one of the founders of the field of virtual reality, has been warning about social media and tech giants for years.

„Everyone has been placed under a level of dystopian surveillance straight out of a dystopian science fiction novel,“ he wrote in 2018 about the technological architecture created by these companies.

„Spying is accomplished mostly through connected personal devices — especially, for now, smartphones — that people keep practically glued to their bodies.

„Data is gathered about each person’s communications, interests, movements, contact with others, emotional reactions to circumstances, facial expressions, purchases, vital signs: an ever-growing, boundless variety of data.“

Mr Lanier says the ocean of personal data these companies extract from the internet is turned into behavioural data that allows them to predict and manipulate our behaviour.

 
Play Video. Duration: 57 seconds
„Facebook was wrong“: Josh Frydenberg criticises restrictions on Australian news.

„[These] platforms have proudly reported on experimenting with making people sad, changing voter turnout, and reinforcing brand loyalty,“ he said.

Just one example: in 2014, Facebook executives apologised after a scientific paper revealed the company had conducted secret psychological tests on 700,000 users, without its users‘ knowledge, in which it tried to manipulate its users‘ emotions to see what effect it would have on the status updates they posted or how they would use Facebook’s „like“ button.

Surveillance capitalism

It’s worth remembering what Facebook is.

It is a member of a group of companies that are engaged in something called „surveillance capitalism“.

According to Professor Shoshana Zuboff, the author who coined the term, surveillance capitalism refers to the „new economic order“ that has emerged in the age of the internet and smartphone.

She says the companies that practice it lay claim to our personal information, our „data“, as „free raw material“ to be aggressively harvested.

Some of the data they collect are used for product or service improvement, but the rest is considered as a proprietary „behavioural surplus“.

That surplus data is then fed into machine intelligence which turns the data into „prediction products“ that „anticipate what you will do now, soon and later“.

According to Professor Zuboff, social media companies trade those „prediction products“ in a new kind of marketplace for behavioural predictions which she calls „behavioural futures markets“.

„Surveillance capitalists have grown immensely wealthy from these trading operations, for many companies are eager to lay bets on our future behaviour,“ she wrote in her 2019 book, The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power.

„The competitive dynamics of these new markets drive surveillance capitalists to acquire ever-more-predictive sources of behavioural surplus: our voices, personalities, and emotions.

„Surveillance capitalists discovered that the most-predictive behavioural data come from intervening in the state of play in order to nudge, coax, tune, and herd behaviour towards profitable outcomes.

It has become difficult to escape this bold market project, whose tentacles reach from the gentle herding of innocent Pokemon Go players to eat, drink, and purchase in the restaurants, bars, fast-food joints, and shops that pay to play in its behavioural futures markets to the ruthless expropriation of surplus from Facebook profiles for the purposes of shaping individual behaviour, whether it’s buying pimple cream at 5:45pm on a Friday, clicking ‚yes‘ on an offer of new running shoes as the endorphins race through your brain after your long Sunday morning run, or voting next week.

„Just as industrial capitalism was driven to the continuous intensification of the means of production, so surveillance capitalists and their market players are not locked into the continuous intensification of the means of behavioural modification and the gathering might of instrumentarian power.“

Facebook CEO Mark Zuckerberg gestures with his arms and smiles as he speaks.
Mark Zuckerberg’s Facebook is a member of a group of companies engaged in „surveillance capitalism“.(AP: Trent Nelson via The Salt Lake Tribune)

Google invented surveillance capitalism

Professor Zuboff says Google invented and perfected surveillance capitalism in the early 2000s „in much the same way that a century ago General Motors invented and perfected managerial capitalism“.

„Google was the pioneer of surveillance capitalism in thought and practice, the deep pocket research and development, and the trailblazer in experimentation and implementation, but it is no longer the only actor on this path,“ she wrote.

„Surveillance capitalism quickly spread to Facebook and later to Microsoft. Evidence suggests that Amazon has veered in this direction, and it is a constant challenge to Apple, both as an external threat and as a source of internal debate and conflict.“

She published those words in 2019.

A little later that year, the Guardian described the book as an „epoch-defining international bestseller, drawing comparisons to Rachel Carson’s Silent Spring“.

The mass surveillance of society has made companies extremely wealthy

One of the points Professor Zuboff has repeatedly made about surveillance capitalism is how profitable it is for the companies that practice it.

The ocean of personal data they hoover up is turned into unimaginable wealth and power, making the companies more powerful than nation-states.

It helps to explain why those tech companies have come to dominate stock markets.

A screenshot of the ABC News page on Facebook showing no posts
News organisations including the ABC have been impacted, along with community groups, charities, sport clubs, arts centres, unions, emergency services and more.(Supplied)

Last year, when researchers at the International Monetary Fund tried to figure out why there seemed to be a large disconnect between stock markets and the real world during one of the worst global recessions in memory, one thesis they considered was that the outsize influence of the big five tech companies — Google, Facebook, Microsoft, Amazon and Apple, which accounted for 22 per cent of the market capitalisation on US stock markets — was making US financial markets appear healthier than they were.

At any rate, it comes back to the question of what type of organisation should be running a country’s quasi-public messaging board.

Are we happy to leave it to surveillance capitalists to run a „public good“ of that kind?

Source: https://www.abc.net.au/news/2021-02-21/when-facebook-banned-news-australia-we-saw-role-it-plays/13175698

Facebook’s devastating display of defiance is vintage Zuckerberg

Facebook’s decision to ban legitimate news from being shared in the middle of a global pandemic is a breathtaking display of defiance. It is also entirely consistent with the social media behemoth’s belligerent corporate character.

The move – which inadvertently resulted in Facebook pages of health departments in Queensland, WA and ACT being wiped just before a critical vaccine rollout begins – shocked the Australian media and political establishment. But, in hindsight, nobody should have been surprised. This was vintage Zuckerberg. You don’t blitzscale your way from Harvard dorm room to trillion-dollar titan in the space of a few years without putting lots of noses out of joint.

Facebook CEO Mark Zuckerberg arrives to testify before a joint hearing of Congress.
Facebook CEO Mark Zuckerberg arrives to testify before a joint hearing of Congress.Credit:AP

The Australian government’s media bargaining code, which is at the centre of the dispute, has been endlessly debated over the past year. Media companies say they should be paid for producing journalism that benefits the platforms, but they lack the bargaining power to extract any value for it. Tech giants claim they do not really benefit from the existence of news, that news represents a small part of the overall activity on their platforms, and since they actually send these news organisations free traffic they shouldn’t be paying them anything.

There are merits to both sides of the argument.

Yet there is little doubt stronger regulation of Google and Facebook is urgently needed. The two companies have scarily dominant positions in their respective markets of search and social media, and also an entrenched duopoly in digital advertising. Meanwhile, their ascent has coincided with a host of societal problems ranging from rising misinformation and fake news, to a troubling surge in online conspiracy theories and growing internet addiction.

The media bargaining code attempts to revolve the digital duopoly’s market dominance by using the threat of arbitration to force Google and Facebook to strike commercial deals with media companies. Could there have been a more straightforward solution? A digital platform tax or levy may have been cleaner and simpler and has existing parallels elsewhere in the economy.

There are already taxes on addictive and harmful products (think cigarette excise), and levies on disruptive new market entrants that are used to compensate legacy incumbents also exist (for example, the levies on Uber rides that are distributed to taxi licence holders).

Regardless, the debate about the merits of the media bargaining code in Australia has now become moot. The bill to bring the code into law has sailed through the lower house of Parliament and is all but certain to be passed by the Senate. Facebook is effectively saying that the overwhelming majority of elected officials in a sovereign parliament are wrong.

It is possible that a news-free Facebook could be positive for society and the media industry in the medium term. But at this fragile moment in history – a once in a century health crisis coupled with a fake news epidemic – for the primary gateway to information for millions of people to block critical information from being shared was chillingly irresponsible.

Throughout its relatively short history, Facebook has pursued a win at all costs, take no prisoners approach to business. It has also shown little regard for the wreckage it has left behind. For many years its official corporate mantra was “move fast and break things”.

When a potential competitor emerges, Facebook either buys it (as it did with WhatsApp and Instagram) or copies its key features (as it has done with Snapchat and Tiktok).

Facebook has pursued a win at all costs, take no prisoners approach to business.
Facebook has pursued a win at all costs, take no prisoners approach to business.Credit:Bloomberg

It has repeatedly abused the privacy of its users and demonstrated a shocking ineptitude at thwarting the misinformation and conspiracy theories that have flourished on its platform, which are now demonstrably weakening democracies.

The spat over the media bargaining code highlights the fiendishly complex task governments face in regulating digital giants with operations that span the globe, billions of users and perhaps unrivalled power.

Tech proponents argue Australia’s regulation is deeply flawed – and to an extent they may have a point. But there is flawed regulation all across the economy. Most wildly profitable and dominant companies (even Google) begrudgingly accept these kinds of impositions as part of their social licence to operate, a cost of doing business. Not Facebook.

Mark Zuckerberg’s middle finger to the Australian government has been noticed all around the world. Already Canada is signaling it will copy the media code, while Europe (which has tried repeatedly to force the digital giants to pay news organisations, with much less success than Australia) is likely to follow.

Facebook has repeatedly shown it does not mind a scrap. But this may be its biggest fight yet, and it is only just beginning.

Source: https://www.smh.com.au/business/companies/facebook-s-devastating-display-of-defiance-is-vintage-zuckerberg-20210219-p5741b.html

How you farewell a Facebook account. And what you can do next

If the lack of news is a deal-breaker for your use of Facebook, how can you delete your account – and what are the consequences?

 

With Facebook blocking all news pages and links from its Australian service, some people will be weighing up how they’ll continue to use the social media platform.

Facebook is ubiquitous, and for many of us serves as a link to our friends, family, events, photos and memories. After Facebook’s snap decision on Thursday to block Australians from seeing news articles on its platform, some users began experimenting with loopholes to continuing sharing news, even resorting to breaking up the text in creative ways or using pictures of cats when posting news stories, to throw Facebook off the scent. But in the hours since, those loopholes appear to have been closed.

Is the lack of news a deal-breaker for your use of Facebook? If so, how will you go about deleting your account – and what are the consequences? And are there good alternatives for services that serve news to you?

How will I get my news?

If you previously relied mostly on Facebook for news it’s time to find an alternative, and the service(s) you choose will depend on how you like to consume your content.

If you’re moving to a new social media network, Twitter is an obvious choice. On Twitter, as with Facebook, you get to pick your friends, companies, personalities and outlets, and see their updates in a feed. A lot of news outlets post the same stories to Facebook and Twitter, and may even be more active on the latter now Facebook is out. One advantage of Twitter is you can follow a wide variety of news without crowding your feed too much. For example, you can save curated lists of people and outlets, say, by topic or friend group, to keep things separated. Or you can save specific searches so you’re always up to date on a specific topic or hashtag (those little phrases starting with # that people use to categorise comments, like #auspol for Australian politics).

 

You could also try Reddit or Discord, if you’re more into discussing the news with a like-minded community.

If you’re sticking with Facebook to keep up with friends, you might just want a straight news service or aggregator to get the latest headlines. Google News is available on every type of device and is good for either skimming the headlines or diving deep into a topic. It has curated “top stories”, suggestions based on your tastes, and you can save favourite sources and topics to a custom feed. On mobile phones, a News Showcase feature lets you read some usually paywalled stories for free. Apple News is similar if you solely use Apple devices, though its premium offering Apple News+ is more curated and you need to pay for it.

For a more DIY option you can collect things called RSS Feeds, which show you every article published on a given website, but they can be messy. Some more advanced RSS reading services, like Feedly, make it easier to create your own news service.

Finally, you can always go directly to the outlets you like. Bookmark the topic pages on websites you’re interested in, or many news outlets also offer newsletters, podcasts and apps to make accessing news more convenient.

What happens to my photos and posts if I delete Facebook?

If you’ve been on the social network for years you might wonder what the repercussions would be if you deleted that app and nuked your account. And the truth is, depending on how you’ve used it, there can be consequences.

 

Completely deleting your Facebook account will delete all the posts and photos you’ve shared on the service, and remove you from conversations and posts on other people’s Facebook feeds. You will no longer be able to use Facebook Messenger or access any conversations you had there.

If you used Facebook to sign up to other services, such as Spotify or Instagram, you may find it difficult to access them once your account is deleted. Facebook hardware products, such as Portal smart displays and Oculus VR (virtual reality) headsets, require a Facebook account for most functions. In the case of Oculus, you could lose any games you paid for if you delete Facebook.

After 30 days your Facebook account data becomes unrecoverable, although Facebook says it may take 90 days until all your data is gone from its servers.

So how do I do it without losing all my stuff?

For a less nuclear option you can “deactivate” your account; in which case the company keeps your data and you can still use Messenger. Other apps and websites can still log you in with Facebook, and you can reinstate your account in the future.

So if you’re removing yourself from Facebook, you first have to decide whether you’d like the option to come back later. If you do, you should choose a deactivation. If not, you want a deletion. Either way you will go to the same place.

How do you delete or deactivate a Facebook account?

On a computer:

  1. Log in to Facebook and hit the triangle at the top right of the page.
  2. Click on Settings and Privacy, and then Settings.
  3. Click on Your Facebook Information, and then Deactivation or Deletion.

On the mobile app:

  1. Tap the three horizontal lines at the bottom (iPhone) or top (Android) right of the screen.
  2. Scroll down and tap Settings and Privacy, and then Settings.
  3. Scroll down and tap Account Ownership and Control, then Deactivation and Deletion. See below for how to recoup your old posts, including photos.

Deactivation is as simple as entering your password and confirming a few times, but if you’re deleting your account and want to keep your stuff there are a few loose ends to tie up first.

When leaving Facebook, you have a choice of a deactivation where Facebook keeps all your data, or a total deletion that locks you out for good.

When leaving Facebook, you have a choice of a deactivation where Facebook keeps all your data, or a total deletion that locks you out for good.

Facebook can send your photos and videos directly to another service, such as Dropbox or Google Photos. Or, alternatively, you can download and store any or all information from your Facebook account. This can take some time if you want to keep everything, as it might include years of posts, photos, videos, comments, messages, event details and group discussions, marketplace listings, location information and advertising data. To do either of these things, follow the steps above but at step three choose Transfer a Copy of Your Photos, or Download Your Information.

How do you access Instagram if you’ve ditched Facebook?

Next, you’ll want to make sure you can still access other services. You can keep using Instagram after a Facebook deletion but you may need to make some changes. Before deleting Facebook go to Instagram’s settings, hit Accounts Center, then Logging in Across Accounts, and make sure it’s turned off. If you originally signed up to Instagram via Facebook, this will prompt you to create a password. Now your Instagram and Facebook accounts are separated – but be aware they are the same company and do share your data.

 

As for non-Facebook apps and services you used Facebook to sign up for, most will have an option in their settings to choose a different login or unlink from Facebook. If you’re unsure if this applies to any services you use, go to Facebook’s settings and hit Apps and Websites to see a list of services you’ve linked to Facebook.

What are some other services for sharing photos?

Google Photos and Apple iCloud are services you may already be using to back up pics from your phone. But you can also use them to share pictures with others, tag people and make comments. If you’re specifically wanting to share photos of the kids you can set up shared folders in Google Photos that do this automatically. Tinybeans is another good app specifically made for sharing photos of kids with family members and friends.

If you’re deleting Facebook entirely and want a Messenger replacement, Signal is probably closest since it’s secure and has seamless integration between mobile and web. You could say the same for WhatsApp, but if you’re completely expunging Facebook from your life that’s a no-go. If you need all the goofy stickers and video chat features, your phone’s default iMessage or Android Messenger is as good as you may get.

Groups and events are the hardest Facebook features to replace, as it can feel like you’re going to miss out if you’re not on Facebook. But there are alternatives, just make sure you have a phone number and/or active email for each of your friends before you leave. Paperless Post is a good service that lets you create events, send invites and track RSVPs, and you can always create a group chat on your messaging platform of choice.

Source: https://www.smh.com.au/technology/how-you-farewell-a-facebook-account-and-what-you-can-do-next-20210219-p573wy.html

It’s time to unfriend Facebook when it resorts to starving us of news

 

If there was ever any doubt about Facebook’s cavalier attitude to the network of users it has created, this news blackout is definitive. To Facebook, we are all merely pieces of data to be observed, exploited and monetised. As citizens we are worthless.

Australians need to respond with our mouses. We need to unfriend Facebook and find alternative places to connect and collaborate, free of its surveillance models and reckless self-interest.

 

The 30 per cent of Australians who rely on Facebook as their primary source of news will have to find it elsewhere or live a fact-free life following the Big Tech behemoth’s decision on Thursday to purge journalism from its site.

Overnight, Facebook has removed access to its users from any site that smells like news: not only local major mastheads such as The Sydney Morning Herald and The Age, but also specialist sites like The Conversation and global leaders such as The New York Times.

News blackout ... Facebook is ignoring the public interest while acting in self-interest.

News blackout … Facebook is ignoring the public interest while acting in self-interest. Credit:iStock

It also seems Fire and Rescue NSW, the Bureau of Meteorology, MS Research Australia, Doctors without Borders and state health departments are among many placed on the blacklist, showing the scope of the Mark Zuckerberg edict from Silicon Valley.

This is an arrogant and reckless move that will be dangerous for all Australians who are relying on an evidence-based response to a global pandemic, but also self-destructive to Facebook. While Facebook argues it does not make much money from news in its network, it is wilfully turning a blind eye to its value. News provides the facts and evidence to anchor what it claims is a ubiquitous digital experience.

If there was ever any doubt about Facebook’s cavalier attitude to the network of users it has created, this news blackout is definitive. To Facebook, we are all merely pieces of data to be observed, exploited and monetised. As citizens we are worthless.

By rejecting the decisions of our elected representatives to implement the findings of the Australian Competition and Consumer Commission’s review of its monopoly power, Facebook is asserting its commercial interests should prevail over the public interest. Indeed, Facebook seems more comfortable with its networks supporting despots and dictatorships by algorithmically fomenting division than respecting a government working in support of democracy.

This decision was made hours after our elected leaders from across the political spectrum endorsed the work of experts to deliver a significant reform that will make our democracy stronger.

The News Media Bargaining Code, the brainchild of the ACCC and its chairman Rod Sims, was a systemic response to the monopoly power that Google and Facebook exert over advertising and its impact on public interest journalism.

 

Under Australian law there is now a legal mechanism to place a value on fact-based news within the digital platforms that have come to dominate our online world with their algorithmically powered engines of division, distortion and denial.

The spectre of the code – with its global precedence – has already begun to do its job. Google has rushed to finalise premium-content deals with media organisations. These deals will not only make the Australian media, which has shed more than 5000 jobs in the past decade, stronger; it will help address the built-in weaknesses of digital platforms that refuse to discriminate fact from fiction.

And they were only the first step in the program of digital platform reform that the ACCC has laid out to address the power of the Google/Facebook monopoly.

 

A review of privacy laws is currently under way, looking at the way Australians’ personal information is collected and monetised by online platforms with a view to designing consumer rights and protections. A separate process is focussing on the responsibilities social media should have to address harmful misinformation and disinformation, dispelling for good the myth that they are platforms with no broader social obligations for the harm they cause.

There’s also a review of the creepy world of ad-tech, where automated, virtual trading floors are running real-time auctions for our attention every time we visit a news page.

But this sort of expression on democratic reform is a red line for Facebook, which believes its network is stronger than our public institutions.

Australians need to respond with our mouses. We need to unfriend Facebook and find alternative places to connect and collaborate, free of its surveillance models and reckless self-interest.

Peter Lewis is the director of the Centre for Responsible Technology.

Source: https://www.smh.com.au/national/it-s-time-to-unfriend-facebook-when-it-resorts-to-starving-us-of-news-20210218-p573lt.html

 

Is it time to leave WhatsApp – and is Signal the answer!

 

The Facebook-owned messaging service has been hit by a global backlash over privacy. Many users are migrating to Signal or Telegram. Should you join them?

Whatsapp, Signal and Telegram app icons  on a smartphone screen
WhatsApp, Signal and Telegram: three leading choices for messaging services. Photograph: Rafael Henrique/Sopa Images/RexShutterstock
 

Earlier this month, WhatsApp issued a new privacy policy along with an ultimatum: accept these new terms, or delete WhatsApp from your smartphone. But the new privacy policy wasn’t particularly clear, and it was widely misinterpreted to mean WhatsApp would be sharing more sensitive personal data with its parent company Facebook. Unsurprisingly, it prompted a fierce backlash, with many users threatening to stop using the service.

WhatsApp soon issued a clarification, explaining that the new policy only affects the way users’ accounts interact with businesses (ie not with their friends) and does not mandate any new data collection. The messaging app also delayed the introduction of the policy by three months. Crucially, WhatsApp said, the new policy doesn’t affect the content of your chats, which remain protected by end-to-end encryption – the “gold standard” of security that means no one can view the content of messages, even WhatsApp, Facebook, or the authorities.

 

But the damage had already been done. The bungled communication attempts have raised awareness that WhatsApp does collect a lot of data, and some of this could be shared with Facebook. The BBC reported that Signal was downloaded 246,000 times worldwide in the week before WhatsApp announced the change on 4 January, and 8.8m times the week after.

WhatsApp does share some data with Facebook, including phone numbers and profile name, but this has been happening for years. WhatsApp has stated that in the UK and EU the update does not share further data with Facebook – because of strict privacy regulation, known as the general update to data protection regulation (GDPR). The messaging app doesn’t gather the content of your chats, but it does collect the metadata attached to them – such as the sender, the time a message was sent and who it was sent to. This can be shared with “Facebook companies”.

Facebook’s highly criticised data collection ethos has eroded trust in the social network. Its practices can put vulnerable people at risk, says Emily Overton, a data protection expert and managing director of RMGirl. She cites the example of Facebook’s “people you may know” algorithm exposing sex workers’ real names to their clients – despite both parties taking care to set up fake identities. “The more data they profile, the more they put people in vulnerable positions at risk.”

And the social network isn’t known for keeping promises. When Facebook bought WhatsApp in 2014, it pledged to keep the two services separate. Yet only a few years later, Facebook announced aims to integrate the messaging systems of Facebook, Instagram and WhatsApp. This appears to have stalled owing to technical and regulatory difficulties around encryption, but it’s still the long-term plan.


Why are people choosing Signal over Telegram?

Signal, a secure messaging app recommended by authorities such as the Electronic Frontier Foundation and Edward Snowden, has been the main beneficiary of the WhatsApp exodus. Another messaging app, Telegram, has also experienced an uptick in downloads, but Signal has been topping the charts on the Apple and Android app stores.

Signal benefits from being the most similar to WhatsApp in terms of features, while Telegram has had problems as a secure and private messaging app, with its live location feature recently coming under fire for privacy infringements. Crucially, Telegram is not end-to-end encrypted by default, instead storing your data in the cloud. Signal is end-to-end encrypted, collects less data than Telegram and stores messages on your device rather than in the cloud.


Does Signal have all the features I am used to and why is it more private?

Yes, Signal has most of the features you are used to on WhatsApp, such as stickers and emojis. You can set up and name groups, and it’s easy to send a message: just bring up the pen sign in the right-hand corner.

Signal has a desktop app, and you can voice and video chat with up to eight people. Like WhatsApp, Signal uses your phone number as your identity, something that has concerned some privacy and security advocates. However, the company has introduced pin codes in the hope of moving to a more secure and private way of identifying users in the future.

As well as being end-to-end encrypted, both WhatsApp and Signal have a “disappearing messages” feature for additional privacy. The major difference is how each app is funded. WhatsApp is owned by Facebook, whose business model is based on advertising. Signal is privacy focused and has no desire to analyse, share or profit from users’ private information, says Jake Moore, cybersecurity specialist at ESET.

Signal is supported by the non-profit Signal Foundation, set up in 2018 by WhatsApp founder Brian Acton and security researcher (and Signal Messenger CEO) Moxie Marlinspike, who created an encryption protocol that is used by several messaging services, including WhatsApp and Skype as well as Signal itself. Acton, who left Facebook in 2017 after expressing concerns over how the company operated, donated an initial $50m to Signal, and the open-source app is now funded by the community. Essentially that means developers across the world will continually work on it and fix security issues as part of a collaborative effort, making the app arguably more secure.

But there are concerns over whether Signal can maintain this free model as its user base increases to the tens, or potentially in the future, hundreds of millions. Signal is adamant it can continue to offer its service for free. “As a non-profit, we simply need to break even,” says Aruna Harder, the app’s COO.

Signal is exclusively supported by grants and donations, says Acton. “We believe that millions of people value privacy enough to sustain it, and we’re here to demonstrate that there is an alternative to the ad-based business models that exploit user privacy.”


I want to move to Signal. How do you persuade WhatsApp groups to switch?

The momentum away from WhatsApp does appear to be building, and you may find more of your friends have switched to Signal already. But persuading a larger contact group can be more challenging.

Overton has been using Signal for several years and says all her regular contacts use the app. “Even when dating online, I ask the person I want to go on a date with to download Signal, or they don’t get my number.”

Some Signal advocates have already begun to migrate their groups over from WhatsApp. Jim Creese, a security expert, is moving a neighbourhood text group of 100 people to Signal. He is starting with a smaller sub-group of 20, some of whom struggle with technology. Creese says most are ambivalent about switching “as long as the new method isn’t more difficult”.

He advises anyone who’s moving groups across apps to focus on the “why” first. “Explain the reasons for the change, how it is likely to affect them, and the benefits. Don’t rush the process. While WhatsApp might not be where you want to be today, there’s no emergency requiring an immediate move.”

Moore thinks the shift away from WhatsApp will continue to gain momentum, but he says it will take time to move everyone across. Until then, it’s likely you will need to keep both WhatsApp and Signal on your phone.

Moore is in the process of moving a family chat to Signal, for the second time. “When I originally tried, one family member didn’t understand my concerns and thought I was being overcautious.

“However, the recent news has helped him understand the potential issues and why moving isn’t such a bad idea. The next hurdle will be getting my mother to download a new app and use it for the first time without me physically assisting her.”

Source: https://www.theguardian.com/technology/2021/jan/24/is-it-time-to-leave-whatsapp-and-is-signal-the-answer

WhatsApp Has Shared Your Data With Facebook for Years, Actually

WhatsApp Has Shared Your Data With Facebook for Years, Actually

“I don’t trust any product made by Facebook,” says Evan Greer, deputy director of the digital rights group Fight for the Future. “Their business model is surveillance. Never forget that.”

A pop-up notification has alerted the messaging app’s users to a practice that’s been in place since 2016.

two guys on the phone
Your encrypted messages are still safe, but it’s a rude awakening for many WhatsApp users.Photograph: Noam Galai/Getty Images

Since Facebook acquired WhatsApp in 2014, users have wondered and worried about how much data would flow between the two platforms. Many of them experienced a rude awakening this week, as a new in-app notification raises awareness about a step WhatsApp actually took to share more with Facebook back in 2016.

On Monday, WhatsApp updated its terms of use and privacy policy, primarily to expand on its practices around how WhatsApp business users can store their communications. A pop-up has been notifying users that as of February 8, the app’s privacy policy will change and they must accept the terms to keep using the app. As part of that privacy policy refresh, WhatsApp also removed a passage about opting out of sharing certain data with Facebook: „If you are an existing user, you can choose not to have your WhatsApp account information shared with Facebook to improve your Facebook ads and products experiences.“ 

Some media outlets and confused WhatsApp users understandably assumed that this meant WhatsApp had finally crossed a line, requiring data-sharing with no alternative. But in fact the company says that the privacy policy deletion simply reflects how WhatsApp has shared data with Facebook since 2016 for the vast majority of its now 2 billion-plus users.

When WhatsApp launched a major update to its privacy policy in August 2016, it started sharing user information and metadata with Facebook. At that time, the messaging service offered its billion existing users 30 days to opt out of at least some of the sharing. If you chose to opt out at the time, WhatsApp will continue to honor that choice. The feature is long gone from the app settings, but you can check whether you’re opted out through the “Request account info” function in Settings. 

Meanwhile, the billion-plus users WhatsApp has added since 2016, along with anyone who missed that opt-out window, have had their data shared with Facebook all this time. WhatsApp emphasized to WIRED that this week’s privacy policy changes do not actually impact WhatsApp’s existing practices or behavior around sharing data with Facebook. 

“Our updated Terms and Privacy Policy provide more information on how we process your data, and our commitment to privacy,” WhatsApp wrote on Monday. “As part of the Facebook Companies, WhatsApp partners with Facebook to offer experiences and integrations across Facebook’s family of apps and products.”

„I don’t trust any product made by Facebook.“

Evan Greer, Fight for the Future

None of this has at any point impacted WhatsApp’s marquee feature: end-to-end encryption. Messages, photos, and other content you send and receive on WhatsApp can only be viewed on your smartphone and the devices of the people you choose to message with. WhatsApp and Facebook itself can’t access your communications. In fact, Facebook CEO Mark Zuckerberg has repeatedly affirmed his commitment to expanding end-to-end encryption offerings as part of tying the company’s different communication platforms together. But that doesn’t mean there isn’t still a trove of other data WhatsApp can collect and share about how you use the app. The company says it collects user information „to operate, provide, improve, understand, customize, support, and market our Services.”

In practice, this means that WhatsApp shares a lot of intel with Facebook, including  account information like your phone number, logs of how long and how often you use WhatsApp, information about how you interact with other users, device identifiers, and other device details like IP address, operating system, browser details, battery health information, app version, mobile network, language and time zone. Transaction and payment data, cookies, and location information are also all fair game to share with Facebook depending on the permissions you grant WhatsApp in the first place.

“WhatsApp is great for protecting the privacy of your message content,” says Johns Hopkins University cryptographer Matthew Green. “But it feels like the privacy of everything else you do is up for grabs.“Get WIRED for $5. SubscribeAdvertisement

Facebook purchased WhatsApp in 2014 and noted at the time that it and the company’s chat platform Messenger would operate as “standalone” products. The slow shift toward integration has been controversial internally, and may have contributed to the departure in late 2017 and 2018, respectively, of WhatsApp cofounders Brian Acton and Jan Koum. A few months after leaving, Acton cofounded the nonprofit Signal Foundation. The organization maintains and develops the open source Signal Protocol, which WhatsApp and the secure messaging app Signal, among others, use to implement end-to-end encryption.

“Today privacy is becoming a much more mainstream discussion,” Acton said at the WIRED25 conference in 2019. „People are asking questions about privacy, and they want security and privacy built into the terms of service.”

Though this week’s WhatsApp privacy policy revisions don’t actually alter the messaging service’s behavior, it’s significant that users may have thought the company was offering an opt-out option all these years that didn’t actually exist. A level of data-sharing that some users disagree with and even fear has already been going on. Given the reality that Facebook has owned WhatsApp for the better part of a decade, this clarification seems to some like simply reckoning with the inevitable.

“I don’t trust any product made by Facebook,” says Evan Greer, deputy director of the digital rights group Fight for the Future. “Their business model is surveillance. Never forget that.”

source: https://www.wired.com/story/whatsapp-facebook-data-share-notification/