Print 20 comment(s) - last by tastyratz.. on Jul 30 at 11:21 PM

The torrent could be viewed as Facebook's first digital "phonebook" equivalent, or a gross invasion of privacy, depending on how you view it.
Third party has no association with site, but made liberal use of its data policy

You could call security consultant Ron Bowes analytics masterpiece either Facebook's first digital "phonebook" or a gross violation of privacy.  Either way, Mr. Bowes appears to have quite legally used a cleverly crafted web crawler code to gather details on over 100 million users who either intentionally or unintentionally failed to obscure their profiles from search engines.

Ron Bowes, who heads Skull Security, posted the archive on the torrent site 
The Pirate Bay and it already has around 13,000 active users downloading or uploading it. 

The archive contains names, profile URL, and unique user ID of all 100M users, scraped from the popular social networking site, which currently claims a user base of over 500M users.

Facebook, in a statement to 
BBC News say the archive seems like no problem at all to it.  It states, "People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want... In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook... No private data is available or has been compromised."

Simon Davies from the watchdog Privacy International, though, calls the data mining an "attack" and comments, "Facebook should have anticipated this attack and put measures in place to prevent it... It is inconceivable that a firm with hundreds of engineers couldn't have imagined a trawl of this magnitude and there's an argument to be heard that Facebook have acted with negligence... People did not understand the privacy settings and this is the result."

Facebook has rolled out multiple privacy settings changes in what seems a clear attempt to mine and make available users' data.  Many users of the popular site don't even seem to realize their information is being shared, or that the site's CEO claims that customers no longer care about privacy.

To manually opt out of being search-engine indexed go to Account > Privacy Settings > Applications, Games, and Websites (link near the bottom, in a box) > Public Search > (Uncheck box).  It's a good idea to keep an eye on the various pages in the privacy settings section if you're worried about such things, as they frequent receive changes, as mentioned.

A user lusifer69 who comments on the torrent page on 
The Pirate Bay writes, "This is awesome and a little terrifying."

If there's one thing that the incident indicates, its that there's an increasing legal gray area surrounding online data collection (for example, look at the recent Goatse Security harvest of 100,000+ iPad buyers' emails and ICC IDs.).  Also, users are by and large mostly unaware of their increasing visibility online.  That may spell trouble, should people put such harvested data to ill-use.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Facebook
By tastyratz on 7/29/2010 11:08:02 AM , Rating: 2
This is rather abusive of a company. I myself also get extremely irritated at the automatic opt in policy for new accounts with MANY services, not just Facebook.

If for example your information is sold to a marketing agency and your opted in before you can manually opt out - chances are your information is fed to them instantly before you have the oppertunity to opt out essentially forcing every single customer to opt in.

I for one would love to see laws in place where any information is to be sold licensed or distributed to a third party require explicitly pre established consent SEPARATELY from the providers terms of service.
Unchecking after signing up is too little too late...

Who is with me there?

RE: Facebook
By OUits on 7/29/2010 11:27:21 AM , Rating: 2
Well, to be fair, you should read the ToS and Privacy Policy before your account is even activated, much less filled out with marketing nuggets. If you sign up, fill out your whole profile, amass friends, upload pictures and THEN check to see what's being shared, you're going about it all wrong.

You should (I know people don't, and it's even viewed as unrealistic):
1. Read the Tos and Privacy Policy to understand what is being shared.
2. Sign up if you still really want to after reading the above.
3. Tweak your privacy settings.
4. Fill out information and otherwise interact with the site.

RE: Facebook
By geddarkstorm on 7/29/2010 1:53:26 PM , Rating: 2
All well and good, until they change the TOS on you, and sell off all your previously unshared data before giving you the option to prevent that, again. How many times has that happened now?

This is why the responsible thing is just not to use such stuff for anything but fluff.

RE: Facebook
By tastyratz on 7/30/2010 11:21:02 PM , Rating: 2
As per agreeing to new mandatory TOS it defaults your settings.

Yes you should always read the TOS, but at that point in every TOS for everything you ever sign up for sign your life away.

My proposal is mandating that "opt in" and affiliate sharing legally NOT be allowed to be incorporated in the TOS nor required for participation. Opt out unless otherwise specifically selected.
Blunders like this would be a thing of the past.

"When an individual makes a copy of a song for himself, I suppose we can say he stole a song." -- Sony BMG attorney Jennifer Pariser

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki