WingNews logo WingNews
top | item 14125801

Ask HN: How has Facebook figured out my family doctor as a friend suggestion?

76 points| throwaway_374 | 9 years ago

I never use Facebook on my phone so you can hopefully rule out contact list networks - not that I ever had their personal mobile on my list - and location tracking because I haven't attended my doctor's surgery in years. We have zero friends in common. Other than my doctor actively looking me up on Facebook - highly unlikely - how on earth is this possible? I'm willing to accept friends of friends suggestions but this is beyond spooky.

61 comments

order

compsciphd|9 years ago

We've gone through this many times, its nothing nefarious.

1) doctor uploads his contacts (phone number/email addresses) to facebook and sets his contact info

2) you upload your contacts and set your contact info

if there's one match between them, facebook believes (correctly) that there is some sort of existing relationship between you. The fact that its professional and not personal and you want facebook to just be personal doesn't change it.

In other cases facebook can see you are friends with many of them same people and hence figures you might know each other.

yjftsjthsd-h|9 years ago

I think we could reasonably disagree about whether or not it's nefarious. Siphoning everyone's contacts is iffy to start with.

caseysoftware|9 years ago

There doesn't have to be a match. Simply the fact that either person either uploads their contacts (either via linking to their email or installing Facebook on their phone) is enough to assume the link.

After all, if you have someone in your contact list (phone or email), you've probably been in touch at least once.

Nefarious? Debatable. But also totally predictable.

matt_heimer|9 years ago

So they Kevin Bacon it? (https://en.m.wikipedia.org/wiki/Six_Degrees_of_Kevin_Bacon) Has anyone generated enough fictitious people to determine the number of degrees they'll go to? I would imagine at 4 hops the list gets huge and well outside your personal circle but it'd be interesting to see some studies.

throwaway_374|9 years ago

Thanks for your reply but I have no idea why this is the top voted reply as it does not consider my factors . As noted by others:

1) The doctor/practice does not have my latest mobile phone number as I have not been to them in years. Having said that, it may be an old number on which I used to use Facebook. This friend suggestion is only in the past few months, which suggests that they are mining friend circles in historic usage data - everyone you know, and ever knew. All that being said, this would require my doctor to have my personal mobile number on her personal mobile phone on which she would have used Facebook at some point in time, which is absolutely impossible in a professional setting.

2) I have not installed Facebook on my current phone.

I'm still not convinced by any argument here, beyond the doctor actively looking me up on Facebook personally outside work.

abraca|9 years ago

No,your doctor actually is not allowed to upload your contact information as a patient to Facebook. It is against regulations. Patient information is private, including contact information. If he or she has done so it IS nefarious.

williamscales|9 years ago

I think the original asker said he had never uploaded his contacts. Presumably though Facebook could just follow the reverse relation from the doctor without needing to confirm that it goes both ways.

simonduponte|9 years ago

Factors that contribute to friend suggestions on FB:

1. Facebook tracking pixels on websites (if you visit a website with the pixel, you can be targeted in many different ways).

2. Email. If you have sent or received an email to the doctor, and either of you has associated that email to FB, you can be tracked.

3. Searching on FB, you say its unlikely for him to look you up on FB, yet theres always a chance that being a family doctor, he might have at some point seen one of your family member's FB and stumbled upon a picture or post in which you were tagged.

4. Whatsapp Contacts. As you know, Whatsapp and FB are part of the same company, hence have access to linked information. If you share certain Whatsapp contacts, a connection can be inferred.

patcheudor|9 years ago

I'm glad you covered the bi-directional aspects of the association. A number of years ago FB had a vulnerability I discovered whereby it was possible to register an account with an e-mail you don't own. Obviously it wouldn't be possible to then verify the account if the owner of the e-mail targeted failed to click on the verify link. To get around this, upon first authenticating with the account after registration it was possible to change the e-mail address to one you own then send a very request. After verification, it was then possible to change it back to the original e-mail at which point it was verified.

In testing with a few people who never even had FB accounts and who I clearly did not import any contacts, etc., was that they fairly immediately received friend suggestions and even requests from people they knew. This was also despite the fact they'd never used the computer or even IP address used in the registration of the account. At the time it helped me prove a point that not participating in social media could be a security problem & to always take social media verification seriously. Obviously FB has since fixed that vector.

hollander|9 years ago

Using the wifi at the doctor's office would be another methods of linking. (I know this doesn't apply to the poster, but just giving another method.)

About 2: Email. I don't understand. If I send an email from my gmail address to his hotmail address, and both of us use the addresses for Facebook registration, how does that link us? And you say "either", so only one of us uses it for Facebook. I don't get it.

About 3: Maybe he has many links to other people on FB, people in his social circles, one or two or even three steps away. If you have enough of these people, the link is made. And they just show these people, and at some point you see it and all the others go unnoticed, but this one pops out.

ams6110|9 years ago

I question point 2. Are you suggesting that Facebook reads my email? Have I given them my email password? If not, how? (I ask, because I don't use Facebook).

Sure, if we have each other's email addresses in our contact lists on Facebook, I can see how the connection was made.

badthingfactory|9 years ago

I had a surgical procedure done at the beginning of the year. I hadn't explicitly shared this information at any point online or visited any websites related to the surgery. A few days after visiting the hospital for some tests, Google AdSense was showing me ads for surgeons at that specific hospital.

I'm not sure who I was most disappointed in. The hospital for purchasing the ad, Google for tracking my hospital visits, or myself for trading privacy for the convenience of services like Google Now.

pmiller2|9 years ago

And, to top it all off, those ads were utterly ineffective, since you'd already had the procedure done!

Amazon and eBay have this same problem, wherein they show you things similar to things you've already bought.

employee8000|9 years ago

The problem with all of these mobile apps is you just need ONE of your contacts to upload your information, and then you're fucked. That's why I've given up trying to hide my details because they already have it. The idea that all 100% of my contacts respect my privacy is ridiculous unfortunately.

gvb|9 years ago

Definition: Your "Facebook ____" is the lowest ____ of any of your "friends" that has a Facebook account.

Where ___ is any applicable attribute such as intelligence, privacy, etc.

Corollary 1: You will be surprised at who is included in the set of "friends" that have a Facebook account.

Corollary 2: You will be surprised at how low the lowest ____ is for your "friends."

itake|9 years ago

I had something similar happen with an odd friend. I discovered that I shared my address book with the messenger app. With gmail auto-adding contacts, you might have been linked that way.

pmiller2|9 years ago

Besides every other suggestion here, couldn't it be that your doctor actually is a friend of a friend?

throwaway_374|9 years ago

Not possible as zero mutual friends, unless second degrees are considered which based on all other suggestions is not the case and would naively scale factorially (?).

calvinbhai|9 years ago

Possibilities:

1) you have instagram or whatsapp and use them frequently

2) you use an app that has Facebook login, that has location access or just has the SDK lying in app but not being used.

3) I don't know about what access react native/js frameworks have in terms of device resources, but that "may be" an another source of info leak.

4) your contacts/friends uploaded a photo on one of these services where you were there in the photo

5) if any of these apps have microphone access (when you record videos) it's "possible" to do many surreptitious things.

All of the above, done by 1 or many of your friends/contacts on Facebook/instagram/WhatsApp, FB identified you and correlated it somehow.

tranv94|9 years ago

Facebook suggests a person I keep seeing on my commute that also works in the same building as me (not same company). I always think the 0 mutual friend recommendations are a bit weird/interesting

randomdata|9 years ago

To be fair, users who appear to travel in the same circles (even just an IP address can reveal such correlation) seems like a fairly good choice for making that kind of suggestion.

unclesaamm|9 years ago

I think Facebook also connects people who appear at the same wireless access points, so you could have received the suggestion once your phone connected to the Internet at the doctor's office.

madamelic|9 years ago

Surprised this reply is this far down here.

The correct answer is that if you have the FB app installed, it tracks your location. If you are in any place with another person with the FB app also installed multiple times, it assumes you two know each other.

It is why therapists and other medical professionals should not have FB (or any social network app, for that matter) installed on their phone (or, alternatively, on while in the work place).

code_duck|9 years ago

The most unusual friend suggestion I have received is a profile for the actor Steve Martin. It had two mutual friends, and appeared 20 minutes after a friend asked me "Have you ever listened to Steve Martin? The actor? He's also a bluegrass musician" and played a couple of songs on Spotify.

Any ideas on how that came about? It's hard to believe it's anything other than some app listening to audio.

nscalf|9 years ago

Do you log into spotify through facebook?

madspindel|9 years ago

Something is indeed spooky with Facebook and their other products. I am friend with a guy on Facebook and a person with the same name ended up as a suggestion on Instagram - ok maybe not so spooky. But(!) this guy looked like my friend except like ten years older. So I guess the combination of same name + looked like my friend (Facebook Face recognition) made Instagram suggest this dude to me.

DougN7|9 years ago

I have a similar, but even less connected case than a doctor: a contractor that worked on my basement. No friends or clients in common that I know of. I've never been to his office. Don't even know what town he lives in. I did use FB on mobile for a short while, but probably didn't allow location info (call me paranoid). I most definitely did not upload any contact list.

How can it be?

jdavis703|9 years ago

How many other people in their recommendations list do you either not know at all, or only know of them, but have never met? Whatever algorithms they use to produce these recommendations (your social graph, IP addresses in common, etc) will of course wind up surfacing a broad range of people, including some back you actually know.

sofaofthedamned|9 years ago

A Twitter acquaintance had a phone call from a website owner where he'd just browsed their site, no relationship in any other way.

We think they did a whois on his IP address which was at his company address, which we all know is doable, but seeing companies proactively do this is crazy.

skdotdan|9 years ago

Either you have searched you doctor, or your doctor has searched you.

greyman|9 years ago

I believe this is the correct answer, it happened to me as well. I got friend suggestion for my daughter speech therapist, and all our communication and appointments were done only in paper form. But I searched her name on FB out of curiosity. :-)

OP: Can you exclude the possibility that the doctor just searched your name on FB? Why wouldnt he do that...?

maxsavin|9 years ago

Facebook tracks your location and the locations of others. If it sees that you are around some people often, it might suggest you to be friends.

thawab|9 years ago

the facebook/messenger app upload all contacts. if he has your phone number, and your facebook account is registered with the same number, you will see a friend suggestion. i don't use any of facebook's app on my phone and a few time's i see a freind suggetion of people i just met in a week or less.