Facebook Scans What You Send Other People on Messenger App

I have the same initial reaction. However, even though we 1% of tech geeks that are paying attention and are aware of these things, how many of us have had people slightly tilt their head sideways in confusion when we try to inform them of this stuff. I'm sure we've all been labeled kooks, conspiracy nut, tin foil hat wearers, etc in the past.

This is one of those situations where the mass populace just didn't want to understand, couldn't understand or combination of both, but the mass populace is finally starting to see just how much of this tracking stuff has been going on. I still think it's not enough, though.

Yep, very old news. They also blocked URLs to competitors claiming the links were spam. Even if you legit posted the link, Facebook didn't notify you the message didn't send. It just failed silently.

Yes the mechanics of handling a message or posting or whatever is understood at some level by everyone and perfectly acceptable. What's troubling is that they associate all of it and more with a cumulative collection of information about a "persona" that is essentially permanent, and in the majority of cases they know who that persona belongs to. The individual concerned has no control over it. Further even FB et al do not have complete control how that persona is used or abused.

This is why Facebook's "We connect people. Period. That’s why all the work we do in growth is justified." is a false statement.

This is not old news and the examples you provided are not proof that they were doing it prior.

It is perfectly possible to crawl pages to get titles and FavIcons client side or using a web service that don't necessarily keep a log of these requests.

Same thing for censoring links. You can have a static list of disallowed domains and do all the filtering client side or have a web service that given a link returns true or false if it should be censored. It doesn't necessarily means it needs to be logged, kept, associated with a user or manually analyzed.

What we're seeing now is that facebook is actively looking at whole messages, that's a step up from the previous instances. It's still unclear if this is all automated or if some are manually reviewed. It's also unclear if these are associated with a user, or anonymized when analyzing them. Are these logged? How long are they kept for? Facebook should be more clear on how this all works. Otherwise we're just left guessing.

What do you propose as an alternative? This isn't govt mandated censorship, it's a private company not wanting to become a CP sharing portal.

As if pedophiles would send their stuff in the clear...

Another example of charitable sanitisation: referring to personal data being 'monetized' rather than 'sold'. Information is sold when advertisers can target sets of users based on their personal data.

I think his sort of awkward introvert style already marked him as not much of a threat politically. How would he do in a debate? Thus, not buying a conspiracy to keep him out of politics. It shouldn't be this way, but charisma is a base requirement in politics.

On top of that news outlets essentially lost almost all their web traffic after FB started focusing on meaningful connections in January.

They are probably beyond pissed because of the ad revenue loses...wonder how many of them will fold soon?

There is no way Zuckerberg was ever going to hold any political office. Why on earth would he even want to? He has WAY more power and influence simply by controlling the Facebook empire and being worth $60+ billion.

All this talk started because he hired a top Obama campaign manager as a lobbyist for his foundation, and somehow people got "he obviously wants to be President" out of it.

To me, it seems more recently that these larger negative stories tend to linger around. I think it's less related to malicious intent, and more, news websites attempting to capture more of the residual interest with a barrage of derivative articles (and succeeding).

Have tested this myself with known bad links (ie malware, spam and piracy websites). None were blocked.

Steve Weis was involved in its development (previously PrivateCore, Google Security Engineer where he developed 2FA and the keyczar library) and jumped on the defense after it was initially announced. Earlier versions were reviewed externally by some pretty well-known cryptographers.

That being said, meta-data around use of E2E encryption in Messenger is still an issue since it's not enabled by default.

I think most people, at some level, know this and accept it. I think the shock comes when you think how long this information is kept for, and what that means. i.e. each year they can advertise age appropriate birthday presents, a few years from now they might get adverts for children party suppliers. As they grow up college saving funds, colleges, trips to Disney land, first cars can all be targeted to you at just the right time.

>When our daughter was born, and I sent an announcement via GMail, I started seeing ads for diapers.

Your comment is making me feel really, really old. Have people forgotten Gmail's history?

Gmail is not that old. When it was new, what you are pointing out was in the news. It was all over the news. To the point of members of Congress commenting on it. It was heavily debated. Google was very open about the fact that they were doing it. Google was the first (major) email provider to offer 1 GB of mail (well over the usual paltry 50MB that was the norm). Everyone asked "How can they afford it?" And it was very much in the open that it was being paid for ads, and that Google will mine your emails and provide you with targeted ads.

I remember while reading an email on Gmail back in 2004/2005 there was a very obvious targeted ad based on the content of that email.

I honestly do not mean this as a criticism, but I am really, really surprised that a HN poster was surprised by this. That Gmail scans (or scanned) emails and uses them for ads is almost part of their identity. It's like being surprised that there are ads in a newspaper.

There are multiple vectors for them obtaining that information - location records from your phone, receipts for parking ramps at a hospital, any mention about a pregnancy or baby on social media in the past (pregnancy announcement etc), image recognition of the newborn, registering for baby related gifts, buying pregnancy/baby related items (books, classes, equipment etc), a third party selling your information (health insurance maybe?), or using your web search history.

It's safe to assume that much of the data we all leak is being mined for revenue.

That's amateur level stuff for modern marketing, have you seen this article back from 2012 on how Target can figure out that you're pregnant and send you ads for maternity stuff before you've told anyone at all, just by watching what you buy?

https://www.nytimes.com/2012/02/19/magazine/shopping-habits....

Given how Target shut that guy up, you have to figure they're doing even more along those lines nowadays.

Okay, but couldn't this be good for some people? If they see cheap diaper ads, they might be motivated to buy them.

I know the implication is negative in terms of privacy, but it has its benefits if it could actually solve problems and provide value to the majority.

Would you rather see ads for cat food? (Even though you don't have a cat.) This is not a rhetorical question: please answer it.

The reason for this question is that even though you don't have a cat lots of people do! It's absolutely not a false dichotomy. Either people who have no cats must see cat food advertisements (bad choice), or cat food advertisements must be shown to people who probably have a cat (better choice). There's really nothing in between.

This is the world we live in, and you should prefer to see baby diaper ads vs cat food ads, when you do have a baby but don't have a cat. The statistical number of cats or babies is irrelevant. As you may know, Google is pretty good (not perfect) about not allowing keyword targeting that gets down to individual people so the privacy implications really are pretty limited.

-

That said, I have a funny story to share. (About adapting to this world.) I am learning a foreign language and I decided to watch baby cartoons in that language. But before I did, I thought to myself, "Okay if I start searching YouTube for cartoons for 1 year olds, pretty soon Google is going to decide that I'm a new mother and I'll see nothing but baby cartoons in my feed for the next 5 years."

I was sure enough in my reasoning that I went ahead and created a brand new Google account for the express purpose of being able to pollute its YouTube feed. I only watch stuff related to that language learning on that account.

This had the exact effect that I wanted. That youtube became absolutely awesome for spending focused time on my language learning, using all sorts of related videos. It includes people documenting what life in that country is like for tourists and foreigners, it includes foreign-language teachers' channels, it includes related cartoons and films at a good level for me, it includes political speeches from that country subtitled in English. I couldn't be happier with the result.

You know those acknowledgments we've been clicking through for the past few years by Google saying "Hey!! We're doing this. READ THIS"? I think it makes what they do pretty above-board.

As a consumer we're able to adapt to this, but it's not something I have any problem with.

(Disclaimer: I indirectly contributed to Google in the past but not now, I would definitely list it as a disclaimer if it were happening now but I remember that it changed how I wrote about Google especially when I was the most critical of them, so I think it's worth mentioning still. I am a bit nicer when I'm really pissed off at them as a consumer - but this is not the case in this instance.)

---

EDIT: I carefully edited this as it is falling to -1. I stand by the sentiments in this comment: they are correct. Downvoters are wrong.

Google does not use the content of your emails to target ads: https://support.google.com/mail/answer/6603

Ads where? Do you just mean display ads on the web? If so, your browser likely ended up on a list for diaper ads by some other means. Top of mind: - Did ever add a baby-related product to a shopping cart on a retail site? - Did you visit baby-related websites?

Less likely, but possible,if your browser cookie was linked to other personal information by 3rd party data brokers: - Do you use a loyalty card at a physical store? Did you suddenly buy baby stuff for the first time? - Did you return a product registration card for a carseat or something like that? The company my resell their customer lists.

If they didn't scan and detect child porn, there would be articles about how they're letting people get away with sharing child porn on Messenger. It seems there's no way for Facebook to win here, given that people want both complete privacy and also no illicit activity on the platform.

> Child porn is terrible, but very few people produce it or want to look at it.

There are many jurisdictions were people who are legally underage engage in sexting etc. There's hardly any "universal standard". Never mind areas where "gay" sex illegal etc.

"They would never do that because people would lose trust in them and their profits would drop!"

"I know a guy that works there, and he says they take privacy very seriously!"

"Facebook is too big to make such a stupid decision like looking into your personal communications!"

^ All of these are arguments that I've heard here on HN. I can't even imagine what people on non-tech oriented sites say.

Yes, they have access. The point is more that they have an automated system scanning and flagging messages, specifically so that they're reviewed by humans, for content they don't want on their platform.

My landlord has access to my apartment, and I certainly don't expect them to just pop in and take things out that they don't like -- I at least expect some kind of notice. You can apply this to basically anything in the physical world, like mail. Having the capability to access does not equate to having permission to access.

Well, we had this thing called phone companies. In the beginning, many places, the switchboard operator would listen in. Then switchboards became mechanical and the industry regulated as a utility. And while it was technically easy for phone companies to listen, it was illegal for them to do so. (and nsa built a closet so it could listen in illegally, and got caught, and faced no consequences beyond an astronomical budget increase, anyhow...).

In The US there seems the trend is if you transport it, you get to data mine it (as long as "it" is digital, and "you" isn't a post service or phone company - not sure about isps). While in Europe the GDPR states that we live in a digital world, detecting that someone made a thousand copies of your data is really hard; but we'll make sure everyone is responsible for helping keep your data safe. Like the mailman and the telephone company.

But yeah, I think a lot of people still assume that a company facilitating private conversations won't have as primary business model to spy on those conversations.

These problems are why I left gchat. Very unreliable multi-client syncing.

Messenger has been rock solid for me.

> But in this case I think it’s 100% fine, even expected in order to stop bad content (porn, abuse etc) from going through

I was pretty shocked when FB filtered out a pornhub link I tried to send to my then-girlfriend on Messenger. I thought it was very inappropriate of them to police our relationship like that. We were both adults...

stopping "Bad content" is a slippery slope, especially on a network, where most only talk to people they actually know and who are usually using real identities. Keep in mind it's private messaging we're talking about.

Puts buyers, calls sellers. Look up options.

Google shows ads on Gmail under the Promotions tab. It does not scan emails to target ads. https://support.google.com/mail/answer/6603