FB is a company with a completely rotten top-down culture. Nothing is going to change until a huge set of executive leadership swap, or they are forced to by mean of legislation.
After apologizing thousands of times, they internally justify each of those breaches by rejecting the fault to "users" or other external factors (source: several friends working at Facebook, and reading public tweets of Facebook leaders).
The culture there is inherently anti-privacy and whoever fundamentally disagree is about to leave or has already left.
Not just that, the top-down structure is shaped after a cult of personality.
Talking to my friends who work at Apple, FB, Google, Amazon and others, facebookers are the only ones who seem to be willing to defend their leader on a personal level, as if they had a dear friend being attacked.
My other friends couldn't care less if someone criticizes or attacks Bezos, Tim Cook, Sundar and so on.
The only other company I can think that behaves in the same way is Tesla with Musk (well, an Apple with Jobs in the old days), but the key difference is that most Muskians don't seem to work for Tesla, and the folks I know at Tesla aren't actually obsessed with Musk.
They think they can keep using an apology tour to dismiss all past misdeeds ("we have work to do"). It looks silly at this point and completely incompetent.
> source: several friends working at Facebook, and reading public tweets of Facebook leaders
The people I know at Facebook have been resorting to whataboutism (everyone is doing it, look at the Google app doing the same thing, for sure Apple is also hiring market research firms who do the same thing, why aren't you concerned about AT&T/Verizon, etc etc)
I understand how FB was not using Apple's enterprise development program in good faith. Apple clearly has a right to do what they did.
I don't understand why FB is in hot water with the public for what they did. Users were informed that data collection was taking place and they were compensated for it. Now, was it wise on the users' part to join this program? Perhaps not, but last time I checked this is still a free country and people can sell their property for as much or as little as they want.
On NPR this morning I heard the argument that a lot of the detail of what is collected and how it is used is buried in the T&C. So what? Have we lost sight of personal responsibility? How naive are people? If you are getting something for free from a large corporation you're not getting it out the kindness of their heart. They are making money somehow. That is how the world works.
Panic, moral or otherwise, about this sort of stuff is going to push the tech industry into realm of regulatory capture. Well funded companies will be able to afford and absorb compliance costs where small bootstrapped startups, lifestyle businesses, and indie developers will be pushed out of the market.
I think the issues are:
- they were collecting data from users who were below legal age for responsibility and/or local laws about collecting data about minors.
- The general public know very little about everything. Companies have a moral duty to not only educate their users but also to not do wrong.
Personal responsibility is a flag many people wave but it's a farce. That argument can be used for anything, from seatbelts, to smoking, to privacy. It is impossible for everyone to know enough to make informed choices about EVERYTHING. There is a need for societal organisations (governments, NGOs, responsible journalism) to provide guidance to the public and legal limits in order to provide protection to the whole.
They did not make it clear that this app could bypass SSL. I've talked to numerous people on reddit who installed the app thinking that they were safe because all their communication was encrypted, not realizing that the whole point of the app is to bypass encryption.
> Have we lost sight of personal responsibility? How naive are people?
How can you blame this on personal responsibility when you need a law degree to understand the terms and conditions? Like many here I am intelligent and educated and I have an extremely difficult time understanding the legalese the T&C are written in. The average person would have an even harder time if they bothered to read it at all. Some lawyers have spoken out that they have a hard time understanding these agreements.
I would argue that there is no way any reasonable person would think the users were properly informed. You can't be properly informed when you have little to no chance of understanding what you're agreeing to without at least one lawyer.
I don't think most people would have truly understood how much control Facebook had over their phone with the access given. It's not as simple as "the user clicked 'I consent,' so it's ok." For better or worse, we have become conditioned to clicking "I agree" because we are bombarded with hundreds of pages of legalese to use anything these days. I don't think this absolves companies from acting ethically.
> Have we lost sight of personal responsibility? How naive are people? If you are getting something for free from a large corporation you're not getting it out the kindness of their heart. They are making money somehow. That is how the world works.
We can argue about this particular instance, but I think your argument is pretty flawed; it seems to imply that if I agree to a deal with a company, I can't be upset about ANYTHING slipped into the T&C. It really depends on what it is.
Yes, these people expected to trade some information for money, but it isn't naive of them to expect some reasonable limits to what they were collecting.
Although you may be technically correct, it doesn't matter.
People don't read T&C, and they don't like having companies spy on them like this. If companies won't be up front about their data collection (and burying the notice in a T&C isn't being up front) they'll just have to suffer the consequences when people find out.
I don't understand why this is all that controversial either. Is it really any different than what Nielson does with set meters to capture people's TV watching behavior?
FB has opened themselves up to a world of hurt in this endeavor. The copious privacy issues aside, the is an easy question of 'what happens when...' that I cannot fathom how their legal counsel overlooked.
For example: One of the persons that they were closely monitoring decides to harm themselves or others in a somewhat 'newsworthy' way. Think the plethora of young people with access to certain classes of firearms. A contrived set of circumstances could exist where that young person could have been stopped by the monitors at FB, yet was allowed to continue all the same, through the sheer stupidity/negligence of FB. Though this is only one scenario, there exist many others; I think anyone can come up with at least a dozen in under an hour.
Yes, the T&Cs 'cover' their asses in these events (morality be damned), but there are loopholes upon loopholes that can be quickly found when the camera crews start swarming and saying 'oh, but the kiddos!'.
Whatever legal counsel is at FB these days is too cavalier; they may be thinking that they can just throw a firm's worth of lawyers at any problem and bankrupt the opposing party. This is a very grave mistake. I suspect that any competent/moral lawyers have up and left by now, leaving only the amoral/incompetent attorneys that are just fine suckling off of FB. The evaporative effect is in full force at FB now (the Elves have left Middle Earth [0]).
Implying that individual people can keep up with legalese written in an intentionally misleading way by teams of lawyers is crazy. Especially when seemingly every single company and sale is treated like that.
It is effectively impossible for an average person to understand every agreement you need to make to be part of modern society, and that is by design of the companies
> people can sell their property for as much or as little as they want
This is correct, and when you figure out a way for people to sell only their data to FB/whoever, I will be right onboard, but while companies like FB are sucking in as much data about me as they can, in ways I can't control, I will have to disagree with you strongly.
I don't buy the personal responsibility argument here - most technology companies (Apple included) have extremely dense EULAs or T&C documents that are often designed to confuse, rather than clarify. Root access might be something that most people on HN understand without explanation, but my teenage sister likely doesn't.
> If you are getting something for free from a large corporation you're not getting it out the kindness of their heart. They are making money somehow.
Facebook always lead with how they're a "community". They make their money from ads. But that never leads. Facebook isn't sold as a place where you see ads - it's a place where you "connect with friends." There's a sophisticated business that 13 year olds might not inherently understand.
It's related to what we already know about Facebook: They are willing to bend the rules and engage in questionable behavior.
They were happy to violate the terms of Apple's enterprise development program. Yet another display of disrespect. So how can the public trust Facebook with their data?
It’s really hard to not be brought joy by Facebook being kicked like this. But on a less emotional level, if one wants to change Facebook culture and behavior, it’s hard to see causing a lot of individual employee pain (in addition to the business as a whole) as in any way a bad thing.
Especially as this causes frustration for Facebook employees that directly stems from Facebook’s misconduct, rather than holding Facebook customers hostage.
I agree. It was individual employees who violated the agreement - if it makes Facebook employees actually think about their actions then overall it’s a good thing.
It’s gotten to the point where I start to ask myself - if you work or Facebook, are you a good person? My personal opinion is that you might be, but you are likely are not.
Google shat themselves and unpublished something similar and apologized heh.
I wonder if Apple has done a tremendous favor to web applications because in hindsight letting Apple (or any of these companies) have a company-wide on/off switch for your own apps like that is a bad idea.
Wow, good find. Apple should absolutely be revoking Google’s certificate as well in this case.
But they use the enterprise certificate for their external “research” apps, because they are doing things on the device (using internal APIs) that an approved app is not permitted to do, and that is certainly not possible through the web browser.
Of course their internal-use apps could be WebView almost certainly.
It seems the article almost wants us to feel sorry for Facebook.
Facebook are really the Oracle of the "social" tech companies. They are not even pretending to be good or follow rules. As long as cash / clicks / impressions keep coming in nothing is off the table.
Google is struggling with its positive PR image, every time they fall short they are judged by the "Don't be evil" motto and everything it entailed. Facebook doesn't have to worry about such details and it's easier for them in a way. Their shares are going up as we saw recently, CA scandal didn't do much damage, everything is great.
> “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organisation.
Watch them pivot to "these researchers are part of the Facebook family, so their network device are considered part of the internal network's edge, we did nothing wrong".
Sounds like you might work at Facebook. If so, mild inconvenience or not, I am glad it happened. Going around the terms stated in an agreement to accomplish something forbidden by the agreement is a type of fraud. Fraud is illegal.
People are really starting to hate Facebook these days, and your guys' attitude doesn't seem to be changing much because of it. I, for one, LOVE this, because it means by the time you do recognize your sliding favor among customers, it will be too late for you to do anything about it. You will become the new Myspace, which is exactly what you deserve to be.
If you don't work for Facebook, then none of the above applies to you.
[EDIT:] the parent comment was deleted. The comment stated something to the effect of "It wasn't a big deal, it didn't affect our workflows or production applications."
> Apple has left Facebook’s campus in disarray after the company revoked the social network’s permission to build or run employee-only applications, according to reports. Employees were reportedly left unable to read cafeteria menus, call for inter-office transport or use versions of the social network’s own apps.
If you just ignore all the evil things Facebook did. The moral of the story is don't relies on a non-free computer and OS.
Two things: first, this seems like a reasonable response to the breach Facebook committed.
Second, it illustrates the folly behind relying on the continued good will of a 3rd party offering an essentially (or very nearly) free service. If Facebook was licensing EDCs for millions a year, this ban might not have been the first reaction Apple took.
It seems like there's something getting lost here. A lot of comments and even articles make it sound like Apple is retaliating against fb at random, which is not true. FB had an internal app agreement with apple to distribute apps to it's employees. Probably this one: https://developer.apple.com/programs/enterprise/
They violated the terms of the agreement, and therefore the have lost access. They also probably violated the terms of the app store as a whole, but who knows.
Whether or not one should have to be part of that program to install Enterprise apps is a different issue.
This brings a smile to my face. I don't care anymore what excuses people come up for Facebook's behavior. Enough is enough and Facebook has crossed the line years ago. No remorse, no forgiveness.
I wonder how pervasive the abuse of the EDC for customer-facing apps actually is. If this got through FB / Google's legal teams, they might know of others who have done this without consequence.
[+] [-] warp_factor|7 years ago|reply
After apologizing thousands of times, they internally justify each of those breaches by rejecting the fault to "users" or other external factors (source: several friends working at Facebook, and reading public tweets of Facebook leaders).
The culture there is inherently anti-privacy and whoever fundamentally disagree is about to leave or has already left.
[+] [-] ucaetano|7 years ago|reply
Talking to my friends who work at Apple, FB, Google, Amazon and others, facebookers are the only ones who seem to be willing to defend their leader on a personal level, as if they had a dear friend being attacked.
My other friends couldn't care less if someone criticizes or attacks Bezos, Tim Cook, Sundar and so on.
The only other company I can think that behaves in the same way is Tesla with Musk (well, an Apple with Jobs in the old days), but the key difference is that most Muskians don't seem to work for Tesla, and the folks I know at Tesla aren't actually obsessed with Musk.
In the case of FB, it is the opposite.
[+] [-] eeeeeeeeeeeee|7 years ago|reply
Like you said, rotten from the top-down.
They think they can keep using an apology tour to dismiss all past misdeeds ("we have work to do"). It looks silly at this point and completely incompetent.
[+] [-] jiveturkey|7 years ago|reply
[+] [-] fbrsrchthrowawa|7 years ago|reply
The people I know at Facebook have been resorting to whataboutism (everyone is doing it, look at the Google app doing the same thing, for sure Apple is also hiring market research firms who do the same thing, why aren't you concerned about AT&T/Verizon, etc etc)
[+] [-] macinjosh|7 years ago|reply
I don't understand why FB is in hot water with the public for what they did. Users were informed that data collection was taking place and they were compensated for it. Now, was it wise on the users' part to join this program? Perhaps not, but last time I checked this is still a free country and people can sell their property for as much or as little as they want.
On NPR this morning I heard the argument that a lot of the detail of what is collected and how it is used is buried in the T&C. So what? Have we lost sight of personal responsibility? How naive are people? If you are getting something for free from a large corporation you're not getting it out the kindness of their heart. They are making money somehow. That is how the world works.
Panic, moral or otherwise, about this sort of stuff is going to push the tech industry into realm of regulatory capture. Well funded companies will be able to afford and absorb compliance costs where small bootstrapped startups, lifestyle businesses, and indie developers will be pushed out of the market.
[+] [-] dominicr|7 years ago|reply
Personal responsibility is a flag many people wave but it's a farce. That argument can be used for anything, from seatbelts, to smoking, to privacy. It is impossible for everyone to know enough to make informed choices about EVERYTHING. There is a need for societal organisations (governments, NGOs, responsible journalism) to provide guidance to the public and legal limits in order to provide protection to the whole.
[+] [-] wmeredith|7 years ago|reply
[+] [-] aaomidi|7 years ago|reply
The app was targeting 13 to 35 year olds. People under 18 has to get parental permission which was literally just selecting a box.
The $20 of free money is a big deal for a kid and they might not have the best idea of what they're giving away with agreeing to this.
It's a really scummy move and possibly illegal to target kids like this.
[+] [-] basil-rash|7 years ago|reply
[+] [-] Copernicron|7 years ago|reply
How can you blame this on personal responsibility when you need a law degree to understand the terms and conditions? Like many here I am intelligent and educated and I have an extremely difficult time understanding the legalese the T&C are written in. The average person would have an even harder time if they bothered to read it at all. Some lawyers have spoken out that they have a hard time understanding these agreements.
I would argue that there is no way any reasonable person would think the users were properly informed. You can't be properly informed when you have little to no chance of understanding what you're agreeing to without at least one lawyer.
[+] [-] cr1895|7 years ago|reply
This is a big part of why they're in hot water.
>Perhaps not, but last time I checked this is still a free country and people can sell their property for as much or as little as they want.
Children? No.
[+] [-] eeeeeeeeeeeee|7 years ago|reply
https://9to5mac.com/2019/01/29/facebook-paying-teens-vpn/
Someone from BBC showed just how much of a joke this consent form is anyway:
https://twitter.com/DaveLeeBBC/status/1090528627005902848/ph...
[+] [-] cortesoft|7 years ago|reply
We can argue about this particular instance, but I think your argument is pretty flawed; it seems to imply that if I agree to a deal with a company, I can't be upset about ANYTHING slipped into the T&C. It really depends on what it is.
Yes, these people expected to trade some information for money, but it isn't naive of them to expect some reasonable limits to what they were collecting.
[+] [-] jlarocco|7 years ago|reply
People don't read T&C, and they don't like having companies spy on them like this. If companies won't be up front about their data collection (and burying the notice in a T&C isn't being up front) they'll just have to suffer the consequences when people find out.
[+] [-] elpool2|7 years ago|reply
[+] [-] Balgair|7 years ago|reply
For example: One of the persons that they were closely monitoring decides to harm themselves or others in a somewhat 'newsworthy' way. Think the plethora of young people with access to certain classes of firearms. A contrived set of circumstances could exist where that young person could have been stopped by the monitors at FB, yet was allowed to continue all the same, through the sheer stupidity/negligence of FB. Though this is only one scenario, there exist many others; I think anyone can come up with at least a dozen in under an hour.
Yes, the T&Cs 'cover' their asses in these events (morality be damned), but there are loopholes upon loopholes that can be quickly found when the camera crews start swarming and saying 'oh, but the kiddos!'.
Whatever legal counsel is at FB these days is too cavalier; they may be thinking that they can just throw a firm's worth of lawyers at any problem and bankrupt the opposing party. This is a very grave mistake. I suspect that any competent/moral lawyers have up and left by now, leaving only the amoral/incompetent attorneys that are just fine suckling off of FB. The evaporative effect is in full force at FB now (the Elves have left Middle Earth [0]).
[0] https://steveblank.com/2009/12/21/the-elves-leave-middle-ear...
[+] [-] unknown|7 years ago|reply
[deleted]
[+] [-] lovich|7 years ago|reply
Implying that individual people can keep up with legalese written in an intentionally misleading way by teams of lawyers is crazy. Especially when seemingly every single company and sale is treated like that.
It is effectively impossible for an average person to understand every agreement you need to make to be part of modern society, and that is by design of the companies
[+] [-] cmsj|7 years ago|reply
This is correct, and when you figure out a way for people to sell only their data to FB/whoever, I will be right onboard, but while companies like FB are sucking in as much data about me as they can, in ways I can't control, I will have to disagree with you strongly.
[+] [-] seem_2211|7 years ago|reply
> If you are getting something for free from a large corporation you're not getting it out the kindness of their heart. They are making money somehow.
Facebook always lead with how they're a "community". They make their money from ads. But that never leads. Facebook isn't sold as a place where you see ads - it's a place where you "connect with friends." There's a sophisticated business that 13 year olds might not inherently understand.
[+] [-] mamcx|7 years ago|reply
Yes. FB have.
[+] [-] abnry|7 years ago|reply
They were happy to violate the terms of Apple's enterprise development program. Yet another display of disrespect. So how can the public trust Facebook with their data?
[+] [-] ghaff|7 years ago|reply
[+] [-] FakeComments|7 years ago|reply
[+] [-] chris_wot|7 years ago|reply
It’s gotten to the point where I start to ask myself - if you work or Facebook, are you a good person? My personal opinion is that you might be, but you are likely are not.
[+] [-] benologist|7 years ago|reply
I wonder if Apple has done a tremendous favor to web applications because in hindsight letting Apple (or any of these companies) have a company-wide on/off switch for your own apps like that is a bad idea.
https://www.zdnet.com/article/google-shuts-down-iphone-data-...
[+] [-] zaroth|7 years ago|reply
But they use the enterprise certificate for their external “research” apps, because they are doing things on the device (using internal APIs) that an approved app is not permitted to do, and that is certainly not possible through the web browser.
Of course their internal-use apps could be WebView almost certainly.
[+] [-] norswap|7 years ago|reply
I don't expect Facebook to get a whole lot of sympathy, but really, Apple's power on device owned by customers is ridiculous.
[+] [-] rdtsc|7 years ago|reply
Facebook are really the Oracle of the "social" tech companies. They are not even pretending to be good or follow rules. As long as cash / clicks / impressions keep coming in nothing is off the table.
Google is struggling with its positive PR image, every time they fall short they are judged by the "Don't be evil" motto and everything it entailed. Facebook doesn't have to worry about such details and it's easier for them in a way. Their shares are going up as we saw recently, CA scandal didn't do much damage, everything is great.
> “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organisation.
Watch them pivot to "these researchers are part of the Facebook family, so their network device are considered part of the internal network's edge, we did nothing wrong".
[+] [-] remote_phone|7 years ago|reply
[+] [-] unknown|7 years ago|reply
[deleted]
[+] [-] naikrovek|7 years ago|reply
People are really starting to hate Facebook these days, and your guys' attitude doesn't seem to be changing much because of it. I, for one, LOVE this, because it means by the time you do recognize your sliding favor among customers, it will be too late for you to do anything about it. You will become the new Myspace, which is exactly what you deserve to be.
If you don't work for Facebook, then none of the above applies to you.
[EDIT:] the parent comment was deleted. The comment stated something to the effect of "It wasn't a big deal, it didn't affect our workflows or production applications."
[+] [-] velobro|7 years ago|reply
[+] [-] ezoe|7 years ago|reply
If you just ignore all the evil things Facebook did. The moral of the story is don't relies on a non-free computer and OS.
[+] [-] erinnh|7 years ago|reply
Facebook really shot themselves in the foot.
[+] [-] rootusrootus|7 years ago|reply
[+] [-] ineedasername|7 years ago|reply
Second, it illustrates the folly behind relying on the continued good will of a 3rd party offering an essentially (or very nearly) free service. If Facebook was licensing EDCs for millions a year, this ban might not have been the first reaction Apple took.
[+] [-] saagarjha|7 years ago|reply
Why would Facebook do this, and how?
[+] [-] brettnak|7 years ago|reply
They violated the terms of the agreement, and therefore the have lost access. They also probably violated the terms of the app store as a whole, but who knows.
Whether or not one should have to be part of that program to install Enterprise apps is a different issue.
[+] [-] olliej|7 years ago|reply
[+] [-] neonate|7 years ago|reply
[+] [-] oarabbus_|7 years ago|reply
[+] [-] aqibgatoo|7 years ago|reply
[+] [-] uzero|7 years ago|reply
[+] [-] who-knows95|7 years ago|reply
[+] [-] mcgwiz|7 years ago|reply
[+] [-] nerdb4itwascool|7 years ago|reply
[+] [-] bcheung|7 years ago|reply
2) Why do developers tolerate a platform that doesn't allow developers to deploy apps wherever they want?
[+] [-] mshaler|7 years ago|reply