Privacy concerns with Facebook

Last updated

Meta Platforms Inc., or Meta for short (formerly known as Facebook), has faced a number of privacy concerns. These stem partly from the company's revenue model that involves selling information collected about its users for many things including advertisement targeting. Meta Platforms Inc. has also been a part of many data breaches that have occurred within the company. These issues and others are further described including user data concerns, vulnerabilities in the company's platform, investigations by pressure groups and government agencies, and even issues with students. In addition, employers and other organizations/individuals have been known to use Meta Platforms Inc. for their own purposes. As a result, individuals’ identities and private information have sometimes been compromised without their permission. In response to these growing privacy concerns, some pressure groups and government agencies have increasingly asserted the users’ right to privacy and to be able to control their personal data.

Contents

In September 2024, the Federal Trade Commission released a report summarizing 9 company responses (including from Facebook) to orders made by the agency pursuant to Section 6(b) of the Federal Trade Commission Act of 1914 to provide information about user and non-user data collection (including of children and teenagers) and data use by the companies that found that the companies' user and non-user data practices put individuals vulnerable to identity theft, stalking, unlawful discrimination, emotional distress and mental health issues, social stigma, and reputational harm. [1] [2] [3]

User data concerns

Widening exposure of member information 2011–2012

In 2010 the Electronic Frontier Foundation identified two personal information aggregation techniques called "connections" and "instant personalization". They demonstrated that anyone could get access to information saved to a Facebook profile, even if the information was not intended to be made public. [4] A "connection" is created when a user clicks a "Like" button for a product or service, either on Facebook itself or an external site. Facebook treats such relationships as public information, and the user's identity may be displayed on the Facebook page of the product or service. [4]

Instant personalization was a pilot program that shared Facebook account information with affiliated sites, such as sharing a user's list of "liked" bands with a music website, so that when the user visits the site, their preferred music plays automatically. The EFF noted that "For users that have not opted out, Instant Personalization is instant data leakage. As soon as you visit the sites in the pilot program (Yelp, Pandora, and Microsoft Docs) the sites can access your name, your picture, your gender, your current location, your list of friends, all the Pages you have Liked—everything Facebook classifies as public information. Even if you opt-out of Instant Personalization, there's still data leakage if your friends use Instant Personalization websites—their activities can give away information about you, unless you block those applications individually." [4]

On December 27, 2012 CBS News reported that Randi Zuckerberg, sister of Facebook founder Mark Zuckerberg, criticized a friend for being "way uncool" in sharing a private Facebook photo of her on Twitter, only to be told that the image had appeared on a friend-of-a-friend's Facebook news feed. Commenting on this misunderstanding of Facebook's privacy settings, Eva Galperin of the EFF said "Even Randi Zuckerberg can get it wrong. That's an illustration of how confusing they can be." [5]

Issues during 2007

In August 2007 the code used to generate Facebook's home and search page as visitors browse the site was accidentally made public. [6] [7] A configuration problem on a Facebook server caused the PHP code to be displayed instead of the web page the code should have created, raising concerns about how secure private data on the site was. A visitor to the site copied, published and later removed the code from his web forum, claiming he had been served and threatened with legal notice by Facebook. [8] Facebook's response was quoted by the site that broke the story: [9]

A small fraction of the code that displays Facebook web pages was exposed to a small number of users due to a single misconfigured web server that was fixed immediately. It was not a security breach and did not compromise user data in any way. Because the code that was released powers only Facebook user interface, it offers no useful insight into the inner workings of Facebook. The reprinting of this code violates several laws and we ask that people not distribute it further.

In November Facebook launched Beacon, a system (discontinued in September 2009) [10] where third-party websites could include a script by Facebook on their sites, and use it to send information about the actions of Facebook users on their site to Facebook, prompting serious privacy concerns. Information such as purchases made and games played were published in the user's news feed. An informative notice about this action appeared on the third party site and allowed the user to cancel it. The user could also cancel it on Facebook. Originally if no action was taken, the information was automatically published. On November 29 this was changed to require confirmation from the user before publishing each story gathered by Beacon.

On December 1 Facebook's credibility in regard to the Beacon program was further tested when it was reported that The New York Times "essentially accuses" Mark Zuckerberg of lying to the paper and leaving Coca-Cola, which is reversing course on the program, with a similar impression. [11] A security engineer at CA, Inc. also claimed in a November 29, 2007, blog post that Facebook collected data from affiliate sites even when the consumer opted out and even when not logged into the Facebook site. [12] On November 30, 2007, the CA security blog posted a Facebook clarification statement addressing the use of data collected in the Beacon program: [13]

When a Facebook user takes a Beacon-enabled action on a participating site, information is sent to Facebook for Facebook to operate Beacon technologically. If a Facebook user clicks 'No, thanks' on the partner site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well.

The Beacon service ended in September 2009 along with the settlement of a class-action lawsuit against Facebook resulting from the service. [10]

News feed and mini-feed

On September 5, 2006, Facebook introduced two new features called "News Feed" and "Mini-Feed". The first of the new features, News Feed, appears on every Facebook member's home page, displaying recent Facebook activities of the member's friends. The second feature, Mini-Feed, keeps a log of similar events on each member's profile page. [14] Members can manually delete items from their Mini-Feeds if they wish to do so, and through privacy settings can control what is actually published in their respective Mini-Feeds.

Some Facebook members still feel that the ability to opt out of the entire News Feed and Mini-Feed system is necessary, as evidenced by a statement from the Students Against Facebook News Feed group, which peaked at over 740,000 members in 2006. [15] Reacting to users' concerns, Facebook developed new privacy features to give users some control over information about them that was broadcast by the News Feed. [16] According to subsequent news articles, members have widely regarded the additional privacy options as an acceptable compromise. [17]

In May 2010 Facebook added privacy controls and streamlined its privacy settings, giving users more ways to manage status updates and other information broadcast to the public News Feed. [18] Among the new privacy settings is the ability to control who sees each new status update a user posts: Everyone, Friends of Friends, or Friends Only. Users can now hide each status update from specific people as well. [19] [ non-primary source needed ] However, a user who presses "like" or comments on the photo or status update of a friend cannot prevent that action from appearing in the news feeds of all the user's friends, even non-mutual ones. The "View As" option, used to show a user how privacy controls filter out what a specific given friend can see, only displays the user's timeline and gives no indication that items missing from the timeline may still be showing up in the friend's own news feed.

Inability to voluntarily terminate accounts

Facebook had allowed users to deactivate their accounts but not actually remove account content from its servers. A Facebook representative explained to a student from the University of British Columbia that users had to clear their own accounts by manually deleting all of the content including wall posts, friends, and groups. The New York Times noted the issue and raised a concern that emails and other private user data remain indefinitely on Facebook's servers. [20] Facebook subsequently began allowing users to permanently delete their accounts in 2010. Facebook's Privacy Policy now states, "When you delete an account, it is permanently deleted from Facebook." [21]

Memorials

A notable ancillary effect of social-networking websites is the ability for participants to mourn publicly for a deceased individual. On Facebook, friends often leave messages of sadness, grief, or hope on the individual's page, transforming it into a public book of condolences. This particular phenomenon has been documented at a number of schools. [22] [23] [24] Facebook originally held a policy that profiles of people known to be deceased would be removed after 30 days due to privacy concerns. [25] Due to user response, Facebook changed its policy to place deceased members' profiles in a "memorialization state". [26] Facebook's Privacy Policy regarding memorialization says, "If we are notified that a user is deceased, we may memorialize the user's account. In such cases we restrict profile access to confirmed friends and allow friends and family to write on the user's Wall in remembrance. We may close an account if we receive a formal request from the user's next of kin or other proper legal request to do so." [21]

Some of these memorial groups have also caused legal issues. Notably, on January 1, 2008, one such memorial group posted the identity of murdered Toronto teenager Stefanie Rengel, whose family had not yet given the Toronto Police Service their consent to release her name to the media, and the identities of her accused killers, in defiance of Canada's Youth Criminal Justice Act , which prohibits publishing the names of the under-age accused. [27] While police and Facebook staff attempted to comply with the privacy regulations by deleting such posts, they noted difficulty in effectively policing the individual users who repeatedly republished the deleted information. [28]

Customization and security

In July 2007 Adrienne Felt, an undergraduate student at the University of Virginia, discovered a cross-site scripting (XSS) hole in the Facebook Platform that could inject JavaScript into profiles. She used the hole to import custom CSS and demonstrate how the platform could be used to violate privacy rules or create a worm. [29]

Inadequate privacy controls

Facebook offers privacy controls to allow users to choose who can view their posts: only friends, friends and friends of friends, everyone, custom (specific choice of which friends can see posts). While these options exist, there are still methods by which otherwise unauthorized third parties can view a post. For example, posting a picture and marking it as only viewable by friends, but tagging someone else as appearing in that picture, causes the post to be viewable by friends of the tagged person(s). [30]

Photos taken of people by others can be posted on Facebook without the knowledge or consent of people appearing in the image; persons may have multiple photos which feature them on Facebook without being aware of it. A study has suggested that a photo of a person which reflects poorly on them posted online can have a more harmful effect than losing a password. [31]

When commenting on a private post, the commenting user is not informed if the post they commented on is later made public – which would make their comment on said post also publicly viewable. [30]

Quit Facebook Day

Quit Facebook Day was an online event which took place on May 31, 2010 (coinciding with Memorial Day), in which Facebook users stated that they would quit the social network due to privacy concerns. [32] It was estimated that 2% of Facebook users coming from the United States would delete their accounts. [33] However, only 33,000 (roughly 0.0066% of its roughly 500 million members at the time) users quit the site. [34] The number one reason for users to quit Facebook was privacy concerns (48%), being followed by a general dissatisfaction with Facebook (14%), negative aspects regarding Facebook friends (13%), and the feeling of getting addicted to Facebook (6%). Facebook quitters were found to be more concerned about privacy, more addicted to the Internet, and more conscientious. [35]

Photo recognition and face tagging

Facebook enabled an automatic facial recognition feature in June 2011, called "Tag Suggestions", a product of a research project named "DeepFace". [36] The feature compares newly uploaded photographs to those of the uploader's Facebook friends, to suggest photo tags.

National Journal Daily claims "Facebook is facing new scrutiny over its decision to automatically turn on a new facial recognition feature aimed at helping users identify their friends in photos". [37] Facebook has defended the feature, saying users can disable it. [38] Facebook introduced the feature on an opt-out basis. [39] European Union data-protection regulators said they would investigate the feature to see if it violated privacy rules. [38] [40] Naomi Lachance stated in a web blog for NPR, All Tech Considered, that Facebook's facial recognition is right 98% of the time compared to the FBI's 85% out of 50 people. However, the accuracy of Facebook searches is due to its larger, more diverse photo selection compared to the FBI's closed database. [41] Mark Zuckerberg showed no worries when speaking about Facebook's AIs, saying, "Unsupervised learning is a long-term focus of our AI research team at Facebook, and it remains an important challenge for the whole AI research community" and "It will save lives by diagnosing diseases and driving us around more safely. It will enable breakthroughs by helping us find new planets and understand Earth's climate. It will help in areas we haven't even thought of today". [42]

In May 2016 Facebook faced a lawsuit in Illinois for violations of the Biometric Information Privacy Act. [43] In February 2021, the company settled, agreeing to pay $650 million, and shut down the feature in December 2021. [44] Following the shutdown, Cher Scarlett, a former Apple security engineer, in January 2022 tweeted a photo that she had been auto-tagged in by someone unknown to her prior to shutdown. The photo was from the 19th century and she said that she learned it was her great-great-great-grandmother of Volga German ancestry, saying the technology was "dangerous" and "off-putting", and pointed to the implication of genocide. [45]

In September 2024, Meta said it scraped all Australian adult users' public photos and posts on Facebook to train its AI without an opt-out option. [46]

Tracking of non-members of Facebook

An article published by USA Today in November 2011 claimed that Facebook creates logs of pages visited both by its members and by non-members, relying on tracking cookies to keep track of pages visited. [47]

In early November 2015 Facebook was ordered by the Belgian Privacy Commissioner to cease tracking non-users, citing European laws, or risk fines of up to £250,000 per day. [48] As a result, instead of removing tracking cookies, Facebook banned non-users in Belgium from seeing any material on Facebook, including publicly posted content, unless they sign in. Facebook criticized the ruling, saying that the cookies provided better security. [49] [50]

Stalking

By statistics, 63% of Facebook profiles are automatically set "visible to the public", meaning anyone can access the profiles that users have updated. Facebook also has its own built-in messaging system that people can send messages to any other user, unless they have disabled the feature to "from friends only". Stalking is not only limited to SNS stalking, but can lead to further "in-person" stalking because nearly 25% of real-life stalking victims reported it started with online instant messaging (e.g., Facebook chat). [51]

In December 2018 it emerged that Facebook had, during the period 2010–2018, granted access to users' private messages, address book contents, and private posts, without the users' consent, to more than 150 third parties including Microsoft, Amazon, Yahoo, Netflix, and Spotify. This had been occurring despite public statements from Facebook that it had stopped such sharing years earlier. [52]

Denial of location privacy, regardless of user settings

In December 2018 it emerged that Facebook's mobile app reveals the user's location to Facebook, even if the user does not use the "check in" feature and has configured all relevant settings within the app so as to maximize location privacy. [53]

In February 2019 it emerged that a number of Facebook apps, including Flo, had been sending users' health data such as blood pressure and ovulation status to Facebook without users' informed consent. [54] [55] [56] [57] New York governor Andrew Cuomo called the practice an "outrageous abuse of privacy", ordered New York's department of state and department of financial services to investigate, and encouraged federal regulators to step in. [58]

Oculus and metaverse platforms

Facebook's acquisition of virtual reality headset manufacturer Oculus has resulted in ongoing concerns over the integration of its hardware and software platforms with Facebook user data. After the acquisition, Oculus co-founder Palmer Luckey had assured users that "you won't need to log into your Facebook account every time you wanna use the Oculus Rift." [59] [60]

Initially the Oculus desktop software provided opt-in integration with Facebook, primarily for identifying Facebook users within their Oculus friends list. [61] In August 2020, Facebook announced that all Oculus products and services would become subject to the unified Facebook privacy policy, code of conduct, and community guidelines moving forward, and that a Facebook account would be required to use Oculus products and services beginning in October. This policy took effect beginning with the Oculus Quest 2. [62] [63] At that time, the ability to create a standalone Oculus account was discontinued, and it was announced that these accounts were to be deprecated effective January 1, 2023. [63]

The requirements, as well as Facebook's later focus on "metaverse" platforms, have led to concerns over the amount of user data that could be collected by the company via virtual reality hardware and interactions, including the user's surroundings, motions and actions, and biometrics. [64] [65] Horizon, a VR social network run as part of the Oculus platform, is subject to Facebook policies, performs "rolling" recordings of interactions that could be uploaded to Facebook servers for the purposes of moderation if users are reported, and users can be observed by moderators without their knowledge if they are reported by others, or "signals" regarding that user are raised by other users via their own actions (such as muting). [66]

In September 2020 Facebook pulled all Oculus products from the German market due to concerns from local regulators over the policy's compliance with the European Union's General Data Protection Regulation (GDPR). [67] In December 2020, the German Federal Cartel Office (Bundeskartellamt) launched an antitrust investigation into Facebook's mandatory integration of its social networking platform with its virtual reality products. [68] [69]

At the Facebook Connect event in October 2021 (where Facebook, Inc. announced its rebranding as Meta), Zuckerberg stated that Meta was "working on making it so you can log in into Quest with an account other than your personal Facebook account". [70] The new "Meta account" was announced in July 2022 as a de facto replacement for Oculus accounts, which will not be explicitly tied to the Facebook social network, and can be linked with other members of the Facebook "Family of Apps" (Facebook, Messenger, Instagram, and WhatsApp). It was stated that Meta Quest users would be allowed to transition to Meta accounts and decouple their Facebook logins from its VR platforms. Ars Technica noted that the new terms of service and privacy policies associated with Meta account system could allow enforcement of a real name policy (stating that users would be obligated to provide "accurate and up to date information (including registration information), which may include providing personal data", and still allowed for "rampant" use of user data by Meta, especially if linked with other Facebook apps. [71]

Scraping of contact information

Personal information of 533 million Facebook users, including names, phone numbers, email addresses, and other user profile data, was posted to a hacking forum in April, 2021. This information had been previously leaked through a feature allowing users to find each other by phone number, which Facebook fixed to prevent this abuse in September 2019. The company decided not to notify users of the data breach. [72]

The Irish Data Protection Commission, which has jurisdiction over Facebook due to the location of its EU headquarters, then opened an investigation into the breach as a possible violation of GDPR. [73]

Allegations of eavesdropping

There have been allegations by some users that Facebook's mobile app is capable of listening to conversations without consent, citing instances of the service displaying advertisements for products that they had only spoken about, and had otherwise had no prior interactions with. In August 2019, Facebook admitted that it had been sending anonymized voice data from the Messenger app to third-party contractors for human review to improve the quality of its automatic transcription function, but denied that this data was being used for personalized advertising. The company also stated that it had recently suspended human reviews after scrutiny over Amazon, Apple, and Google's use of similar practices for their voice assistant platforms. [74] [75]

Platform vulnerabilities

Data mining

There have been some concerns expressed regarding the use of Facebook as a means of surveillance and data mining.

Two Massachusetts Institute of Technology (MIT) students used an automated script to download the publicly posted information of over 70,000 Facebook profiles from four schools (MIT, NYU, the University of Oklahoma, and Harvard University) as part of a research project on Facebook privacy published on December 14, 2005. [76] Since then, Facebook has bolstered security protection for users, responding: "We've built numerous defenses to combat phishing and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised (based on anomalous activity like lots of messages sent in a short period of time, or messages with links that are known to be bad)." [77]

A second clause that brought criticism from some users allowed Facebook the right to sell users' data to private companies, stating "We may share your information with third parties, including responsible companies with which we have a relationship." This concern was addressed by spokesman Chris Hughes, who said, "Simply put, we have never provided our users' information to third party companies, nor do we intend to." [78] Facebook eventually removed this clause from its privacy policy. [21] [ non-primary source needed ]

In the United Kingdom the Trades Union Congress (TUC) has encouraged employers to allow their staff to access Facebook and other social-networking sites from work, provided they proceed with caution. [79]

In September 2007 Facebook drew criticism after it began allowing search engines to index profile pages, though Facebook's privacy settings allow users to turn this off. [80]

Concerns were also raised on the BBC's Watchdog program in October 2007 when Facebook was shown to be an easy way to collect an individual's personal information to facilitate identity theft. [81] However, there is barely any personal information presented to non-friends – if users leave the privacy controls on their default settings, the only personal information visible to a non-friend is the user's name, gender, profile picture and networks. [82] [ non-primary source needed ]

An article in The New York Times in February 2008 pointed out that Facebook does not actually provide a mechanism for users to close their accounts, and raised the concern that private user data would remain indefinitely on Facebook's servers. [20] As of 2013, Facebook gives users the options to deactivate or delete their accounts. Deactivating an account allows it to be restored later, while deleting it will remove the account "permanently", although some data submitted by that account ("like posting to a group or sending someone a message") will remain. [83] [ non-primary source needed ]

Onavo and Facebook Research

In 2013 Facebook acquired Onavo, a developer of mobile utility apps such as Onavo Protect VPN, which is used as part of an "Insights" platform to gauge the use and market share of apps. [84] This data has since been used to influence acquisitions and other business decisions regarding Facebook products. [85] [86] [87] Criticism of this practice emerged in 2018, when Facebook began to advertise the Onavo Protect VPN within its main app on iOS devices in the United States. Media outlets considered the app to effectively be spyware due to its behavior, adding that the app's listings did not readily disclaim Facebook's ownership of the app and its data collection practices. [88] [89] Facebook subsequently pulled the iOS version of the app, citing new iOS App Store policies forbidding apps from performing analytics on the usage of other apps on a user's device. [90] [91] [92] [93]

Since 2016 Facebook has also run "Project Atlas"—publicly known as "Facebook Research"—a market research program inviting teenagers and young adults between the ages of 13 and 35 to have data such as their app usage, web browsing history, web search history, location history, personal messages, photos, videos, emails, and Amazon order history, analyzed by Facebook. Participants would receive up to $20 per-month for participating in the program. Facebook Research is administered by third-party beta testing services, including Applause, and requires users to install a Facebook root certificate on their phone. After a January 2019 report by TechCrunch on Project Atlas, which alleged that Facebook bypassed the App Store by using an Apple enterprise program for apps used internally by a company's employees, Facebook refuted the article but later announced its discontinuation of the program on iOS. [94] [95]

On January 30, 2019 Apple temporarily revoked Facebook's Enterprise Developer Program certificates for one day, which caused all of the company's internal iOS apps to become inoperable. [96] [97] [98] Apple stated that "Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple", and that the certificates were revoked "to protect our users and their data". [96] US Senators Mark Warner, Richard Blumenthal, and Ed Markey separately criticized Facebook Research's targeting of teenagers, and promised to sponsor legislation to regulate market research programs. [99] [100]

2010 application privacy breach

In 2010 the Wall Street Journal found that many of Facebook's top-rated apps—including apps from Zynga and Lolapps—were transmitting identifying information to "dozens of advertising and Internet tracking companies" like RapLeaf. The apps used an HTTP referer that exposed the user's identity and sometimes their friends' identities. Facebook said that "While knowledge of user ID does not permit access to anyone’s private information on Facebook, we plan to introduce new technical systems that will dramatically limit the sharing of User ID’s". A blog post by a member of Facebook's team further stated that "press reports have exaggerated the implications of sharing a user ID", though still acknowledging that some of the apps were passing the ID in a manner that violated Facebook's policies. [101] [102]

2010 user list

In 2010 Canadian security consultant Ron Bowes of Skull Security created a BitTorrent download consisting of the names of about 100 million Facebook users. Facebook likened the information to what is listed in a phone book. It included some who had opted not to be found by search engines, and some who did not realize their information was public. Bowes created the list to get statistical information about user names, which can be used in both penetration testing and computer break-ins. [103] [104]

AT&T routing glitch

In 2009 and 2010 the fact that Facebook was not requiring connections to use HTTPS other than at login meant that a routing glitch at AT&T caused cookie to end up on the wrong users' phones. This resulted in some Facebook users having continuous access to another person's account instead of their own. [105]

Facebook and Cambridge Analytica data scandal

In 2018 Facebook admitted [106] [107] that an app made by Global Science Research and Alexandr Kogan, related to Cambridge Analytica, was able in 2014 [108] to harvest personal data of up to 87 million Facebook users without their consent, by exploiting their friendship connection to the users who sold their data via the app. [109] Following the revelations of the breach, several public figures, including industrialist Elon Musk and WhatsApp cofounder Brian Acton, announced that they were deleting their Facebook accounts, using the hashtag "#deletefacebook". [110] [111] [112]

Facebook was also criticized for allowing the 2012 Barack Obama presidential campaign to analyze and target select users by providing the campaign with friendship connections of users who signed up for an application. However, users signing up for the application were aware that their data, but not the data of their friends, was going to a political party. [113] [114] [115] [116] [117]

Unpublished photo disclosure bug

In September 2018 a software bug meant that photos that had been uploaded to Facebook accounts, but that had not been "published" (and which therefore should have remained private between the user and Facebook), were exposed to app developers. [118] Approximately 6.8 million users and 1500 third-party apps were affected. [118]

Unencrypted password storage

In March 2019 Facebook admitted that it had mistakenly stored "hundreds of millions" of passwords of Facebook and Instagram users in plaintext (as opposed to being hashed and salted) on multiple internal systems accessible only to Facebook engineers, dating as far back as 2012. Facebook stated that affected users would be notified, but that there was no evidence that this data had been abused or leaked. [119] [120]

In April 2019 Facebook admitted that its subsidiary Instagram also stored millions of unencrypted passwords. [121]

Facebook has denied for years that it listens to conversations and in turn releases ads based on them, however Facebook has been shown to have lied about their policies in the past. [122] In 2016, Facebook stated "Facebook does not use your phone's microphone to inform ads or to change what you see in News Feed." a spokeswoman said, "some recent articles have suggested that we must be listening to people's conversations in order to show them relevant ads. This is not true. We show ads based on people's interests and other profile information, not what you’re talking out loud about." [123]

Investigations

Cooperation with government requests

Government and local authorities rely on Facebook and other social networks to investigate crimes and obtain evidence to help establish a crime, provide location information, establish motives, prove and disprove alibis, and reveal communications. [124] Federal, state, and local investigations have not been restricted to profiles that are publicly available or willingly provided to the government; Facebook has willingly provided information in response to government subpoenas or requests, except with regard to private, unopened inbox messages less than 181 days old, which would require a warrant and a finding of probable cause under federal law under Electronic Communications Privacy Act (ECPA). One 2011 article noted that "even when the government lacks reasonable suspicion of criminal activity and the user opts for the strictest privacy controls, Facebook users still cannot expect federal law to stop their 'private' content and communications from being used against them". [125]

Facebook's privacy policy states that "We may also share information when we have a good faith belief it is necessary to prevent fraud or other illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Statement of Rights and Responsibilities. This may include sharing information with other companies, lawyers, courts or other government entities". [125] Since the U.S. Congress has failed to meaningfully amend the ECPA to protect most communications on social-networking sites such as Facebook, and since the U.S. Supreme Court has largely refused to recognize a Fourth Amendment privacy right to information shared with a third party, no federal statutory or constitutional right prevents the government from issuing requests that amount to fishing expeditions and there is no Facebook privacy policy that forbids the company from handing over private user information that suggests any illegal activity. [125]

The 2013 mass surveillance disclosures identified Facebook as a participant in the U.S. National Security Administration's PRISM program. Facebook now reports the number of requests it receives for user information from governments around the world. [126]

In 2022 Nesbraska police charged a teenage girl and her mother after obtaining Facebook messages which allegedly showed that they performed an illegal self-managed medication abortion. [127]

Complaint from CIPPIC

On May 31, 2008 the Canadian Internet Policy and Public Interest Clinic (CIPPIC), per Director Phillipa Lawson, filed a 35-page complaint with the Office of the Privacy Commissioner against Facebook based on 22 breaches of the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). University of Ottawa law students Lisa Feinberg, Harley Finkelstein, and Jordan Eric Plener, initiated the "minefield of privacy invasion" suit. Facebook's Chris Kelly contradicted the claims, saying that: "We've reviewed the complaint and found it has serious factual errors—most notably its neglect of the fact that almost all Facebook data is willingly shared by users." [128] Assistant Privacy Commissioner Elizabeth Denham released a report of her findings on July 16, 2009. [129] In it, she found that several of CIPPIC's complaints were well-founded. Facebook agreed to comply with some, but not all, of her recommendations. [129] The Assistant Commissioner found that Facebook did not do enough to ensure users granted meaningful consent for the disclosure of personal information to third parties and did not place adequate safeguards to prevent unauthorized access by third-party developers to personal information. [129]

Investigation by the Irish Data Protection Commissioner, 2011–2012

In August 2011 the Irish Data Protection Commissioner (DPC) started an investigation after receiving 22 complaints by europe-v-facebook.org, which was founded by a group of Austrian students. [130] The DPC stated in first reactions that the Irish DPC is legally responsible for privacy on Facebook for all users within the European Union [131] and that he will "investigate the complaints using his full legal powers if necessary". [132] The complaints were filed in Ireland because all users who are not residents of the United States or Canada have a contract with "Facebook Ireland Ltd", located in Dublin, Ireland. Under European law Facebook Ireland is the "data controller" for facebook.com, and therefore, facebook.com is governed by European data protection laws. [131] Facebook Ireland Ltd. was established by Facebook Inc. to avoid US taxes (see Double Irish arrangement). [133]

The group 'europe-v-facebook.org' made access requests at Facebook Ireland and received up to 1,222 pages of data per person in 57 data categories that Facebook was holding about them, [134] including data that was previously removed by the users. [135] The group claimed that Facebook failed to provide some of the requested data, including "likes", facial recognition data, data about third party websites that use "social plugins" visited by users, and information about uploaded videos. Currently the group claims that Facebook holds at least 84 data categories about every user. [136]

The first 16 complaints target different problems, from undeleted old "pokes" all the way to the question if sharing and new functions on Facebook should be opt-in or opt-out. [137] The second wave of 6 more complaints was targeting more issues including one against the "Like" button. [138] The most severe could be a complaint that claims that the privacy policy, and the consent to the privacy policy is void under European laws.

In an interview with the Irish Independent , a spokesperson said that the DPC will "go and audit Facebook, go into the premises and go through in great detail every aspect of security". He continued by saying: "It's a very significant, detailed and intense undertaking that will stretch over four or five days." In December 2011 the DPC published its first report on Facebook. This report was not legally binding but suggested changes that Facebook should undertake until July 2012. The DPC is planning to do a review about Facebook's progress in July 2012.[ needs update ]

Changes

In spring 2012 Facebook had to undertake many changes (e.g., having an extended download tool that should allow users to exercise the European right to access all stored information or an update of the worldwide privacy policy). [139] These changes were seen as not sufficient to comply with European law by europe-v-facebook.org. The download tool does not allow, for example, access to all data. The group has launched our-policy.org [140] to suggest improvements to the new policy, which they saw as a backdrop for privacy on Facebook. Since the group managed to get more than 7.000 comments on Facebook's pages, Facebook had to do a worldwide vote on the proposed changes. Such a vote would have only been binding if 30% of all users would have taken part. Facebook did not promote the vote, resulting in only 0.038% participation with about 87% voting against Facebook's new policy. The new privacy policy took effect on the same day. [141]

International lobbying against privacy protections

In early 2019 it was reported that Facebook had spent years lobbying extensively against privacy protection laws around the world, such as GDPR. [142] [143]

The lobbying included efforts by Sandberg to "bond" with female European officials including Enda Kenny (then Prime Minister of Ireland, where Facebook's European operations are based), to influence them in Facebook's favor. [142] Other politicians reportedly lobbied by Facebook in relation to privacy protection laws included George Osborne (then Chancellor of the Exchequer), Pranab Mukherjee (then President of India), and Michel Barnier. [142]

In 2021 Facebook attempted to use "a legal trick" to bypass GDPR regulations in the European Union by including personal data processing agreement in what they considered to be a "contract" (Article 6(1)(b) GDPR) rather than a "consent" (Article 6(1)(a) GDPR) which would lead to the user effectively granting Facebook a very broad permission to process their personal data with most of the GDPR controls void. Irish Data Protection Commission (DPC) expressed its preliminary approval for this bypass and sent its draft decision to other data protection authorities in the European Union, at which point the document was leaked to media and published on noyb.eu. [144] DPC sent a takedown notice to noyb.eu, which was also published by the portal which reject to self-censor. [145]

Promotion of service as "free"

In December 2019 the Hungarian Competition Authority fined Facebook around US$4 million for false advertising, ruling that Facebook cannot market itself as a "free" (no cost) service because the use of detailed personal information to deliver targeted advertising constituted a compensation that must be provided to Facebook to use the service. [146]

Student privacy concerns

Students who post illegal or otherwise inappropriate material have faced disciplinary action from their universities, colleges, and schools including expulsion. [147] Others posting libelous content relating to faculty have also faced disciplinary action. [148] The Journal of Education for Business states that "a recent study of 200 Facebook profiles found that 42% had comments regarding alcohol, 53% had photos involving alcohol use, 20% had comments regarding sexual activities, 25% had seminude or sexually provocative photos, and 50% included the use of profanity." [149] It is inferred that negative or incriminating Facebook posts can affect alumni's and potential employers' perception of them. This perception can greatly impact the students' relationships, ability to gain employment, and maintain school enrollment. The desire for social acceptance leads individuals to want to share the most intimate details of their personal lives along with illicit drug use and binge drinking. Too often, these portrayals of their daily lives are exaggerated and/or embellished to attract others like minded to them. [149]

Effect on class engagement

Students in general have a higher engagement when using Facebook groups in class, as students can comment on each other's short writings or videos. [150] Increased teacher-student and student-student interaction, improved performance, and convenience of learning were some of the benefits of using Facebook as an educational instrument. [151] However, it limits student's writing to be shorter since checking on spelling and typing on a phone keyboard is relatively more time-consuming. [150]

Effect on higher education

On January 23, 2006 The Chronicle of Higher Education continued an ongoing national debate on social networks with an opinion piece written by Michael Bugeja, director of the Journalism school at Iowa State University, entitled "Facing the Facebook". [152] Bugeja, author of the Oxford University Press text Interpersonal Divide (2005), quoted representatives of the American Association of University Professors and colleagues in higher education to document the distraction of students using Facebook and other social networks during class and at other venues in the wireless campus. Bugeja followed up on January 26, 2007, in The Chronicle with an article titled "Distractions in the Wireless Classroom", [153] quoting several educators across the country who were banning laptops in the classroom. Similarly, organizations such as the National Association for Campus Activities, [154] the Association for Education in Journalism and Mass Communication, [155] and others have hosted seminars and presentations to discuss ramifications of students' use of Facebook and other social-networking sites.

The EDUCAUSE Learning Initiative has also released a brief pamphlet entitled "7 Things You Should Know About Facebook" aimed at higher education professionals that "describes what [Facebook] is, where it is going, and why it matters to teaching and learning". [156]

Some research [157] [158] [159] on Facebook in higher education suggests that there may be some small educational benefits associated with student Facebook use, including improving engagement which is related to student retention. [159] 2012 research has found that time spent on Facebook is related to involvement in campus activities. [158] This same study found that certain Facebook activities like commenting and creating or RSVPing to events were positively related to student engagement while playing games and checking up on friends was negatively related. Furthermore, using technologies such as Facebook to connect with others can help college students be less depressed and cope with feelings of loneliness and homesickness. [160]

Effect on college student grades

As of February 2012 only four published peer-reviewed studies have examined the relationship between Facebook use and grades. [157] [161] [162] [163] The findings vary considerably. Pasek et al. (2009) [163] found no relationship between Facebook use and grades. Kolek and Saunders (2008) [162] found no differences in overall grade point average (GPA) between users and non-users of Facebook. Kirschner and Karpinski (2010) [161] found that Facebook users reported a lower mean GPA than non-users. Junco's (2012) [157] study clarifies the discrepancies in these findings. While Junco (2012) [157] found a negative relationship between time spent on Facebook and student GPA in his large sample of college students, the real-world impact of the relationship was negligible. Furthermore, Junco (2012) [157] found that sharing links and checking up on friends were positively related to GPA while posting status updates was negatively related. In addition to noting the differences in how Facebook use was measured among the four studies, Junco (2012) [157] concludes that the ways in which students use Facebook are more important in predicting academic outcomes.

Miscellaneous

Performative surveillance

Performative surveillance is the notion that people are very much aware that they are being surveilled on websites, like Facebook, and use the surveillance as an opportunity to portray themselves in a way that connotes a certain lifestyle—of which, that individual may, or may not, distort how they are perceived in reality. [164]

Employer-employee privacy issues

In an effort to surveil the personal lives of current, or prospective, employees, some employers have asked employees to disclose their Facebook login information. This has resulted in the passing of a bill in New Jersey making it illegal for employers to ask potential or current employees for access to their Facebook accounts. [165] Although the U.S. government has yet to pass a national law protecting prospective employees and their social networking sites, from employers, the fourth amendment of the US constitution can protect prospective employees in specific situations. [166] [167] Many companies examine Facebook profiles of job candidates looking for reasons to not hire them. Because of this, many employees feel like their online social media rights and privacy are being violated. In addition, employees begin to make performative profiles where they purposefully portray themselves as professional and have desired personality traits. [166] According to a survey of hiring managers by CareerBuilder.com, the most common deal breakers they found on Facebook profiles include references to drinking, poor communication skills, inappropriate photos, and lying about skills and/or qualifications. [168]

Facebook requires employees and contractors working for them to give permission for Facebook to access their personal profiles, including friend requests and personal messages.

Users violating minimum age requirements

A 2011 study in the online journal First Monday examines how parents consistently enable children as young as 10 years old to sign up for accounts, directly violating Facebook's policy banning young visitors. This policy is in compliance with a United States law, the 1998 Children's Online Privacy Protection Act, which requires minors aged under 13 to gain explicit parental consent to access commercial websites. In jurisdictions where a similar law sets a lower minimum age, Facebook enforces the lower age. Of the 1,007 households surveyed for the study, 76% of parents reported that their child joined Facebook at an age younger than 13, the minimum age in the site's terms of service. The study also reported that Facebook removes roughly 20,000 users each day for violating its minimum age policy. The study's authors also note, "Indeed, Facebook takes various measures both to restrict access to children and delete their accounts if they join." The findings of the study raise questions primarily about the shortcomings of United States federal law, but also implicitly continue to raise questions about whether or not Facebook does enough to publicize its terms of service with respect to minors. Only 53% of parents said they were aware that Facebook has a minimum signup age; 35% of these parents believe that the minimum age is merely a recommendation or thought the signup age was 16 or 18, not 13. [169]

Phishing

Phishing refers to a scam used by criminals to trick people into revealing passwords, credit card information, and other sensitive information. On Facebook, phishing attempts occur through message or wall posts from a friend's account that was breached. If the user takes the bait, the phishers gain access to the user's Facebook account and send phishing messages to the user's other friends. The point of the post is to get the users to visit a website with viruses and malware. [168]

E-commerce and drop shipping scams

In April 2016 Buzzfeed published an article exposing drop shippers who were using Facebook and Instagram to swindle unsuspecting customers. Located mostly in China, these drop shippers and e-commerce sites would steal copyrighted images from larger retailers and influencers to gain credibility. After luring a customer with a low price for the item, they would then deliver a product that is nothing like what was advertised or deliver no product at all. [170]

Related Research Articles

Internet privacy involves the right or mandate of personal privacy concerning the storage, re-purposing, provision to third parties, and display of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing and especially relate to mass surveillance.

<span class="mw-page-title-main">Facebook</span> Social-networking service owned by Meta Platforms

Facebook is a social media and social networking service owned by American technology conglomerate Meta. Created in 2004 by Mark Zuckerberg with four other Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dustin Moskovitz, and Chris Hughes, its name derives from the face book directories often given to American university students. Membership was initially limited to Harvard students, gradually expanding to other North American universities. Since 2006, Facebook allows everyone to register from 13 years old, except in the case of a handful of nations, where the age limit is 14 years. As of December 2022, Facebook claimed almost 3 billion monthly active users. As of October 2023, Facebook ranked as the third-most-visited website in the world, with 22.56% of its traffic coming from the United States. It was the most downloaded mobile app of the 2010s.

Facebook has been the subject of criticism and legal action since it was founded in 2004. Criticisms include the outsize influence Facebook has on the lives and health of its users and employees, as well as Facebook's influence on the way media, specifically news, is reported and distributed. Notable issues include Internet privacy, such as use of a widespread "like" button on third-party websites tracking users, possible indefinite records of user information, automatic facial recognition software, and its role in the workplace, including employer-employee account disclosure. The use of Facebook can have negative psychological and physiological effects that include feelings of sexual jealousy, stress, lack of attention, and social media addiction that in some cases is comparable to drug addiction.

<span class="mw-page-title-main">Renren</span> Chinese social networking service

The Renren Network, formerly known as the Xiaonei Network, was a Chinese social networking service similar to Facebook. It was popular among college students. Renren Inc. had its headquarters in Chaoyang District, Beijing, with additional offices in Shanghai and Guangzhou. Renren at one point had a $740m initial public offering (IPO) on the New York Stock Exchange in April 2011.

<span class="mw-page-title-main">Digital footprint</span> Ones unique set of traceable digital activities

Digital footprint or digital shadow refers to one's unique set of traceable digital activities, actions, contributions, and communications manifested on the Internet or digital devices. Digital footprints can be classified as either passive or active. The former is composed of a user's web-browsing activity and information stored as cookies. The latter is often released deliberately by a user to share information on websites or social media. While the term usually applies to a person, a digital footprint can also refer to a business, organization or corporation.

<span class="mw-page-title-main">Path (social network)</span> Social network

Path was a social networking-enabled photo sharing and messaging service for mobile devices that was launched on 14 November 2010. The service allowed users to share up to a total of 50 contacts with their close friends and family. Based in San Francisco, California, the company was founded by Shawn Fanning and former Facebook executive Dave Morin.

Since the arrival of early social networking sites in the early 2000s, online social networking platforms have expanded exponentially, with the biggest names in social media in the mid-2010s being Facebook, Instagram, Twitter and Snapchat. The massive influx of personal information that has become available online and stored in the cloud has put user privacy at the forefront of discussion regarding the database's ability to safely store such personal information. The extent to which users and social media platform administrators can access user profiles has become a new topic of ethical consideration, and the legality, awareness, and boundaries of subsequent privacy violations are critical concerns in advance of the technological age.

WeChat or Weixin in Chinese ; lit. 'micro-message') is a Chinese instant messaging, social media, and mobile payment app developed by Tencent. First released in 2011, it became the world's largest standalone mobile app in 2018 with over 1 billion monthly active users. WeChat has been described as China's "app for everything" and a super-app because of its wide range of functions. WeChat provides text messaging, hold-to-talk voice messaging, broadcast (one-to-many) messaging, video conferencing, video games, mobile payment, sharing of photographs and videos and location sharing.

<span class="mw-page-title-main">User profile</span> Data about an individual user

A user profile is a collection of settings and information associated with a user. It contains critical information that is used to identify an individual, such as their name, age, portrait photograph and individual characteristics such as knowledge or expertise. User profiles are most commonly present on social media websites such as Facebook, Instagram, and LinkedIn; and serve as voluntary digital identity of an individual, highlighting their key features and traits. In personal computing and operating systems, user profiles serve to categorise files, settings, and documents by individual user environments, known as ‘accounts’, allowing the operating system to be more friendly and catered to the user. Physical user profiles serve as identity documents such as passports, driving licenses and legal documents that are used to identify an individual under the legal system.

<span class="mw-page-title-main">Facebook Graph Search</span> Semantic search engine by Facebook

Facebook Graph Search was a semantic search engine that Facebook introduced in March 2013. It was designed to give answers to user natural language queries rather than a list of links. The name refers to the social graph nature of Facebook, which maps the relationships among users. The Graph Search feature combined the big data acquired from its over one billion users and external data into a search engine providing user-specific search results. In a presentation headed by Facebook CEO Mark Zuckerberg, it was announced that the Graph Search algorithm finds information from within a user's network of friends. Microsoft's Bing search engine provided additional results. In July it was made available to all users using the U.S. English version of Facebook. After being made less publicly visible starting December 2014, the original Graph Search was almost entirely deprecated in June 2019.

Onavo, Inc. was an Israeli mobile web analytics company that was purchased by Facebook, Inc., who changed the company's name to Facebook Israel. The company primarily performed its activities via consumer mobile apps, including the virtual private network (VPN) service Onavo Protect, which analysed web traffic sent through the VPN to provide statistics on the usage of other apps.

<span class="mw-page-title-main">Feed (Facebook)</span> Feature of the social network Facebook

Facebook's Feed, formerly known as the News Feed, is a web feed feature for the social network. The feed is the primary system through which users are exposed to content posted on the network. Feed highlights information that includes profile changes, upcoming events, and birthdays, among other updates. Using a proprietary method, Facebook selects a handful of updates to show users every time they visit their feed, out of an average of 2,000 updates they can potentially receive. Over two billion people use Facebook every month, making the network's Feed the most viewed and most influential aspect of the news industry. The feature, introduced in 2006, was renamed "Feed" in 2022.

<span class="mw-page-title-main">Reception and criticism of WhatsApp security and privacy features</span> Reception and criticism of security and privacy features in the WhatsApp messaging service

This article provides a detailed chronological account of the historical reception and criticism of security and privacy features in the WhatsApp messaging service.

<span class="mw-page-title-main">Vero (app)</span> Mobile app

Vero is a social media platform and mobile app company. Vero markets itself as a social network free from advertisements, data mining and algorithms.

In the 2010s, personal data belonging to millions of Facebook users was collected without their consent by British consulting firm Cambridge Analytica, predominantly to be used for political advertising.

<span class="mw-page-title-main">2018 Google data breach</span> 2018 data breach affecting the social network Google+

The 2018 Google data breach was a major data privacy scandal in which the Google+ API exposed the private data of over five hundred thousand users.

<span class="mw-page-title-main">Meta Platforms</span> American multinational technology conglomerate

Meta Platforms, Inc., doing business as Meta, and formerly named Facebook, Inc., and TheFacebook, Inc., is an American multinational technology conglomerate based in Menlo Park, California. The company owns and operates Facebook, Instagram, Threads, and WhatsApp, among other products and services. Advertising accounts for 97.8 percent of its revenue 2023. Meta ranks among the largest American information technology companies, alongside other Big Five corporations Alphabet (Google), Amazon, Apple, and Microsoft. The company was ranked #31 on the Forbes Global 2000 ranking in 2023. In 2022, Meta was the company with the third-highest expenditure on research and development worldwide, with R&D expenditure amounting to US$35.3 billion.

Privacy settings are "the part of a social networking website, internet browser, piece of software, etc. that allows you to control who sees information about you". With the growing prevalence of social networking services, opportunities for privacy exposures also grow. Privacy settings allow a person to control what information is shared on these platforms.

Ray-Ban Meta is a range of smartglasses created by Meta Platforms and EssilorLuxottica. They include two cameras, open-ear speakers, a microphone, and touchpad built into the frame. They are latest in a line of smartglasses released by major companies including Snap Inc and Google and are designed as one component of Facebook’s plans for a metaverse.

References

  1. Tolentino, Daysia (September 19, 2024). "Social media companies engaged in 'vast surveillance,' FTC finds, calling status quo 'unacceptable'". NBC News. Retrieved September 21, 2024.
  2. Del Valle, Gaby (September 19, 2024). "The FTC says social media companies can't be trusted to regulate themselves". The Verge. Vox Media. Retrieved September 21, 2024.
  3. A Look Behind the Screens: Examining the Data Practices of Social Media and Video Streaming Services (PDF) (Report). Federal Trade Commission. 2024. Retrieved September 21, 2024.
  4. 1 2 3 "A Handy Facebook-to-English Translator | Electronic Frontier Foundation". Eff.org. April 28, 2010. Retrieved June 11, 2013.
  5. "Zuckerberg family pic stirs Facebook privacy debate". CBS News. December 27, 2012. Retrieved June 4, 2012.
  6. Hoffman, Harrison (August 12, 2007). "Facebook's source code goes public". CNET News.com.
  7. Richards, Jonathan (August 14, 2007). "Facebook Source Code Leaked Onto Internet". Fox News Channel. Archived from the original on May 29, 2013. Retrieved August 21, 2007.
  8. "Facebook's PHP leak SNAFU". Szinf.com. July 6, 2015. Archived from the original on July 7, 2015. Retrieved July 6, 2015.
  9. Cubrilovic, Nik (August 11, 2007). "Facebook Source Code Leaked". TechCrunch.com.
  10. 1 2 Ortutay, Barbara (September 21, 2009). "Facebook to end Beacon tracking tool in settlement". USA Today . Retrieved December 8, 2010.
  11. Henry Blodget (December 1, 2007). "NYT: Facebook's Zuckerberg Misled Us; Coke: Ditto – Silicon Alley Insider". Alleyinsider.com. Archived from the original on January 31, 2009. Retrieved June 11, 2013.
  12. Stefan Berteau (November 29, 2007). "Facebook's Misrepresentation of Beacon's Threat to Privacy: Tracking users who opt out or are not logged in". CA Security Advisor Research Blog. Archived from the original on December 17, 2007. Retrieved December 24, 2007.
  13. Stefan Berteau (November 30, 2007). "Update: A Statement From Facebook". CA Security Advisor Research Blog. Archived from the original on November 28, 2010. Retrieved December 8, 2010.
  14. Rosmarin, Rachel (September 5, 2006). "Facebook's Makeover". Forbes . Archived from the original on October 5, 2006. Retrieved April 29, 2015.
  15. "Facebook CEO: 'We Really Messed This One Up'". NBC11.com. September 8, 2006. Archived from the original on January 28, 2007. Retrieved February 21, 2007.
  16. Kirkpatrick, David (2010). The Facebook Effect: The Inside Story of the Company That Is Connecting the World. New York City: Simon & Schuster. p. 191. ISBN   978-1-4391-0211-4.
  17. Jesdanun, Anick (2006). "Facebook offers new privacy options". Associated Press. Archived from the original on December 13, 2010. Retrieved September 8, 2006.
  18. "Making Control Simple" . Retrieved December 8, 2010.
  19. "Controlling How You Share". Facebook. Retrieved December 8, 2010.
  20. 1 2 Aspan, Maria (February 11, 2008). "How Sticky Is Membership on Facebook? Just Try Breaking Free". The New York Times. Retrieved September 23, 2014.
  21. 1 2 3 "Facebook Privacy Policy". Facebook. Retrieved December 8, 2010.
  22. "Net generation grieves with Facebook postings". News Observer. Archived from the original on August 20, 2007. Retrieved March 5, 2008.
  23. Batista, Sarah (November 21, 2005). "UVA Student Remembered". Charlottesville Newsplex. Archived from the original on January 19, 2008. Retrieved April 10, 2006.{{cite news}}: CS1 maint: bot: original URL status unknown (link)
  24. Bernhard, Stephanie (January 25, 2006). "Community mourns death of Pagan '06". Brown Daily Herald. Retrieved April 10, 2006.
  25. Kelleher, Kristina (February 22, 2007). "Facebook profiles become makeshift memorials". The Brown Daily Herald. Archived from the original on March 21, 2008. Retrieved March 5, 2008.
  26. Hortobagyi, Monica (May 8, 2007). "USA Today article". USA Today. Retrieved April 30, 2010.
  27. Drudi, Cassandra (January 5, 2008). "Facebook proves problematic for police". The Globe and Mail . Toronto. Retrieved March 5, 2008.
  28. "Angry Facebook Users Illegally Leaked the Names of Accused Underage Murderers". Digital Journal. January 5, 2008. Retrieved March 5, 2008.
  29. "Defacing Facebook". July 27, 2007. Retrieved August 17, 2007.
  30. 1 2 Günel, Burcu Sayin; Şahi̇n, Serap; Kogias, Dimitris G.; Patrikakis, Charalampos Z. (2019-10-01). "Privacy issues in post dissemination on Facebook". Turkish Journal of Electrical Engineering & Computer Science. 27 (5): 3417–3432. doi: 10.3906/elk-1811-25 . hdl: 11147/9111 . ISSN   1300-0632.
  31. Vishwanath, Arun; Xu, Weiai; Ngoh, Zed (2018). "How people protect their privacy on facebook: A cost-benefit view". Journal of the Association for Information Science and Technology. 69 (5): 700–709. doi:10.1002/asi.23894. ISSN   2330-1643. S2CID   13747670.
  32. Paul, Ian (May 31, 2010). "It's Quit Facebook Day, Are You Leaving? – PCWorld". PC World . Retrieved May 31, 2010.
  33. Woollacott, Emma (May 31, 2010). "Quit Facebook Day set to be a flop". TG Daily. Retrieved May 31, 2010.
  34. Jemima Kiss (June 1, 2010). "Facebook: Did anyone really quit?". The Guardian. London.
  35. Stieger, Stefan; Burger, Christoph; Bohn, Manuel; Voracek, Martin (2013). "Who Commits Virtual Identity Suicide? Differences in Privacy Concerns, Internet Addiction, and Personality Between Facebook Users and Quitters". Cyberpsychology, Behavior, and Social Networking. 16 (9): 629–634. doi:10.1089/cyber.2012.0323. PMID   23374170.(subscription required)
  36. "Facebook's facial recognition software is now as accurate as the human brain, but what now? | ExtremeTech". Extremetech.com. Retrieved June 13, 2014.
  37. Facebook Taking Hits Over Facial Recognition Feature. Washington: Atlantic Media, Inc., 2011. ProQuest. Web. December 6, 2016.
  38. 1 2 "Facebook facial recognition raises eyebrows in Germany, EU". Deutsche Welle. Retrieved June 13, 2011.
  39. Milian, Mark. "Facebook lets users opt out of facial recognition". CNN International. Retrieved June 13, 2011.
  40. Gannes, Liz. "Facebook facial recognition prompts EU privacy probe". Cnet News. Retrieved June 13, 2011.
  41. Lachance, Naomi (18 May 2016). "Facebook's Facial Recognition Software Is Different From The FBI's. Here's Why". NPR. Retrieved December 16, 2018.
  42. Computer, Express. "Facebooks' Mark Zuckerberg: 'we should Not be Afraid of AI'." Express Computer (2016) ProQuest. Web. December 6, 2016.
  43. "Facebook facing lawsuit over photo tagging". KGO-TV . 6 May 2016. Archived from the original on 22 February 2022. Retrieved 21 February 2022.
  44. Robertson, Adi (2021-11-02). "Facebook is shutting down its Face Recognition tagging program". The Verge . Retrieved 2022-03-29.
  45. Cords, Sarah (2022-03-16). "Blowing the Whistle on Big Tech". The Progressive . Retrieved 2022-03-29.
  46. Evans, Jake (2024-09-10). "Facebook admits to scraping every Australian adult user's public photos and posts to train AI, with no opt-out option". ABC News. Retrieved 2024-09-12.
  47. Achohido, Byron (November 15, 2011). "Facebook tracking is under scrutiny". USA Today . Archived from the original on November 16, 2011. Retrieved June 18, 2017.
  48. "Belgian court orders Facebook to stop tracking non-members". The Guardian . November 10, 2015. Retrieved June 18, 2017.
  49. Baraniuk, Chris (December 2, 2015). "Facebook bows to Belgian privacy ruling over cookies". BBC News . BBC . Retrieved June 18, 2017.
  50. Statt, Nick (December 2, 2015). "After privacy ruling, Facebook now requires Belgium users to log in to view pages". The Verge . Retrieved June 18, 2017.
  51. Anson, Alexander (Nov 12, 2012). "Facebook Stalking Statistics 2012". ansonalex.com. Anson, Alexander. Retrieved Oct 26, 2014.
  52. Dance, Gabriel J. X.; LaForgia, Michael; Confessore, Nicholas (December 18, 2018). "As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants". The New York Times.
  53. Hern, Alex (December 19, 2018). "Facebook users cannot avoid location-based ads, investigation finds". The Guardian.
  54. "Facebook reportedly received users' sensitive health data from apps: "It's incredibly dishonest"". CBS News. 22 February 2019. Retrieved February 23, 2019.
  55. Doward, Jamie; Soni, Raj (February 23, 2019). "Facebook attacked over app that reveals period dates of its users". The Guardian. Retrieved February 23, 2019.
  56. Schechner, Sam; Secada, Mark (February 22, 2019). "You Give Apps Sensitive Personal Information. Then They Tell Facebook". The Wall Street Journal. Retrieved February 23, 2019.
  57. Statt, Nick (February 22, 2019). "App makers are sharing sensitive personal information with Facebook but not telling users". The Verge. Retrieved February 23, 2019.
  58. "'Outrageous abuse of privacy': New York orders inquiry into Facebook data use". The Guardian. Reuters. February 23, 2019. Retrieved February 23, 2019.
  59. Robertson, Adi (August 19, 2020). "Facebook is making Oculus' worst feature unavoidable". The Verge. Archived from the original on August 27, 2020. Retrieved September 4, 2020.
  60. "Palmer Luckey on Oculus' Facebook deal: "You will not need a Facebook account to use or develop for the Rift"". PCGamesN. 26 March 2014. Archived from the original on August 22, 2020. Retrieved September 4, 2020.
  61. Machkovech, Sam (September 15, 2016). "Facebook login adds real-name policy, auto-updated friends list to Oculus [Updated]". Ars Technica. Archived from the original on September 9, 2020. Retrieved September 4, 2020.
  62. Robertson, Adi (2020-10-15). "Facebook is accidentally locking some users out of their new Oculus headsets". The Verge. Retrieved 2020-10-18.
  63. 1 2 Sam Machkovech. "The Facebookening of Oculus VR becomes more pronounced starting in October". Ars Technica. Archived from the original on August 18, 2020. Retrieved August 19, 2020.
  64. Hunter, Tatum. "Surveillance will follow us into 'the metaverse,' and our bodies could be its new data source". The Washington Post. Retrieved 29 March 2022.
  65. O'Brien, Matt; Chan, Kalvin. "EXPLAINER: What is the metaverse and how will it work?". ABC News. Associated Press. Retrieved 29 March 2022.
  66. Lang, Ben (2020-08-28). "In 'Horizon' Facebook Can Invisibly Observe Users in Real-time to Spot Rule Violations". Road to VR. Retrieved 2022-08-04.
  67. Hayden, Scott (2020-09-02). "Facebook Halts Sale of Rift & Quest in Germany Amid Regulatory Concerns". Road to VR. Retrieved 2021-07-28.
  68. "Insights: Breakup Lawsuit Will Transform Facebook, Regardless Of Its Eventual Outcome". www.tubefilter.com. 11 December 2020. Retrieved 2021-02-07.
  69. Abent, Eric (2020-12-10). "Oculus Quest 2 Facebook account demand sparks an antitrust investigation". SlashGear. Retrieved 2021-02-07.
  70. Jimenez, Jorge (2021-10-28). "Oculus Quest VR headsets to eliminate mandatory Facebook account log-in requirement". PC Gamer. Retrieved 2021-11-01.
  71. Machkovech, Sam (2022-07-09). "Meta removes Facebook account mandate from Quest VR—but is that enough?". Ars Technica. Retrieved 2022-08-04.
  72. After Data Breach Exposes 530 Million, Facebook Says It Will Not Notify Users
  73. Vincent Manancourt (April 14, 2021). "Ireland to probe Facebook following massive data leak".
  74. "Facebook Said It Wasn't Listening to Your Conversations. It Was". www.vice.com. 14 August 2019. Retrieved 2022-08-04.
  75. "Is Facebook listening to me? Why those ads appear after you talk about things". USA Today. 2019-06-28. Retrieved 2019-06-28.
  76. Jones, Harvey & Soltren, José Hiram (2005). "Facebook: Threats to Privacy" (PDF). Cambridge, Massachusetts: MIT (MIT 6.805/STS085: Ethics and Law on the Electronic Frontier – Fall 2005).{{cite journal}}: Cite journal requires |journal= (help) (PDF)
  77. "Facebook Security Response". TheIndyChannel.com. Archived from the original on April 17, 2012. Retrieved December 8, 2010.
  78. Peterson, Chris (February 13, 2006). "Who's Reading Your Facebook?". The Virginia Informer.
  79. Buckley, Christine (August 30, 2007). "Get a life and allow your staff to use Facebook, TUC tells bosses". The Times. London. Archived from the original on October 12, 2008. Retrieved March 5, 2008.
  80. "Facebook Opens Profiles to Public". BBC. September 7, 2007.
  81. "Facebook security". BBC. October 24, 2007. Archived from the original on February 20, 2008. Retrieved March 5, 2008.
  82. "Controlling How You Share". Facebook. Retrieved December 8, 2010.
  83. "Information we receive about you" . Retrieved June 11, 2013 via Facebook.
  84. Lunden, Ingrid (Oct 13, 2013). "Facebook Buys Mobile Data Analytics Company Onavo, Reportedly For Up To $200M… And (Finally?) Gets Its Office In Israel". TechCrunch.
  85. Morris, Betsy; Seetharaman, Deepa (August 9, 2017). "The New Copycats: How Facebook Squashes Competition From Startups". The Wall Street Journal. ISSN   0099-9660 . Retrieved August 15, 2017.
  86. "The New Copycats: How Facebook Squashes −2-". Fox Business. August 9, 2017. Retrieved August 15, 2017.
  87. "Facebook knew about Snap's struggles months before the public". Engadget. 13 August 2017. Retrieved August 15, 2017.
  88. Perez, Sarah. "Facebook is pushing its data-tracking Onavo VPN within its main mobile app". TechCrunch. Retrieved February 14, 2018.
  89. "Facebook's Protect security feature is essentially Spyware". IT PRO. Retrieved February 14, 2018.
  90. "Apple removed Facebook's Onavo from the App Store for gathering app data". TechCrunch. Retrieved August 23, 2018.
  91. "Facebook will pull its data-collecting VPN app from the App Store over privacy concerns". The Verge. Retrieved August 23, 2018.
  92. Grothaus, Michael (August 23, 2018). "Apple makes Facebook pull its spyware(ish) VPN from the App Store". Fast Company. Retrieved September 3, 2018.
  93. "Facebook pushes back against Apple's App Store fees" . Retrieved August 21, 2018.
  94. Newton, Casey (January 30, 2019). "Facebook will shut down its controversial market research app for iOS". The Verge. Retrieved January 30, 2019.
  95. Constine, John (January 29, 2019). "Facebook pays teens to install VPN that spies on them". TechCrunch. Archived from the original on November 19, 2020. Retrieved January 30, 2019.
  96. 1 2 Wagner, Kurt (January 30, 2019). "Apple says it's banning Facebook's research app that collects users' personal information". Recode. Retrieved January 30, 2019.
  97. Warren, Tom (January 30, 2019). "Apple blocks Facebook from running its internal iOS apps". The Verge. Retrieved January 30, 2019.
  98. Isaac, Mike (31 January 2019). "Apple Shows Facebook Who Has the Power in an App Dispute". The New York Times . ISSN   0362-4331 . Retrieved 2019-02-02.
  99. Constine, Josh (January 30, 2019). "Senator Warner calls on Zuckerberg to support market research consent rules". TechCrunch. Retrieved January 31, 2019.
  100. Lapowsky, Issie (January 30, 2019). "By Defying Apple's Rules, Facebook Shows It Never Learns". Wired. ISSN   1059-1028 . Retrieved January 31, 2019.
  101. Steel, Emily; Fowler, Geoffrey A. (October 18, 2010). "Facebook in Privacy Breach". The Wall Street Journal . Retrieved June 4, 2017.
  102. Takahashi, Dean (October 17, 2010). "WSJ reports Facebook apps — including banned LOLapps games — transmitted private user data". VentureBeat . Retrieved June 4, 2017.
  103. Taylor, Charlie. "Details of Facebook users published". The Irish Times.
  104. "Facebook data harvester speaks out". BBC News. July 29, 2010.
  105. "Weird AT&T Glitch Allowed Users To Access Other People's Facebook Account". Business Insider. Associated Press.
  106. "Suspending Cambridge Analytica and SCL Group from Facebook | Facebook Newsroom" . Retrieved March 20, 2018.
  107. "How Facebook Made Its Cambridge Analytica Data Crisis Even Worse". Bloomberg L.P. March 20, 2018. Retrieved March 20, 2018.
  108. "Academic behind Facebook breach says political influence was..." Reuters. March 21, 2018. Retrieved March 21, 2018.
  109. Solon, Olivia (April 4, 2018). "Facebook says Cambridge Analytica may have gained 37m more users' data". The Guardian. Retrieved April 6, 2018.
  110. Wong, Julia Carrie (March 23, 2018). "Elon Musk joins #DeleteFacebook effort as Tesla and SpaceX pages vanish". The Guardian. Retrieved March 24, 2018.
  111. Green, Dr. Jemma. "#DeleteFacebook Highlights The Benefits Of Blockchain". Forbes. Retrieved March 24, 2018.
  112. Grind, Kirsten (March 22, 2018). "Next Worry for Facebook: Disenchanted Users". The Wall Street Journal. Retrieved March 25, 2018.
  113. Tobias, Manuela (March 22, 2018). "Comparing Facebook data use by Obama, Cambridge Analytica". PolitiFact . Retrieved May 2, 2018.
  114. Schouten, Fredreka (March 20, 2018). "Obama 2012 team: We didn't break Facebook rules in our campaign". USA Today . Retrieved May 2, 2018.
  115. Rogers, James (March 20, 2018). "Obama 2012 campaign 'sucked' data from Facebook, former official says". Fox News Channel . Retrieved May 2, 2018.
  116. Sullivan, Mark (March 20, 2018). "Obama Campaign's "Targeted Share" App Also Used Facebook Data From Millions Of Unknowing Users". Fast Company . Retrieved May 2, 2018.
  117. Rutenberg, Jim (June 20, 2013). "The Obama Campaign's Digital Masterminds Cash In". The New York Times . Retrieved May 2, 2018.
  118. 1 2 Hern, Alex (December 14, 2018). "Facebook admits bug allowed apps to see hidden photos". The Guardian. Retrieved December 15, 2018.
  119. "Facebook Stored Millions of Passwords in Plaintext—Change Yours Now". Wired. 2019-03-21. Retrieved 2019-03-23.
  120. Hern, Alex (2019-03-21). "Facebook stored hundreds of millions of passwords unprotected". The Guardian. Retrieved 2019-03-22.
  121. "Facebook now says its password leak affected 'millions' of Instagram users". TechCrunch. 18 April 2019. Retrieved 18 April 2019.
  122. Dance, Gabriel J. X.; Laforgia, Michael; Confessore, Nicholas (19 December 2018). "As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants". The New York Times . Archived from the original on 2021-09-05.
  123. "Facebook isn't secretly listening to your conversations, but the truth is much more disturbing". NEWS ATLAS. 2019-09-06. Retrieved 2019-09-06.
  124. "John Lynch & Jenny Ellickson, U.S. Dept. of Justice, Computer Crime and Intellectual Property Section, Obtaining and Using Evidence from Social Networking Sites: Facebook, MySpace, LinkedIn, and more" (PDF). Retrieved June 11, 2013.
  125. 1 2 3 Junichi P. Semitsu (2011). "From Facebook to Mug Shot: How the Dearth of Social Networking Privacy Rights Revolutionized Online Government Surveillance". Pace Law Review. 31 (1).
  126. "Rapport over verzoeken tot gegevensverstrekking van internationale overheden". Facebook. Retrieved September 4, 2013.
  127. O'Brien, Sara; Duffy, Clare (2022-08-10). "Nebraska teen and mother facing charges in abortion-related case that involved obtaining their Facebook messages". CNN. Retrieved 2022-08-13.
  128. "ap.google.com, Canada launches privacy probe into Facebook". Archived from the original on June 3, 2008.
  129. 1 2 3 "Privacy Commissioner's Findings in the case of CIPPIC against Facebook" (PDF). Retrieved January 15, 2010.
  130. "Was Facebook über User weiß". Orf.at. November 27, 2011. Retrieved June 11, 2013.
  131. 1 2 "Sound file" (MP£). Europe-v-facebook.org. Retrieved December 16, 2018.
  132. "An Coimisineir Cosanta Sonrai (Data Protection Commissioner) letter" (PDF). August 24, 2011. Retrieved June 13, 2014.
  133. Drucker, Jesse (October 21, 2010). "Google 2.4% Rate Shows How $60 Billion Lost to Tax Loopholes". Bloomberg L.P. Retrieved May 21, 2013.
  134. "Facebook's Data Pool". Europe-v-facebook.org.
  135. "Removed content" (PDF). August 22, 2011. Retrieved June 13, 2014.
  136. "Facebook Data Categories" (PDF). April 3, 2012. Retrieved June 13, 2014.
  137. "Legal Procedure against 'Facebook Ireland Limited'". Europe-v-facebook.org.
  138. "Facebook won't 'like' its 17th complaint". Irish Examiner. August 27, 2011. Retrieved June 11, 2013.
  139. "Facebook hit with privacy issues in Europe". My Tech Gist. 2020-12-19. Retrieved 2020-12-22.
  140. "Our-Policy.org – Annuity Payments Policies and Regulations". Our-policy.org. Archived from the original on May 25, 2018. Retrieved March 24, 2018.
  141. "Europe versus Facebook". Europe-v-facebook.org. Retrieved June 11, 2013.
  142. 1 2 3 "Revealed: Facebook's global lobbying against data privacy laws – Technology – The Guardian". TheGuardian.com . March 2, 2019. Archived from the original on March 2, 2019. Retrieved March 3, 2019.
  143. Laura Kayali (January 29, 2019). "Inside Facebook's fight against European regulation". Politico Europe. Retrieved May 3, 2019.
  144. "Irish DPC greenlights Facebook's "GDPR bypass"". noyb.eu. Retrieved 2021-10-15.
  145. "DPC "requires" noyb to take down documents from website". noyb.eu. Retrieved 2021-10-15.
  146. "Hungary competition authority fines Facebook $4 million". The Seattle Times. 2019-12-06. Retrieved 2019-12-14.
  147. Schweitzer, Sarah (October 6, 2005). "Fisher College expels student over website entries". Boston Globe.
  148. O'Toole, Catie (January 24, 2010). "Seventh-grade North Syracuse student suspended, 25 others disciplined for Facebook page about teacher". The Post-Standard . Retrieved January 25, 2010.
  149. 1 2 Peluchette, Joy; Karl, Katherine (2010). "Examining Students' Intended Image on Facebook: "what were they Thinking?!"". Journal of Education for Business. 85 (1): 30–7. doi:10.1080/08832320903217606. S2CID   44233400.
  150. 1 2 Ulla, Mark B.; Perales, William F. (2020-03-19). "The adoption of Facebook as a virtual class whiteboard: Promoting EFL students' engagement in language tasks". TESOL Journal. 11 (3). doi:10.1002/tesj.515. ISSN   1056-7941. S2CID   216269728.
  151. Chugh, Ritesh, and Umar Ruhi. "Social media in higher education: A literature review of Facebook." Education and Information Technologies 23 (2018): 605–616.
  152. Bugeja, Michael (January 3, 2006). "Facing the Facebook". The Chronicle of Higher Education . Archived from the original on February 20, 2008. Retrieved October 6, 2006.
  153. Bugeja, Michael J. (January 26, 2007). "Distractions in the Wireless Classroom". Chronicle Careers. The Chronicle of Higher Education . Retrieved June 26, 2007.
  154. National Association of Campus Activities (July 12, 2006). "Facing the Facebook". Archived from the original on June 27, 2006. Retrieved October 6, 2006.
  155. Association for Education in Journalism and Communication (2006). "Facing the Facebook: Administrative Issues Involving Social Networks". Archived from the original on October 8, 2007. Retrieved October 6, 2006.
  156. EDUCAUSE Learning Institute (2006). "7 Things You Should Know About Facebook". Archived from the original on September 16, 2006. Retrieved October 6, 2006.
  157. 1 2 3 4 5 6 Junco, R (2012). "Too much face and not enough books: The relationship between multiple indices of Facebook use and academic performance" (PDF). Computers in Human Behavior. 28 (1): 187–198. doi:10.1016/j.chb.2011.08.026. S2CID   17799159.
  158. 1 2 Junco, R (2012). "The relationship between frequency of Facebook use, participation in Facebook activities, and student engagement" (PDF). Computers & Education. 58 (1): 162–171. doi:10.1016/j.compedu.2011.08.004. S2CID   15979291.
  159. 1 2 Heiberger, Greg and Harper, Ruth (2008). Have you Facebooked Astin lately? In Reynol Junco and Dianne M. Timm (Eds). Using Emerging Technologies to Enhance Student Engagement. San Francisco: Jossey-Bass.
  160. Cotten, Shelia R. (2008). Students' technology use and the impacts on well-being. In Reynol Junco and Dianne M. Timm (Eds). Using Emerging Technologies to Enhance Student Engagement. San Francisco: Jossey-Bass.
  161. 1 2 Kirschner, P. A.; Karpinski, A. C. (2010). "Facebook and academic performance". Computers in Human Behavior. 26 (6): 1237–1245. doi:10.1016/j.chb.2010.03.024. hdl: 10818/20216 . S2CID   206611975. Archived from the original on December 27, 2011. Retrieved October 31, 2017.
  162. 1 2 Kolek, E. A., & Saunders, D. (2008). Online disclosure: An empirical examination of undergraduate Facebook profiles. NASPA Journal, 45(1), 1–25.
  163. 1 2 Hargittai, Eszter; More, Eian; Pasek, Josh (April 26, 2009). "Facebook and academic performance: Reconciling a media sensation with data". First Monday. 14 (5). doi: 10.5210/fm.v14i5.2498 . Retrieved January 30, 2019.
  164. Westlake, E. J. (2008), "Friend Me if You Facebook: Generation Y and Performative Surveillance", The Drama Review, 52 (4): 21–40, doi:10.1162/dram.2008.52.4.21, S2CID   57572210
  165. Friedman, Matt (March 21, 2013). "Bill to ban companies from asking about job candidates' Facebook accounts is headed to governor". The Star-Ledger . Advance Digital . Retrieved June 8, 2017.
  166. 1 2 N. Landers, Richard (2016). Social Media in Employee Selection and Recruitment: theory, practice, and current challenges. Switzerland: Springer international publishing. pp. 19–20. ISBN   9783319299891.
  167. "Fourth Amendment Activities". uscourts.gov. Retrieved March 24, 2018.
  168. 1 2 Dave., Awl (2011). Facebook me! : a guide to socializing, sharing, and promoting on Facebook (2nd ed.). Berkeley, CA: Peachpit Press. ISBN   9780321743732. OCLC   699044722.
  169. "Why Parents Help Their Children Lie to Facebook About Age: Unintended Consequences of the Children's Online Privacy Protection Act". Journalist's Resource.org. 2 November 2011.
  170. "Say No To The Dress". BuzzFeed News. 5 April 2016. Retrieved January 22, 2019.