Facebook submits 229-page document to congress detailing data abuses.

Here is yet another chapter in the drama of the Cambridge Analytica / Facebook user data abuse scandal. This week we are talking about a document dated June 8th (last Friday) from Facebook and containing answers to the Senators formal questions asked of the company during the April 10,11 hearings. The document in it’s entirety can be read here.

It is a good read and I encourage anyone with even a fleeting interest in the case to do so but to summarize many of the revelations are to be expected like the amount of time spent on the site and the users buying activities but further reading details the massive scope and scale of data recording.

For example Facebook records your mouse movements and whether or not your browser window is in the foreground or background of your screen. This is done as a safeguard against bots.

Facebook records literally every scrap of operating system and hardware data it can get it’s hands on. Battery level, signal strength, storage space, even down to recording file names.

They also record every bit of data they can get about your carrier, Their name, the IP provided to you, any cookie data they can scoop up. They also record everything they can from any wireless client devices that may be connected to your machine such as Wifi and Bluetooth. FB records the Wifi signals in your area, it also collects data about the Bluetooth devices in your area.

And of course it tracks your location, but also records camera information and hoovers up any photos you take unless you explicitly opt-out. Oh yea and all your call logs and SMS messages too, they help themselves to it.

So yea, literally everything they can get they do. Why would anyone expect them not to? Remember this is one of those new companies with inverted business models where you are no longer the customer but the product to be sold. And just like an old farm cow, you care going to be milked for every drop of data you can be. To be solved this problem is going to require people to view their own data as having value, Facebook certainly does. If Facebook wants data from us they can buy it from us for a fair market value.

Tech giants hit with 8.8 billion in lawsuits regarding forced consent barriers on day one of GDPR.

Sorry for the late post, crazy day. It was also day one of GDPR enforcement in Europe, and it would seem that the easy transition hoped for by tech giants like Google and Facebook just got a lot tougher.

Max Schrems is an Austrian data privacy activist. Max took objection to the practice of forced consent in software. Basically what happens is after you install a shiny new piece of software a window pops up with a long list of demands you need to agree to or you are simply not allowed to use it. Somehow the tech companies consider this a binding contract. Many people agree with that philosophy. After all, you did sign the document, or clicked agree, or whatever other form it took. I have even seen this shady business practice performed in such a way where even the act of paying for the service is marked as showing your consent to a long list of small print legalize. I don’t think of this as being a binding contract at all and I will try to explain my reasoning shortly but more importantly, the GDPR doesn’t agree with that statement and neither did Max, and lucky for Max he seems to have the kind of bankroll to do something more about it than just blog.

Max hit Facebook, Instagram, Whatsapp, and Google for a combined total of 8.8 Billion Euro with a capital B. Go you, Max. I’m sure this will result in a lot of positive press and at the very least will settle for more cash money than any one man can ever spend. But more importantly for the rest of us, it will show how much resolve the European Union has for enforcing such legislation, and also how many headaches and how much cash the big tech companies are willing to spend on keeping their stranglehold on your personal data.

Looked at objectively the tech companies have a vested interest in spending as much as it takes to fight this, for collecting data and selling it is their entire business model. They all work on a flipped business model. Where you are no longer the customer, you are the product. I have heard people before complain about Google’s customer service. Funny thing is Google has great customer service. Sign up for Google Adwords and spend cash on search ads and Google will be at your beck and call to address your every concern. This is not unprecedented, Broadcast TV worked off this model for a long long time. Then again look what is happening to them now that digital streaming offers a better product, and most people reluctantly accept advertisements as an acceptable way to get a product for free. What is much much more disturbing is the idea of these companies selling dumps of highly personalized data to whatever company or organization that currently has the cash to pay for it. (Note; the government would never have to pay, their payment is allowing the tech giant to keep existing.) Given these tech companies in question, Google and Facebook both claim that they do not sell data directy to third-party firms, but scenarios, where the firms are able to truthfully say this and still sell the data, are possible. For instance, they could not be selling the data but giving it away for lucrative contracts or massive discounts on services needed. The sure thing is that if there are loopholes they will be exploited. Doublespeak is an existing and real problem in American corporate structure.

A lifetime ago I used to work in the ski industry. This problem to reminds me of that time. When the resorts would have this sort of implied consent form on the back of every ticket in small print. Their logic was that if a person bought a ticket they were then agreeing to every word written on the back of the ticket. Totally ignoring the fact that you don’t even see the ticket until after you pay for it, thus could never agree to anything it says let alone read it in the first place.

People would inevitably get hurt at the ski area and would also inevitably have to sue to cover hospital and lost wage costs, and surprisingly they would win more often than not. I would always hear the words ‘contract under diress’ come up in these cases. Which basically means that a contract cannot be enforced if a person was coerced or forced to sign it, and it is not that hard of an argument to sell that nowhere in the process from marketing to booking to traveling and physically walking up to the ticket booth is there any discussion of this contract being signed. Your first introduction to the contract is when you notice on the lift after you have already paid for it and thus allegedly agreeing to it. You cannot and should never be forced to sign away your rights. The ski resorts have legal obligation to keep you as safe as they can including an obligation to close their doors if conditions make that impossible.

So to close, Trying to coerce someone into a contract is a crap business practice and pretty much goes against the principal of being a decent human-being with their shit together. It should be illegal to the extent that it isn’t already, which it (to my interpretation of the law) is.

Zuckerberg receives royal ass-chewing in Belgium while FB PR hires Hollywood documentarian to run re-education campaign.

Mark Zuckerberg is saying he is sorry, again.

Since the United States has been slow and unwilling to respond to the recent Facebook abuses, this is taking place mostly in Europe. On Tuesday Zuckerberg appeared in front of the European Union Parlement to be BBQ roasted in a style similar to the US Senate grilling the previous month. Hopefully, the European equivalent of this ritual comes with some action, unlike the Senate version. Where typically a CEO is sat down and yelled at live on C-SPAN, followed by everyone immediately running back to abusing the system as much as humanly possible.

While I’m sure that is partially the case in European politics also remember that GDPR is in effect in Europe already. The General Data Protection Regulation gives users a real legal foothold over what, and how much data is collected on them. Providing you live in Europe, the US is still screwed… Or partially screwed as, for now at least, the platform updates listed in their April 17th blog post at first glance would seem to affect all users regardless of whether they live in Europe or not. These additions include the ability to switch facial recognition on or off, the ability to opt-out of sharing data with advertisers, and the ability to quickly revoke access to your data from third-party apps, among other changes. Now to be clear I say we partially are screwed because the new tools have already shown to be different in different regions, and Facebook’s implied promises should be trusted even less than real ones.

Meanwhile back in the United States, Facebook has hired Oscar-winning documentarian Morgan Neville to produce at least one short film about Facebook’s effort to combat ‘fake news’ on its platform (it kills me to use that phrase). The film itself can be found here, it is not wholly unpleasant until you realize that says almost nothing about the details of their supposed solution. But as always there’s truth in the lies and lies in the truth. Portions of the video are interesting such as the quadrant graph of FB’s perceived classifications of fraudulent internet data. Right, Wrong, Propaganda, and Hoaxes. I did find it very meta to be watching a propaganda video about propaganda. In particular, an FB employee is quoted in the video saying that in terms of propaganda column, “Because of our commitment to free speech, everything we do here has to be incredibly, incredibly careful.” I would love to know where exactly the threat to FB would be coming from in that situation. Are they afraid of public backlash? Or is the fear of what happens when FB fails to publish the propaganda it gets from the “legitimate” sources.

This is simply put, this is FB putting their thumb on the scale, and in all honesty I think that quote was FB trying to hint at that. A free internet means no intervention. Which unfortunately means TONS of intervention as every actor who desires to game the system can simply assume the role of a legitimate advertiser, blogger, etc. The best response is somewhere in the middle. But it requires impartial oversight and I believe Facebook Corporation is incapable of impartial oversight, just like I believe any other publicly traded company is incapable of impartial oversight. In reality, though everyone needs to understand that with FB’s oversight in place the fake news stories from illegitimate sources may diminish but the fake news stories from legitimate sources will only increase.

People need to be smart enough to understand that no news should be taken at face value. We need to gauge on our own level of trust with each platform we work with. This blog is no exception. Neither is your local news network, or CNN, or for that matter Associated Press (which is in my opinion the closest thing the US has to a Soviet-style propaganda network). You and no-one else have to decide to what level the news that you are reading is true, it helps first to understand that the level of truth is NEVER %100. There will always be spin.

So in the case of my blog, if by chance you think it is full of it, I’m sorry, I disagree, but I also fully respect your right to feel that way and your right to vote with your feet. I also support your effort to look at it objectively and decide for yourself. For that is the only real fix for fake news…

Smarter people.

Oculus releases VR rig that people may actually buy.

Oculus, as you may know, is the virtual reality startup that was picked up by Facebook in March of 2014 for a sweet $2 billion. Since then they and their competitor HTC have each released VR products that are light years ahead of any consumer grade VR that came before. The problem though was the price point of $600-$800 dollars meant most people with the time and inclination to want VR were priced right out of the market. To use one of those systems it isn’t even enough to simply purchase one. You need the high-end PC capable of running it for it to function as anything but a paperweight. At the time VR needed products that worked, and with function comes cost. Sales were what you could expect, the people that could afford the experience bought it but they hardly flew off the shelves.

But on Tuesday that dynamic was broken when Oculus released the Oculus Go, a $200 dollar self-contained VR device. The cost is slashed, the tethered PC is gone, the screen resolution is actually better than the original. Life is good, right? Well, that price comes with a big caveat. While the Rift can track your orientation plus your position the Go can only tell your orientation. This is a game breaking flaw for most of the existing Oculus and HTC games that exist today. Making the experience (and compatible software) much similar to the Samsung Gear VR. There is also the Facebook problem, Facebook seems to have an issue lately with protecting user data and now they will be able to quite literally track your movements. Though I’m personally very concerned with my data exfiltration and I think in this case the benefits outweigh the risks. This is a great product for a new VR niche and the Go fills that niche very well. The experience of watching movies or steams through the device is very enjoyable and the portability of the product offers new possibilities such as instant isolation from chatty travelers on a flight as one example. Oh, and did I mention $200?

The $200 32Gb version can be found here.
and the @250 63Gb version can be found here.