Confirmation Facebook that most of its 2.2 billion members probably had their personal data on the rocks “intruders” is the latest example of the failure of social networks to protect the data of its users.
Not to mention his inability even to identify the problem before the company was already embroiled in a scandal.
CEO mark Zuckerberg said Wednesday to reporters that Facebook is closing the function, let the people search Facebook users by phone number or email address. Although it was useful for people who wanted to find on Facebook, it turns out that unscrupulous types also found out a year ago that they could use it to identify individuals and collect data of their profiles.
Scrapers were on it long enough, Zuckerberg said that “at some point in the past few years, someone, probably, the access to public information in this direction.”
The only way to be safe would be for users to deliberately disable this feature to find a few years ago. Facebook was it enabled by default.
“I think that Facebook was not clear enough with how to use the parameters of its privacy,” said Jamie Winterton, Director of strategy of the global security initiative at Arizona state University. “That, for me, was a failure.”
The breach was a stunning admission for a company already reeling from accusations that in the database of the analyst firm Cambridge from unauthorized access information about as many as 87 million users of Facebook to influence elections.
Over the past few weeks, the scandal has grown in all continents of the investigations, including a probe by the Federal Trade Commission. Zuckerberg himself will be questioned by the Congress for the first time on Tuesday.
“The FTC looked the other way for many years, when consumer groups told them that Facebook is violating its Internet 2011, to better protect its users. But now the scandal of the Cambridge analyst FTC woke up from a long sleep digital privacy,” says Jeffrey Chester, Executive Director of the Washington-based non-governmental privacy center for digital democracy.
Neither Zuckerberg nor his company has identified those who carried out the scraping of the data. Outside experts believe that they could be thieves, scammers or questionable data brokers installation marketing profiles.
Zuckerberg said that the company had discovered a problem in data privacy audit began after the Cambridge disclosure by the analyst, but did not say why the company had not noticed it — or had it corrected sooner.
Facebook did not immediately respond to a request for comment on Thursday, when he found the data scraping.
In his conversation with journalists on Wednesday, Zuckerberg said that the company already tried the “speed limit” of search queries. This limited the number of search queries someone who can spend at one time with a specific IP address, a numeric designation that defines the position of the device on the Internet. But Zuckerberg said scrapers, to circumvent the protection by trying multiple IP addresses.
Scratches information was to ensure that the user has already chosen to disclose that, depending on the privacy settings of the person can be a lot — like the fact that Facebook requires people to share. That includes full name, profile photo and lists of school or work networks.
But hackers and fraudsters can then use this information and combine it with other data in the back — pull hoaxes on people, plants malware on their computer or perform other mischief.
Having access to this massive amount of data can also pose risks to national security, said Winterton.
Foreign legal entity can use this information to influence elections or to incite hatred is exactly what Russia supposedly did, through Facebook and other social media in the presidential election of 2016.
Human rights activists have long criticized the tendency for Facebook to push people to share more and more information, often through Pro-sharing options by default.
While the company offers detailed privacy control — users can turn off targeting, for example, or recognition, and post updates that nobody sees — a lot of people never change the settings, and often don’t even know.
The company has tried to simplify his setup several times over the years, most recently this week.
Winterton said that for some users Facebook, without having to worry about it scraping not do much good — because the data is already there. But she said that it might be a good time to “think about what we share and how we share and do we need”.
“Just because someone asks for information, this does not mean that we should give them, if we are not familiar,” she said.
She added that while she no longer has a Facebook account when she did, she put her Year of birth in 1912, and her home town like Kuala Lumpur, Malaysia. Neither is true.
—
AP technology writer Anick Jesdanun contributed to this story.
Sourse: abcnews.go.com