by Pam Martens and Russ Martens, Wall St On Parade:
Last week the CEO of Apple, Tim Cook, gave a harsh critique on how Facebook is making its money. Cook told an MSNBC Town Hall: “The truth is we could make a ton of money if we monetized our customer, if our customer was our product. We’ve elected not to do that.”
Cook has good reason to believe that Facebook has “monetized” its customers. After a whistleblower from the data mining company, Cambridge Analytica, exposed that Facebook had allowed the private information on 50 million Facebook users to be exploited for micro-targeting on behalf of the Trump presidential campaign, the company has come under withering criticism.
Yesterday, in a press conference, Mark Zuckerberg, the CEO of Facebook, conceded to reporters that the privacy breach by Cambridge Analytica could have affected as many as 87 million Facebook users. The company also announced that most of its billions of users may have had their profiles scraped, writing:
“Until today, people could enter another person’s phone number or email address into Facebook search to help find them. This has been especially useful for finding your friends in languages which take more effort to type out a full name, or where many people have the same name. In Bangladesh, for example, this feature makes up 7% of all searches. However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature. We’re also making changes to account recovery to reduce the risk of scraping as well.”
Facebook is now under an investigation by the Federal Trade Commission as well as an investigation by the British Parliament. (Exploitation of Facebook user profiles by Cambridge Analytica was also used to meddle in the Brexit voter referendum, which took the U.K. out of the European Union.)
Facebook had previously entered into a consent decree with the U.S. Federal Trade Commission in 2011 that barred it from “making any further deceptive privacy claims, requires that the company get consumers’ approval before it changes the way it shares their data, and requires that it obtain periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years.” In the 2011 matter, the FTC charged Facebook with conduct that appears to be very similar to today’s issues, raising the possibility that it has violated its consent decree with a Federal regulator. The FTC charged Facebook with the following in 2011:
“In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.
“Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.
“Facebook told users they could restrict sharing of data to limited audiences – for example with ‘Friends Only.’ In fact, selecting ‘Friends Only’ did not prevent their information from being shared with third-party applications their friends used.