Facebook secretly paid hundreds of contractors to transcribe audio clips shared by users in private messages. That’s according to Bloomberg News, which reports the practice rattled the contract workers, who were often subjected to vulgar and intrusive recordings and were not told whose conversations they were transcribing or why. In a statement, Facebook said the practice was aimed at improving its artificial intelligence transcription service, but that the company had “paused human review of audio more than a week ago.” An Irish data privacy commission said Wednesday it’s investigating whether Facebook violated European Union privacy laws. Bloomberg reported earlier this year that Amazon, Apple and Google similarly hired thousands of workers to listen to users’ recorded audio.
The passwords of millions of Facebook users were accessible by up to 20,000 employees of the social network, it has been reported.
Security researcher Brian Krebs broke the news about data protection failures, which saw up to 600 million passwords stored in plain text.
The passwords that were exposed could date back to 2012, he said.
In a statement, Facebook said it had now resolved a “glitch” that had stored the passwords on its internal network.
In a detailed expose, Mr Krebs said a Facebook source had told him about “security failures” that had let developers create applications that logged and stored the passwords without encrypting them.
Commenting on Mr Krebs’s story Facebook engineer, Scott Renfro said an internal investigation started after Facebook had uncovered the logs had not revealed any “signs of misuse”.
In public comments, Facebook said it had discovered the issue in January as part of a routine security review.
And its investigation showed that most of the people affected were users of Facebook Lite, which tends to be used in nations where net connections are sparse and slow.
“We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the company told Reuters.
But it added it would enforce a password re-set only if its taskforce looking into the issue uncovered abuse of the login credentials.
The news caps a long period of trouble for Facebook over the way it handles and protects user data.
In September last year, it said information on 50 million users had been exposed by a security flaw.
And earlier in 2018 it revealed that data on millions of users had been harvested by data science company Cambridge Analytica.
[Image: ‘Facebook’ by Alyssa Joy Bartlett, 2018]
(Bloomberg) — Nick Winke, a photographer in the Pacific northwest, was perusing internet forums when he came across a complaint that alarmed him: On certain Samsung Electronics Co. smartphones, users aren’t allowed to delete the Facebook app.
Winke bought his Samsung Galaxy S8, an Android-based device that comes with Facebook’s social network already installed, when it was introduced in 2017. He has used the Facebook app to connect with old friends and to share pictures of natural landscapes and his Siamese cat — but he didn’t want to be stuck with it. He tried to remove the program from his phone, but the chatter proved true — it was undeletable. He found only an option to “disable,” and he wasn’t sure what that meant.
“It just absolutely baffles me that if I wanted to completely get rid of Facebook that it essentially would still be on my phone, which brings up more questions,” Winke said in an interview. “Can they still track your information, your location, or whatever else they do? We the consumer should have say in what we want and don’t want on our products.”
Consumers have become more alert about their digital rights and more vigilant about privacy in the past year, following revelations about Facebook’s information-sharing practices and regulators’ heightened scrutiny of online data collection. Some people have deleted their Facebook accounts in protest of the company’s lapses, while others simply want to make sure they have the option to do so. Many Android phone users have begun to question Samsung’s deal to sell phones with a permanent version of Facebook — and some of them are complaining on social media.
A Facebook spokesperson said the disabled version of the app acts like it’s been deleted, so it doesn’t continue collecting data or sending information back to Facebook. But there’s rarely communication with the consumer about the process. The Menlo Park, California-based company said whether the app is deletable or not depends on various pre-install deals Facebook has made with phone manufacturers, operating systems and mobile operators around the world over the years, including Samsung. Facebook, the world’s largest social network, wouldn’t disclose the financial nature of the agreements, but said they’re meant to give the consumer “the best” phone experience right after opening the box.
Balwinder Singh’s experience wasn’t what he would consider the best. Singh, who lives in the Susquehanna Valley of the eastern U.S. and works in transportation, bought his Samsung phone seven months ago. He first tried to delete the Facebook app when he was setting up the device.
“My news feed was full of negative stuff, people going crazy on social media,” he said. “It was affecting me emotionally and mentally.” Even after disabling the app, he was bothered to still have it on his phone.
Samsung, the world’s largest smartphone maker, said it provides a pre-installed Facebook app on selected models with options to disable it, and once it’s disabled, the app is no longer running. Facebook declined to provide a list of the partners with which it has deals for permanent apps, saying that those agreements vary by region and type. There is no complete list available online, and consumers may not know if Facebook is pre-loaded unless they specifically ask a customer service representative when they purchase a phone.
Consumer-advocacy groups have been skeptical of such arrangements for years, according to Jeff Chester, executive director of the Center for Digital Democracy.
“It’s only recently that people have become to understand that these apps really power the spy in your pocket,” he said. “Companies should be filing public documents on these deals, and Facebook should turn over public documents that show there is no data collection when the app is disabled.”
Facebook isn’t the only company whose apps show up on smartphones by default. A T-Mobile US Inc. list of apps built into its version of the Samsung Galaxy S9, for example, includes the social network as well as Amazon.com Inc. The phone also comes loaded with many Google apps such as YouTube, Google Play Music and Gmail; Google is the creator of the Android software that powers the phone. Other phone makers and service providers, including LG Electronics Inc., Sony Corp., Verizon Communications Inc. and AT&T Inc., have made similar deals with app makers. When Twitter’s app is loaded on a new phone by default, it wouldn’t collect any data unless a user had an account or created a new one, and opened the app and logged in, the company said.
But Facebook, which has spent the past year apologizing for security breaches and data privacy scandals, is the one drawing ire about its irrevocable presence on Samsung’s phones. “Very slimy,” Twitter user Gopinath Pandalai in Bangalore, who goes by @gopibella, wrote on the site in October. “Been a Samsung customer for 10 years. Time to move on.”
In December, Justin McMurry, whose Twitter handle is @BoutSebm, wrote that he considered Facebook a privacy threat. “If I can’t delete it, this will be the last Samsung product I ever own.”
Apple Inc., whose iPhone is the top-selling smartphone in the U.S., doesn’t pre-install Facebook or any other third-party apps on its new phones.
José Cortés, a Spaniard living in Sweden, has started using Facebook on his phone more infrequently, sharing less because he doesn’t like the way it broadcasts his activity to his friends. If there’s an event coming up on Facebook, he never marks that he’s going or interested, even if he is, because he dislikes that his attendance will advertise the event to his other friends.
“I understand Samsung is trying to make it easy for the user, but I don’t like that it does not allow me to uninstall,” he said. For his next phone, he said he’ll consider buying something else.
[Image: ‘Facebook Unbalance” by Alyssa Joy Bartlett, 2018]
The D.C. attorney general sued Facebook Wednesday for allowing outside companies, including political consulting firm Cambridge Analytica, to access user data and misleading users on the privacy of their data. In more news about Facebook, the social networking giant has temporarily blocked the account of Yair Netanyahu, the son of Israeli Prime Minister Benjamin Netanyahu, over “hate speech.” Earlier this month, Yair Netanyahu posted multiple racist posts, calling Palestinians “monsters” and saying he wished there were no Muslims in Israel, claiming Muslims were terrorists.
The New York Times reports Facebook gave intrusive access to users’ personal data to dozens of other Silicon Valley companies, exempting them from Facebook’s privacy rules even as it misled its users into thinking their data was protected. The Times investigation found that companies like Microsoft, Spotify, Netflix and Amazon were given access to far more Facebook users’ data than even Cambridge Analytica, the British PR firm that collected the data of 87 million Americans in a bid to sway the 2016 presidential election for Donald Trump. The data sharing appeared to violate terms of a 2011 consent agreement with the Federal Trade Commission on user privacy. Meanwhile, Twitter says it’s investigating whether state-sponsored hackers were able to gather personal data from its users. Twitter says the hack could be related to unusual traffic from IP addresses in China and Saudi Arabia.