{"id":123701,"date":"2018-12-10T12:00:30","date_gmt":"2018-12-10T12:00:30","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=123701"},"modified":"2018-12-06T13:42:06","modified_gmt":"2018-12-06T13:42:06","slug":"heres-facebooks-former-privacy-sherpa-discussing-how-to-harm-your-facebook-privacy","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2018\/12\/heres-facebooks-former-privacy-sherpa-discussing-how-to-harm-your-facebook-privacy\/","title":{"rendered":"Here\u2019s Facebook\u2019s Former \u201cPrivacy Sherpa\u201d Discussing How to Harm Your Facebook Privacy"},"content":{"rendered":"
\"\"<\/a>

The Facebook booth at the Web Summit in Dublin on March 11, 2015.
Photo: Niall Carson\/PA Wire via AP<\/p><\/div>\n

6 Dec 2018 – <\/em>In 2015, rising star, Stanford University graduate, winner of the 13th season of \u201cSurvivor,\u201d and Facebook executive Yul Kwon was profiled<\/a> by the news outlet Fusion, which described him as \u201cthe guy standing between Facebook and its next privacy disaster,\u201d guiding the company\u2019s engineers through the dicey territory of personal data collection. Kwon described himself in the piece as a \u201cprivacy sherpa.\u201d But the day it published, Kwon was apparently chatting with other Facebook staffers about how the company could vacuum up the call logs of its users without the Android operating system getting in the way by asking for the user for specific permission, according to\u00a0confidential Facebook documents<\/a>\u00a0released today by the\u00a0British Parliament.<\/p>\n

\u201cThis would allow us to upgrade users without subjecting them to an Android permissions dialog.\u201d<\/em><\/strong><\/p><\/blockquote>\n

The document, part of a larger 250-page parliamentary trove, shows what appears to be a copied-and-pasted recap of an internal chat conversation between various Facebook staffers and Kwon, who was then the company\u2019s deputy chief privacy officer and is currently working as a product management director, according to his LinkedIn profile.<\/p>\n

The conversation centered around an internal push to change\u00a0which\u00a0data Facebook\u2019s Android app had access to, to grant the software the ability to record a user\u2019s text messages and call history, to interact with bluetooth beacons<\/a> installed by physical stores, and to offer better customized friend suggestions and news feed rankings . This would be a momentous decision for any company, to say nothing of one with Facebook\u2019s privacy track record and reputation, even in 2015, of sprinting through ethical minefields. \u201cThis is a pretty high-risk thing to do from a PR perspective but it appears that the growth team will charge ahead and do it,\u201d\u00a0Michael\u00a0LeBeau, a Facebook product manager<\/a>, is quoted in the document as saying of the change.<\/p>\n

\"\"<\/a><\/p>\n

Crucially, LeBeau commented, according to the document, such a privacy change would require Android users to essentially opt in; Android, he said, would present them with a permissions dialog soliciting their approval to share call logs when they\u00a0were to upgrade\u00a0to a version of the app that collected the logs and texts. Furthermore, the Facebook app itself would prompt users to opt in to the feature, through a notification referred to by LeBeau as \u201can in-app opt-in NUX,\u201d or\u00a0new user experience<\/a>. The Android dialog was especially problematic; such permission dialogs \u201ctank upgrade rates,\u201d LeBeau stated.<\/p>\n

But Kwon appeared to later suggest that the company\u2019s engineers might be able to upgrade users to the log-collecting version of the app without any such nagging from the phone\u2019s operating system.\u00a0He also indicated that the plan to obtain text messages had been dropped, according to the document. \u201cBased on [the growth team\u2019s] initial testing, it seems this would allow us to upgrade users without subjecting them to an Android permissions dialog at all,\u201d\u00a0 he stated. Users would have to click to\u00a0effect the upgrade, he added, but, he reiterated, \u201cno permissions dialog screen.\u201d<\/p>\n

It\u2019s not clear if Kwon\u2019s comment about \u201cno permissions dialog screen\u201d applied to the opt-in notification within the Facebook app. But even if the Facebook app still sought permission to share call logs, such in-app notices are generally designed expressly to get the user to consent and are easy to miss or misinterpret. Android users rely on standard, clear dialogs from the operating system to inform them of serious changes in privacy. There\u2019s good reason Facebook would want to avoid \u201csubjecting\u201d its users to a screen displaying exactly what they\u2019re about to hand over to the company:<\/p>\n

\"\"<\/a><\/p>\n

It\u2019s not clear how this specific discussion was resolved, but Facebook did eventually begin obtaining call logs and text messages from users of its Messenger and Facebook Lite apps for Android. This proved highly controversial when revealed in press accounts and by individuals<\/a> posting on Twitter after receiving data Facebook had collected on them; Facebook insisted<\/a> it had obtained permission for the phone log and text massage collection, but some users and journalists said<\/a> it had not.<\/p>\n

It\u2019s Facebook\u2019s corporate stance that the documents released by Parliament \u201care presented in a way that is very misleading without additional context.\u201d The Intercept has asked both Facebook and Kwon personally about what context is missing here, if any, and will update with their response.<\/p>\n

__________________________________________________<\/p>\n

Related:<\/em><\/p>\n