[HN Gopher] Facebook faces mass legal action over data leak ___________________________________________________________________ Facebook faces mass legal action over data leak Author : LinuxBender Score : 91 points Date : 2021-04-16 20:52 UTC (1 hours ago) (HTM) web link (www.bbc.com) (TXT) w3m dump (www.bbc.com) | nmeofthestate wrote: | Facebook is saying the info was scraped, but I don't see my phone | number publicly visible anywhere on Facebook, yet it's found by | HIBP - any idea what they're referring to? | [deleted] | lolinder wrote: | I believe the data was scraped from the API endpoint that | allowed looking users up by their phone number--the bot just | ran every possible phone number and got back everyone who had | that feature enabled. They've locked that endpoint down, but | this is the fallout from that initial failure to rate limit. | jarenmf wrote: | One must be really dump to allow a bot to make hundreds of | millions of API requests and not noticing. | dkersten wrote: | I've always double checked that my phone number was listed as | private and yet they leaked that, so I don't buy their argument | that it was scraped. | | I just double checked and its set to "only me", which is what | its always been. (I think I only added it because the app | wanted it, but its been years since I've used the app, so don't | remember) | joe_the_user wrote: | As I recall, the leak was essentially bots scraping data that FB | calls "public" but which it's terms of use say not to scrape. | | The thing is, FB's protections are kind a fantasy to start with. | The idea you know your friend's information but your | friend's-friend's-friend's might work in real life but not on the | Internet. At the same time, this fantasy is what Facebook has | sold it's users (and I'd note that a look of FB user got online | first with FB and so take their real life beliefs to it). | | One outcome of the suit might be for FB to say "you couldn't | expect real privacy from this anyway, how can we be liable" and | then the judge force to FB to label it's policy "privacy | protection _entertainment_ " in the way we got World Wrestling | Entertainment. And another option is for FB to pay off the suit | just to avoid that happening. | | -- I remember FB saying "this wasn't a hack", which is | technically true. It's a manifestation of the porousness of FB's | model, which is worse, at least if you expect privacy from FB. | | -- Finally, lots of people say "I hate FB for not giving us | privacy" where they mean the sort of pseudo-privacy around "only | friends know". Here, if you accept this concept of privacy, only | an entity like FB could give it to you, so cleaving to that | privacy policy strengthens FB even when it's hated. It's the | regulating social networks. If FB was a regulated monopoly, | they'd be absolutely "too big to fail". | pmarreck wrote: | Serves 'em right for building in PHP ;) | cortesoft wrote: | I wonder if anyone ever sued the phone companies for printing | phone books... they had the name and phone number for everyone! | [deleted] | mhh__ wrote: | Did they have my phone number? | | Literally one click and I had a list of every UK Facebook users | public phone number, that's not a phone book. | CrazyCatDog wrote: | I'm fairly confident that we could all request not to be | listed. Perhaps a closer parallel is to ask if the phone | directories could be sued for publishing a number following an | opt-out request... | RHSeeger wrote: | You need to pay extra to not be listed. | xico wrote: | Only became free in 2003 in France, and the main telecom | company then was not happy, refused to tell how much money it | was gaining from selling the data previously, and asked for a | subscription increase in exchange. | CrazyCatDog wrote: | Ironically, Ireland might be the most capable nation of reigning | in big-tech given their preferred tax status and their subsequent | mind-blowing profits residing there beyond the reach of the US | feds--for now at least! | de6u99er wrote: | Well deserved. | akudha wrote: | It depends on the outcome. Companies get sued, sue each other | all the time. A company like FB probably has the best lawyers | money can buy, it is probably just business as usual for them | at this point. | | I do hope something good (for users, not FB) comes out of it. | rmccue wrote: | If anyone else is looking for the link to said action, it appears | to be https://www.digitalrights.ie/facebook/ | Rygian wrote: | Interestingly enough, this site is asking for my personal data | but not providing any sort of privacy policy to explain what | will be done with my personal data... | tyingq wrote: | https://www.digitalrights.ie/privacy-policy/ ___________________________________________________________________ (page generated 2021-04-16 22:00 UTC)