in 2018, Facebook told Vox that it doesn’t use private messages for ad targeting. But a few months later, The New York Times, citing “hundreds of pages of Facebook documents,” reported that Facebook “gave Netflix and Spotify the ability to read Facebook users’ private messages.”
Surprising? No. Appalling? Yes.
This is why they are called direct messages instead of private messages.
Not your keys, not your security.
And even if it is your key, if you can’t see how they made the lock then you can’t prove other keys won’t unlock it.
OSS FTW
I wonder if they count Whatsapp with that
Probably
Instagram too
If you backed up your phone with Google or iCloud pre backup encryption, which is most people, then yes!
WhatsApp backup of Google drive is not encrypted?
I don’t think so
it used to not be for a long time, even after they’ve introduced e2ee for messages.
it is now iirc
No, WhatsApp backups are e2ee even on GDrive, although I disabled any cloud backups ages ago, and prefer manual database copy/paste syncing.
WhatsApp happens to be under Meta, but is highly disconnected from Instagram/Facebook/Messenger and other Meta made products, since WhatsApp was originally bought and its users are somewhat different than IG/FB users. A lot of people exist that have WhatsApp, but no “social media” presence, only because it allows to exist and function in society normally in many countries.
I’ve never had Meta (anything) and I gave Netflix the boot a couple years ago. I encourage everyone to also flee. I think both are a waste and they fucking spy on you. I imagine those lengthy privacy statements gave them permission to do this, but sharing private messages is particularly egregious.
Remember this next time someone is arguing with you about how we should really not be so quick to defederate from Threads.
https://en.wikipedia.org/wiki/Facebook#Criticisms_and_controversies
https://en.wikipedia.org/wiki/Lawsuits_involving_Meta_Platforms
Edit:
https://theintercept.com/2024/03/26/meta-gaza-censorship-warren-sanders/
What private info does Meta get through federation with other instances?
I suppose any DMs sent to Threads users?
My point here is not overtly about Privacy. It’s about recognizing that Meta has been a terrible corporate citizen for their entire existence. We shouldn’t be pretending they are some friendly geeky company that just wants to participate like the rest of us. Even if they were, that’s not possible when you are going to pour hundreds of millions of users into these fediverse spaces all at once.
They will exploit the fediverse to the maximum extent they can, and we should not be voluntarily accompanying them.
That’s an excellent point that I don’t see mentioned very often. Quite aside from the fact that Threads has popular scumbags like Libsoftiktok on it, they have 100 million users.
The existing fediverse is already struggling to moderate effectively. Various communities on Mastodon have already been exposed to vitriolic trolling and tools like fediblock are struggling to deal with it. Over here on the threadiverse, there have been numerous spam and CSAM attacks which, again, the existing tools are struggling to deal with.
If even just 1% of the Threads userbase are bad actors, that’s still one million bad actors all at once. Just the weight of numbers alone is going to swamp most instances.
Let’s not forget how similar Facebook is to a CIA program that ended from public scrutiny only a few years prior, and how much involvement Facebook now has with US Government entities.
If the CIA wanted to kill
1.) Budding decentralization concepts and
2.) Cause overload to the system while Facebook retains ultimate control once everyone gives up or only a few small instances are left
This is how it would be done.
Yes, although I think DMs are still visible to the instance administrator. I’m not sure if there’s a plan or what the timeline is for actually encrypting that information.
Anyone using these services in current year is asking for this. If someone is not computer literate and “has” to use these unnecessary services because they can’t selfhost or whatever they need to recognize that total exploitation of their data is the cost and it will never, ever change unless you own your data on your own hardware.
I can’t reiterate enough how much the government will never ever solve this problem.
Then how do you suggest we keep in touch with those older people in our lives who think other social media are scary?
Call or visit them in person.
Ugh and now it’s happening yet again with discord. Everybody seems to want me to be on discord. Just after I managed to get off everything. At least they seem kinda OK for now but we all know it’s just a matter of time until dr evil gets his hands on it.
Yea I would stay away from discord as well. I truly wish I could switch away from it. I tried revolt but the whole “developing behind a closed repo” thing threw me off. The added difficulty is that my whole social circle uses discord, I do not want to be that guy who tries to make everyone move because of privacy concerns that they do not share.
Same struggle. Are you referencing a specific instance and if so can you link an article or something?
Nah I’m just talking
Treat Discord like a public forum and you will reap its benefits with minimal negative consequences. Keep personal comms to a minimum there, be aware of what you type, and make trusted people hop onto Matrix/Element. It is simple.
Does going this far with targeted ads actually increase people’s likelihood to buy something? Like, the value of data you can get on someone has to plateau at some point, right?
Its also about monitoring what people are saying privately about your shows
I think its about decreasing the costs of Netflix by having the right selection of movies available for a given geography at the right time.
Anyway this limited library thing is another reason I prefer streaming from torrents
My thinking is that on a case by case basis you are absolutely correct but that statistically the gains much average out in the large scale so that it makes it worth it. Otherwise, surely advertising wouldn’t be nearly as big as it is right?
I don’t know. I feel like you need to be predisposed to a product category in order for an advertisement to have any impact on you. I don’t give a shit about most of the products I see advertised. They’re gathering all this data on me but still end up using it in stupid ways. So much so that even the stuff I am interested in gets presented to me in a worse fashion than it probably would with random ads.
For example, I built a new pc about a year ago and to this day I get tons of targeted ads trying to sell me GPUs and other PC parts. Like, cool, you figured out something I was interested in buying at one point but that interest evaporated the moment I made that purchase. Every ad I’ve seen since then has been a waste of everyone’s time and yet they keep showing them to me.
Who cares? It has the added benefit of being evil, and that’s enough for them.
If you want private messaging - use Signal.
If you use any kind of messaging on commercial platforms, expect immediate loss of privacy. They call them “direct” messages for a reason.Good luck being private when your phone number is attached to all your messages. I’ll see you on Wire.
here’s your daily reminder not to conflate privacy with anonymity.
It was fixed a month ago https://signal.org/blog/phone-number-privacy-usernames/
No. That doesn’t eliminate the need to use a phone number! It’s just ‘hidden’.
That’s not the point. It was statet that each message is associated with the number. But it isn’t. The only way to achieve this in Signal is getting into your phone.
Wow you don’t know how to read.
Phone numbers are still required and Signal got a lot of shit for it.
Phone numbers are still required
But are they still attached to messages?
I’ll see you on Wire.
Or SimpleX
Something something Privacy vs. Anonymity. But I invite you to try. Good luck getting into my phone!
Man sitting at library table: tap tap tap tap tap
Couple behind him: starts arguing violently, creating massive distraction
Man at table:
Let me know how that Killswitch on your phone works, hope you configured the power button shutdown press time from the default 10 seconds to 2 seconds, because SWAT can throw a flash bang through your window and have their boot on your neck before you’re able to navigate the shutdown screen.
Note: I am in no way siding with any government agency, only stressing that they know about encryption, and their goal is to get you on the ground before you have a chance to shut your phone off. Even if you do manage to turn it off in time, hopefully your phone has the latest and greatest in anti-coldboot technology. I don’t know that GrapheneOS or any security mods wipe RAM.
Oh boy. Some of you people watch too many movies.
Let’s get some basic stuff established:
- This thread is about commercial platforms selling your direct message data. That’s the threat model.
- I don’t live in a country where the police SWAT teams throw flashbangs without court orders
- If the authorities want to get to me (which, again, is not the threat model of this thread). They can. Easily. They know where I live. They just have to knock on the door. It’s not even locked.
- I did, to my best knowledge, not reply to you in anywhere this thread. I’m not sure why you are replying to me.
But sure. I’ll give you this: If your threat model is dodging SWAT team flashbangs, I doubt using Signal is much use to you at that point. That just wasn’t what this thread was talking about.
Good luck getting into my phone!
That’s what I was referring to. I’m glad you live in a country where that scenario seems movie-like but I live in the land of the free.
Which was a response to this
Yeah I went overboard.
Meta didn’t “give” anybody shit. They sold that access. Do you see the difference?
As always, users are the commodity.
This is the best summary I could come up with:
The streaming business’ demise has seemed related to cost cuts at Meta that have also included layoffs.
The letter, made public Saturday, asks a court to have Reed Hastings, Netflix’s founder and former CEO, respond to a subpoena for documents that plaintiffs claim are relevant to the case.
One of the first questions that may come to mind is why a company like Facebook would allow Netflix to influence such a major business decision.
By 2013, Netflix had begun entering into a series of “Facebook Extended API” agreements, including a so-called “Inbox API” agreement that allowed Netflix programmatic access to Facebook’s users’ private message inboxes, in exchange for which Netflix would “provide to FB a written report every two weeks that shows daily counts of recommendation sends and recipient clicks by interface, initiation surface, and/or implementation variant (e.g., Facebook vs. non-Facebook recommendation recipients).
Meta said it rolled out end-to-end encryption “for all personal chats and calls on Messenger and Facebook” in December.
The company told Gizmodo that it has standard agreements with Netflix currently but didn’t answer the publication’s specific questions.
The original article contains 487 words, the summary contains 180 words. Saved 63%. I’m a bot and I’m open source!
I love that thumbnail
Also it cracks me up that WhatsApp is still popular
I want to point out how similar this is to the FYES arrangement which allows close allies to spy on each other’s citizens to skirt the legal blocks of a country spying on its own citizens. This allowed Facebook to honestly say (from a legal standpoint) they didn’t read/use private messages for ads. Because they didn’t say they didn’t sell private messages to other companies for tons of $$$, and let them do the reading and advertising.
Let’s not forget how similar Facebook is to a CIA program that ended from public scrutiny only a few years prior, and how much involvement Facebook now has with US Government entities.
If the CIA (or just Facebook) wanted to
-
Kill budding decentralization concepts and
-
Cause overload to the system while Facebook retains ultimate control once everyone gives up or only a few small instances are left
Threads is how it would be done. Interesting naming coincidence too, as pulling a thread causes the entire garment to become structurally compromised.
-
Meta is a dog shit in the middle of a dumpster. Episode 36384927339
Surprise level: 0
I’m not sure how anyone expects any form of privacy from any company Under The Meta umbrella. I would be more surprised to be told that they weren’t selling your data to every company that offered to buy it.
I would say this should be ruled out / illegalized but personally I’ve hit that point where I really don’t think we’re ever going to have any right to privacy in this country(US), and the government itself benefits far too much from the same privacy Outreach. It will just end up being a slap on the wrist or another pop up saying “Hey by using the site you agree to XYZ” or “by making this account you accept to give away your first born child”. But considering the alternative is probably them making the service a subscription based, I’m expecting the majority of their users would prefer it this way.
That being said, Facebook’s biggest push right now is all your chats are now end-to-end encrypted, so what this tells me is that either Facebook knew this PR was going to get out there and they wanted to do damage control early, or that Facebook is not doing true end-to-end encryption and that it’s still server client encryption between both clients with Facebook holding the shared key.
