Share this page!

Maybe Scrolly?
Wolfie Christl Profile picture
Twitter logo
Nov 11, 2019 13 tweets 8 min read
Very interesting stuff in the leaked Facebook documents, indeed.

See e.g. from page 1561:
dataviz.nbcnews.com/projects/20191…

For example, Facebook did actually analyze "call log data (e.g. duration/frequency/recency of incoming/outgoing calls/texts)" and use it for friend suggestions.
See also @PrivacyMatters's thread:
@PrivacyMatters Facebook was "working with Cisco and other manufacturers to collect insights about users whose mobile devices are detected by in-store wifi".

(the whole table is from an email dated December 11, 2013)
@PrivacyMatters In 2013, FB considered to partner with a firm who provides "credit verification and scoring services", "sees 90% of credit card transactions in the US" + "buys the anonymized, user level transaction data directly from the banks and then works with Epsilon to re-identity the data"
@PrivacyMatters "We briefed the FTC on this, and the reaction was positive"
@PrivacyMatters FB on accessing sensitive Android app permissions:

"we are seeing complaints among our beta testers regarding the new permissions, in particular the read_SMS permission, and are working to develop reactive messaging and figure out ways to minimize such complaints going forward"
@PrivacyMatters Also, this 2012 debate on data brokers' and CRM companies' access to FB user data, feat. Experian, Oracle, Salesforce, from page 3649:
dataviz.nbcnews.com/projects/20191…

They knew that many firms were aggregating user data. And they did care about 'erasing' their 'value' (a little bit).
@PrivacyMatters However, today we know they let it happen. Not just Cambridge Analytica. Almost certainly, tens of thousands of companies harvested FB user data in the years after 2012.
@PrivacyMatters FB didn't just let it happen, but also had data partnerships with others.

In 2012, FB was hesitant to provide user data for Experian's insurance clients. But FB and Experian definitely had some kind of deal later ('partner categories' etc). What did the contract look like?
@PrivacyMatters Also from the leaked docs, p. 3665:

A FB product manager had 'a call with Foursquare about giving [Facebook] all their data". In return, Foursquare got the ability to retrieve 'location related posts' for 'particular' users.

('do you guys have a strawman around this already')
@PrivacyMatters FB on how lobbying went at the WEF meeting in Davos 2013 (page 876):

- V. Reding: 'difficult relationship with her'
- Enda Kenny, prime minister Ireland: 'We have a great relationship with Kenny'
- Neelie Kroes: 'We have a great relationship with this European Commissioner'
...
@PrivacyMatters "we are facing a slew of new bills prohibiting employers and universities from requesting access to an applicant or employee's social media account ... our allies ...have agreed to lead the public effort opposing the bills while we will continue to work behind the scenes" (p 884)
@PrivacyMatters Antitrust dynamite (p48, and then p3185):

"This sheet shows Facebook was actively tracking early stage startups using improperly obtained Onavo data in order to determine which companies might become either acquisition targets or threats that Facebook would need to shut down"

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Wolfie Christl Profile picture
Feb 18
Die ORF-Website will die "Einwilligung" in die Übertragung personenbezogener Verhaltensdaten an 46 Drittparteien, viele davon reine Datenhandelsfirmen.

Nicht cool, dass viele Medien-Websites sowas machen. Gar nicht cool, wenn der öffentlich-rechtliche Rundfunk das macht. ImageImage
Die Gestaltung der "Einwilligung" ist unklar und manipulativ. Es geht nicht um "Cookies", sondern um Datenübertragung an Dritte. Es gibt nicht mal einen gleichwertigen "Ablehnen" Button. Allein das macht die Einwilligung ungültig. Ohne diese ist die Datenverarbeitung nicht legal.
Aber selbst wenn ein "Ablehnen" Button vorhanden wäre, wäre die Datenübertragung nicht legal.

Die EU-Datenschutzbehörden haben das Pseudo-Einwilligungssystem "TCF", das auch auf der ORF-Website genutzt wird, vor zwei Wochen für unrechtmäßig erklärt:
netzpolitik.org/2022/datenschu… Image
Read 30 tweets
Wolfie Christl Profile picture
Feb 15
Google's "infamous 'Web & App Activity' controls for paid users of Google Workspace" is "split up into two settings" …HOWEVER, "Google is taking advantage of this settings split to re-enable some tracking features, even if users have previously opted out"
arstechnica.com/gadgets/2022/0…
"The crux of those earlier privacy lawsuits was that having privacy settings bizarrely split across two switches was unnecessarily confusing. Now, with Search History, privacy settings are split across three switches" 🤡
"Regarding the promise to not use data from 'Workspace core services', Google's statement doesn't cover Google Search ... which is the primary vector for Google ads and data for Google ads. That's right—the 'Search History' setting from Google doesn't cover Google Search history"
Read 6 tweets
Wolfie Christl Profile picture
Feb 14
In a few cases, it is perhaps possible to discuss the 'value' of personal data in itself, e.g. data sets to train and validate ML models.

In many cases, however, the value an organization can extract from data depends on its capacity to directly or indirectly apply it to people.
I think, the value an organization can extract from personal data depends on its direct or indirect control over a sociotechnical system's capacity to *act on* individuals and groups, to decide about how to treat people, target them, mediate their choices or behaviors etc.
The most direct form of such a capacity to act on people based on personal data is the 'customer relationship', e.g. with loyalty program members, magazine subscribers, bank customers ...or users who registered at an online service, downloaded an app or bought a networked device.
Read 11 tweets
Wolfie Christl Profile picture
Jan 31
I want to share some more details about what we found in our investigation into gambling data that are highly relevant to GDPR enforcement and privacy regulation at large.

For example, this is how companies share personal data with each other during a bunch of 'cookie syncs'. Image
I guess rarely anyone has ever analyzed the data flows during only a few 'cookie syncs' at such a level of detail.

It's not about 'cookies' but about an ongoing exchange of personal identifiers that many data companies use to recognize, track and follow everyone across websites.
The chart shows data transmissions we observed during only a few visits to skycasino.com, which initiated requests to the adtech firm MediaMath, which shared the ID it uses to recognize a user with many other firms and initiated further personal data processing by them. Image
Read 31 tweets
Wolfie Christl Profile picture
Jan 31
We observed that a Sky Bet gambling site transmitted extensive personal data on gambling activities to FB, Google, Microsoft, Adobe and to the TransUnion subsidiaries Signal and Iovation.

When asked about it under the GDPR, they mostly failed to disclose what data they process.
For example, when a user deposited cash at Sky Bet, the website immediately informed FB, Google, Microsoft, Adobe, MediaMath and Signal (TransUnion) about the exact amount deposited.

Several third-party data companies including Google and FB received data on almost every click.
In total, we observed 2,154 data transmissions to 44 third-party companies during only 37 visits to Sky Bet gambling sites.

The TransUnion subsidiary Signal created an extensive digital profile about a person who was a heavy Sky Bet user and lost a lot.
Read 8 tweets
Wolfie Christl Profile picture
Jan 27
The online gambling industry can exploit data in the most harmful way, by monitoring and manipulating the behaviours of vulnerable people.

🆕 We examined how a major UK gambling firm tracks and profiles players, and how it shares sensitive data with many other data companies ⬇️ Image
We've been working on it for more than a year, probably the most detailed investigation into data flows in the online gambling industry to date, commissioned by @cleanupgambling

You can download our report (plus a technical report) here, published today:
cleanupgambling.com/news/cracked-l… Image
"A major betting company harvested troves of data from a suicidal gambling addict to target his weaknesses and predict his losses ... [and] to groom the high-value gambler that they wanted to win back"

The Daily Mail's story about it:
thisismoney.co.uk/money/markets/…
Read 40 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @WolfieChristl has new unrolls!

Check out other threads from @WolfieChristl!

Read all threads by @WolfieChristl

:(