A File With 100 million Facebook Users’ Data
Wednesday, July 28th, 2010 by Harry LewisSo some clown, sorry, security researcher has done a scan of every Facebook profile his robot could reach and assembled a file of all their public information, and posted it for download. 100 million profiles.
I could have done it. You could have done it. No need to bother, though, because Ron Bowes did it for you.
This is one of those things that is not a technology story. It’s an ontology story, or a spiritual story, or something.
Facebook reports that it’s all public information, public because the users wanted it public. So there is no news here, in their view.
“No private data is available or has been compromised,” as they say. And they are correct technically. Why is it creepier to have your data in a file with 99,999,999 other profiles, on everybody’s laptop, when the same information about you would have turned up in a Facebook query, or a Google search for that matter? Public is public, right?
The aggregation sure makes it feel different. But that is a matter of feelings, and Facebook’s response was written by its legal team. For lawyers, everything is a binary. Things are either black or white. But privacy has lots of grey.
The Telegraph has a good report on it.
July 28th, 2010 at 11:08 pm
LOL2….very interesting…hehe
July 29th, 2010 at 4:30 pm
From a technical and legal standpoint, he did nothing wrong, he simply make already public information available from another channel. Nor did Facebook do anything wrong, they allowed him to crawl their public data like they allow anyone to crawl (be it a regular user, a data-mining researcher, or an evil person).
There can be several possible consequences as a result of such incidents:
– If incidents such as this end up raising public awareness about the risks of over-sharing on social networks, then thats great.
– If as a result of the media bashing, Facebook decides to change its defaults to be more private, then thats even greater.
– But if as a result of all this, Facebook legal team gets together and makes crawling of their data illegal, and they add strict rate-limits to their servers, then that would be very sad, it would be a big disservice to the research community.
I hope (as a researcher) that the first two consequences happen, and not the third.