Watch this episode on YouTube.
Reasonably Accurate 馃馃 Transcript
Hello, everybody. How are you doing today on this episode of the show? I wanna talk to you again about Facebook. I mean, I don't want to talk to you about Facebook, but I feel like I have to talk to you about Facebook. Here it is 2019.
We're rolling into February and yet again, Facebook is in the headlines for bad behavior. This time, it's around some of their research efforts. Um Now you'll see the various headlines, uh top talking about, um stealing data, talking about tricking people into this data.
I'll give you the skinny because I don't think any of those headlines are really accurate. Basically. What has happened is that Facebook has created an Android and an I OS app and they are, um, compensating people as part of market research to install these applications.
Now, they're doing it a little bit underhandedly because they're going through third parties, um who specialize in getting people to volunteer for research. Um, but they're not necessarily uh revealing or being fully forthcoming and disclosing who they are. Um, and the purpose of this data right now, sometimes that's ok because that would taint the data itself depending on the research that you're doing.
Um, but when it comes to Facebook, we all know, uh, what they're trying to do with this information and it looks like this is a replacement for what they were doing, um, underhandedly with the onavo VPN that got pulled a few months ago.
So in this case, they're compensating people for their data and the way they're gathering that data has raised some eyebrows. Um, they are using the enterprise distribution method from Apple um on Android. Everybody's quite familiar with the fact that you can load Android apps from almost anywhere on Apple.
Most people only go to the App Store, they're only used to the App Store. Well, there is actually another way to install applications and that is called enter distribution. And essentially you as a company go to Apple and get what's called a root certificate, a trust certificate saying, you know, Mark's company can now deploy applications to anybody who trusts that certificate.
So then I would go to my users and say if you want to use your iphones on our network, you trust the certificate and then you can download all these internal apps. And that way you don't actually have to put your applications on the App Store.
So for something that's purely internal that you never want to see to customers or to the public, that's the way to do it, that's the accepted way to do it. Of course, because Apple still controls this, this mechanism. They're the ones who issue these certificates.
There's a bunch of rules around how you're supposed to do this and, um, what applications you can actually do. Um, and it's designed purely for within your organization. Um, Facebook and Apple are, are, you know, back at it, duking it out again.
Um, because, uh, what Facebook has done through this research is that trust this root certificate, which gives the, um any applications that leverage that certificate a significant amount of privilege on the phone. So they get to see a lot of things that you would normally get warned about as a user.
If a number, if another application actually did make it through the App Store review process and tried to gain all these accesses, you would get a bunch of warnings on your phone through this method. You don't actually do it. So there's a problem there, there's a problem with the application and I trust Apple is going to sort that out and they are going to hold up to their normal standards because they're excellent at applying that for our own safety and security and the protection of our data.
Um The challenge here is that Facebook was getting users to sign up through various market research companies. Um And sometimes they were being clear about their involvement, sometimes they were not being clear about their involvement. There's some shady ethical questions there.
Um But from a science perspective, sometimes you can't let people know what's going on, but this was not at all for science. This is purely market research and getting the inside scoop because they were targeting 13 to 25 year olds. So they're trying to replace the data they were getting from the A Novo VPN which was based like, what cool stuff are you using on your phone?
Uh, because we want to make sure that we can either, um buy that company or build our own tech or start, you know, helping advertisers target you because there's something cool out there and something new and up and coming. Let's get ahead of the curve.
So ethical questions there, tons of stuff to unravel but not at all the topic of the show. I needed all this out of the way to raise the biggest eyebrow. Um That kind of popped up when I was reading through all this information when I was having discussions with my friends and colleagues around this.
It's 20 bucks people were voluntarily giving up a massive amount of data about themselves for 20 bucks a month. We have a privacy problem. It's a perception of our own value and own worth because 20 bucks turns out to be on the high end.
If you tried to sell um something like your credit card number, let's say, you know, you're crazy or you're, you're trying to be an enterprising cyber criminal and you've got a credit card number with expiry date with the CV C number off the back with a full address.
It's clean, it can be used to rack up a couple of charges that might, might net you 10 to $15 depending on who it's from. And the, and the credit limit, things like that. Um That's the high end something like your Netflix account might get you a dollar or two.
And the rest of it uh turns out your data is not that valuable in the individual packet where data brokers where Facebook make a ton of money is on the aggregate, it's on um figuring out your behavioral patterns based on using your data to demographically profile you.
So knowing that um you know, middle aged men in the Great White North with a family like to buy the f following things um or like to take the following actions, they are more than uh you know, uh they'll like sci fi versus drama or whatever the case may be.
So we can market sci fi movies and books and things like that to them. That's where the money comes in. Your data itself is not individually valuable. It's the pattern of your behavior. So the question comes down to how much do you value them?
Because that's what really jumped out at me was that this is a disproportionate um amount of compensation and disproportionate in the negative, the value that you can provide to a company as part of an aggregate, right? They're making billions and billions and billions.
But to you, as an individual is the $20 worth it to give away that much information about yourself. So, if I handed you $20 let's do, let me start this again. Let's do a little thought experiment. Would you be comfortable if I handed you $20 of telling me everything you've done for the last month, right.
Writing it down over the course of the month and telling me everything you've done, right. What you had for breakfast? What time you got up? What time you went to work? Uh, what you had for lunch? Who you talked to, what you talked about?
Um, you know, what movies you saw, what books you read, what you got up to in the evenings, would you be comfortable doing that for $20? Probably not. This feels like a gross violation. And why, like, what's the benefit to you for $20 is not worth it, but people seem to jump on board and let Facebook, uh, through third parties, pay them up to $20 for the digital equivalent of that.
And I think that is a, an alarm bell for me as an advocate for privacy, as an advocate for security is that there is a disconnect, uh, in the perception in the under understanding of what is actually going on online. Um, and I think it's time to start doing something about it and that's apropos for this week.
We started off with uh International Data Privacy Week. Um I think we really need to put our foot down for our feet down. We need uh to put our foot to put our feet down. Um I tried to be dramatic and it backfired.
Uh But I think this is a real issue is that, you know, there's a disconnect in how much we think uh we're giving up versus how much we're giving up. Um How much we should value our own information and data monetarily and how much we can actually get compensated by it for it and how much people are making money off of that information.
I think we really need to tighten things up. We need to disclose less online. We need to um put a hard rule down for companies to how they treat our information and we got a long, long way to go. Let me know what you think online here.
Uh Hit me up at Mark N dot C A or at Mark NC A. Um Mark dot C A is my website. Always, you can check it out out there. Um For those of you on the vlogs in the comments down below and as always by email for podcast listeners, everybody else.
Me at Mark N dot C A, this is a big issue, big topic. We're gonna be talking about it a lot this year. Um Hopefully we can make some progress and swing things back towards us. The digital citizens of the world hope you are set up for a fantastic day and we'll see you on the next episode.
