All posts in “Facebook”

Facebook’s new authorization process for political ads goes live in the US

Earlier this month — and before Facebook CEO Mark Zuckerberg testified before Congress — the company announced a series of changes to how it would handle political advertisements running on its platform in the future. It had said that people who wanted to buy a political ad — including ads about political “issues” — would have to reveal their identities and location and be verified before the ads could run. Information about the advertiser would also display to Facebook users.

Today, Facebook is announcing the authorization process for U.S. political ads is live.

Facebook had first said in October that political advertisers would have to verify their identity and location for election-related ads. But in April, it expanded that requirement to include any “issue ads” — meaning those on political topics being debated across the country, not just those tied to an election.

Facebook said it would work with third parties to identify the issues. These ads would then be labeled as “Political Ads,” and display the “paid for by” information to end users.

According to today’s announcement, Facebook will now begin to verify the identity and the residential mailing address of advertisers who want to run political ads. Those advertisers will also have to disclose who’s paying for the ads as part of this authorization process.

This verification process is currently only open in the U.S. and will require Page admins and ad account admins to submit their government-issued ID to Facebook, along with their residential mailing address.

The government ID can either be a U.S. passport or U.S. driver’s license, a FAQ explains. Facebook will also ask for the last four digits of admins’ Social Security Number. The photo ID will then be approved or denied in a matter of minutes, though anyone declined based on the quality of the uploaded images won’t be prevented from trying again.

The address, however, will be verified by mailing a letter with a unique access code that only the admin’s Facebook account can use. The letter may take up to 10 days to arrive, Facebook notes.

Along with the verification portion, Page admins will also have to fill in who paid for the ad in the “disclaimer” section. This has to include the organization(s) or person’s name(s) who funded it.

This information will also be reviewed prior to approval, but Facebook isn’t going to fact check this field, it seems.

Instead, the company simply says: “We’ll review each disclaimer to make sure it adheres to our advertising policies. You can edit your disclaimers at any time, but after each edit, your disclaimer will need to be reviewed again, so it won’t be immediately available to use.”

The FAQ later states that disclaimers must comply with “any applicable law,” but again says that Facebook only reviews them against its ad policies.

“It’s your responsibility as the advertiser to independently assess and ensure that your ads are in compliance with all applicable election and advertising laws and regulations,” the documentation reads.

Along with the launch of the new authorization procedures, Facebook has released a Blueprint training course to guide advertisers through the steps required, and has published an FAQ to answer advertisers’ questions.

Of course, these procedures will only net the more scrupulous advertisers willing to play by the rules. That’s why Facebook had said before that it plans to use AI technology to help sniff out those advertisers who should have submitted to verification, but did not. The company is also asking people to report suspicious ads using the “Report Ad” button.

Facebook has been under heavy scrutiny because of how its platform was corrupted by Russian trolls on a mission to sway the 2016 election. The Justice Department charged 13 Russians and three companies with election interference earlier this year, and Facebook has removed hundreds of accounts associated with disinformation campaigns.

While tougher rules around ads may help, they alone won’t solve the problem.

It’s likely that those determined to skirt the rules will find their own workarounds. Plus, ads are only one of many issues in terms of those who want to use Facebook for propaganda and misinformation. On other fronts, Facebook is dealing with fake news — including everything from biased stories to those that are outright lies, intending to influence public opinion. And of course there’s the Cambridge Analytica scandal, which led to intense questioning of Facebook’s data privacy practices in the wake of revelations that millions of Facebook users had their information improperly accessed.

Facebook says the political ads authorization process is gradually rolling out, so it may not be available to all advertisers at this time. Currently, users can only set up and manage authorizations from a desktop computer from the Authorizations tab in a Facebook Page’s Settings.

Facebook face-recognition error looks awkward ahead of GDPR

A Facebook face recognition notification slip-up hints at how risky the company’s approach to compliance with a tough new European data protection standard could turn out to be.

On Friday a Metro journalist in the UK reported receiving a notification about the company’s face-recognition technology — which told him “the setting is on.”

The wording was curious, as the technology has been switched off in Europe since 2012, after regulatory pressure, and — as part of changes related to its GDPR compliance strategy — Facebook has also said it will be asking European users to choose individually whether or not they want to switch it on. (And on Friday begun rolling out its new consent flow in the region, ahead of the regulation applying next month.)

The company has since confirmed to us that the message was sent to the user in error — saying the wording came from an earlier notification which it sent to users who already had its facial recognition tech enabled, starting in December. And that it had intended to send the person a similar notification — containing the opposite notification, i.e. that “the setting is off”.

“We’re asking everyone in the EU whether they want to enable face recognition, and only people who affirmatively give their consent will have these features enabled. We did not intend for anyone in the EU to see this type of message, and we can confirm that this error did not result in face recognition being enabled without the person’s consent,” a Facebook spokesperson told us.

Here are the two notifications in question showing the setting on versus the setting off wordings:

This is interesting because Facebook has repeatedly refused to confirm it will be universally applying GDPR compliance measures across its entire global user-base.

Instead it has restricted its public commitments to saying the same “settings and controls” will be made available for users — which as we’ve previously pointed out avoids committing the company to a universal application of GDPR principles, such as privacy by design.

Given that Facebook’s facial recognition feature has been switched off in Europe since 2012 “the setting is on” message would presumably have only been sent to users in the US or Canada — where Facebook has been able to forge ahead with pushing people to accept the controversial, privacy-hostile technology, embedding it into features such as auto-tagging for photo uploads.

But it hardly bodes well for Facebook’s compliance with the EU’s strict new data protection standard if its systems are getting confused about whether or not a user is an EU person.

Facebook claims no data was processed without consent as a result of the wrong notification being sent — but under GDPR it could face investigations by data protection authorities seeking to verify whether or not an individual’s rights were violated. (Reminder: GDPR fines can scale as high as 4% of a company’s global annual turnover so privacy enforcement is at last getting teeth.)

Facebook’s appetite for continuing to push privacy hostile features on its user-base is clear. This strategic direction also comes from the very top of the company.

Earlier this month CEO and founder Mark Zuckerberg urged US lawmakers not to impede US companies from be using people’s data for sensitive use-cases like facial recognition — attempting to gloss that tough sell by claiming pro-privacy rules would risk the US falling behind China.

Meanwhile, last week it also emerged that Zuckerberg’s company will switch the location where most international users’ data is processed from its international HQ, Facebook Ireland, to Facebook USA. From next month only EU users will have their data controller located in the EU — other international users, who would have at least technically fallen under GDPR’s reach otherwise, on account of their data being processed in the region, are being shifted out of the EU jurisdiction — via a unilateral T&Cs change.

This move seems intended to try to shrink some of Facebook’s legal liabilities by reducing the number of international users that would, at least technically, fall under the reach of the EU regulation — which both applies to anyone in the EU whose data is being processed and also extends EU fundamental rights extraterritorially, carrying the aforementioned major penalties for violations.

However Facebook’s decision to reduce how many of its users have their data processed in the EU also looks set to raise the stakes — if, as it appears, the company intends to exploit the lack of a comprehensive privacy framework in the US to apply different standards for North American users (and from next month also for non-EU international users, whose data will be processed there).

The problem is, if Facebook does not perform perfect segregation and management of these two separate pools of users it risks accidentally processing the personal data of Europeans in violation of the strict new EU standard, which applies from May 25.

Yet here it is, on the cusp of the new rules, sending the wrong notification and incorrectly telling an EU user that facial recognition is on.

Given how much risk it’s creating for itself by trying to run double standards for data protection you almost have to wonder whether Facebook is trying to engineer in some compliance wiggle room for itself — i.e. by positioning itself to be able to claim that such and such’s data was processed in error.

Another interesting question is whether the unilateral switching of ~1.5BN non-EU international users to Facebook USA as data controller could be interpreted as a data transfer to a third country — which would trigger other data protection requirements under EU law, and further layer on the legal complexity…

What is clear is that legal challenges to Facebook’s self-serving interpretation of EU law are coming.

A UK journalist is suing Facebook for defamation over fake ads

A high-profile British journalist and entrepreneur has announced he plans to sue Facebook for defamation over fake adverts published on the site. 

Martin Lewis, founder of consumer help site MoneySavingExpert.com, announced he’s issuing High Court proceedings for a “campaigning defamation lawsuit against Facebook.” 

According to a statement, Facebook “has published over 50 fake Martin Lewis adverts,” which he claims are “regularly seen, likely by millions of people” in the UK. The “scam” adverts feature “big pictures” of Lewis alongside his name, and a “raft of false promises or endorsements,” and some link to fake articles. 

“Enough is enough. I’ve been fighting for over a year to stop Facebook letting scammers use my name and face to rip off vulnerable people – yet it continues,” Lewis said in a statement. “I feel sick each time I hear of another victim being conned because of trust they wrongly thought they were placing in me. One lady had over £100,000 taken from her.”

Examples of the ads shown on Facebook.

Examples of the ads shown on Facebook.

Image: mse

Image: mse

Lewis said that he had told Facebook that he doesn’t “do adverts,” adding that he’s asked the social network “not to publish them,” or to “check their legitimacy.” 

“This shouldn’t be difficult – after all, it’s a leader in face and text recognition. Yet it simply continues to repeatedly publish these adverts and then relies on me to report them, once the damage has been done,” says Lewis. 

A Facebook spokesperson told Mashable that they had “explained to Martin Lewis that he should report any adverts that infringe his rights,” and the ads “will be removed.” 

“We are in direct contact with his team, offering to help and promptly investigating their requests, and only last week confirmed that several adverts and accounts that violated our Advertising Policies had been taken down,” the spokesperson continued. 

But, according to Lewis’ statement, reporting these ads hasn’t really helped.

“Even when they are reported, many have been left up for days or weeks. And finally, when they are taken down the scammers just launch a new, nearly identical campaign very soon afterwards and the whole rigmarole starts again,” says Lewis. 

His lawyers are seeking exemplary damages, and Lewis says he plans to donate any money paid to him to anti-scam charities. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f85661%2fd19d13c5 05b1 46c9 9ab2 bdbc2692c407

Data scientist at centre of Cambridge Analytica scandal apologises for his role in it

The data scientist at the heart of the Cambridge Analytica scandal, Aleksandr Kogan, has apologised for his role in it.

Kogan spoke to 60 Minutes on Sunday, maintaining that at the time, he believed he was doing everything correctly, and that he wouldn’t have done anything to destroy his relationship with Facebook. 

But Kogan apologised for thinking that people knew they were giving away their data.

“Back then we thought it was fine. Right now my opinion has really been changed,” he told the program.  

“And it’s been changed in particular, because I think that core idea that we had — that everybody knows and nobody cares — was fundamentally flawed. And so if that idea is wrong, then what we did was not right and was not wise. And for that, I’m sincerely sorry.”

Facebook has since expressed remorse, taking out full-page ads to say sorry too back in April. Mark Zuckerberg also said sorry in Congress

Of course, things weren’t so contrite amid revelations of the scandal, when the social media giant said Kogan “lied” to them. He said Facebook allowed it to happen, because it “clearly has never cared” nor enforced its developer policy. 

Kogan’s app had a terms of service which allowed transfer or sale of user data, despite it being in conflict with Facebook policy.

“And they tell you that they can monitor it. And they can audit. And can let you know if you do anything wrong. I had a terms of service that was up there for a year and a half that said I could transfer and sell the data. Never heard a word [from Facebook],” he said.

“The belief in Silicon Valley and certainly our belief at that point was that the general public must be aware that their data is being sold and shared and used to advertise to them. And nobody cares.”

Kogan maintained he was being singled out by Facebook, even though he believes the problem is much bigger. He pointed to a former colleague, Joseph Chancellor, who now works for Facebook but said they “did everything together” for the Cambridge Analytica project and has escaped blame.

Facebook even worked with Kogan between 2013 and 2015, where he said he was brought in to teach staff about what he learnt from the data he collected from Cambridge Analytica.

Facebook confirmed to 60 Minutes that he did some “research and consulting” work with them, but wasn’t aware of Kogan’s Cambridge Analytica activities.

Https%3a%2f%2fvdist.aws.mashable.com%2fcms%2f2018%2f4%2f7bc2511f 3f89 e46d%2fthumb%2f00001

Cambridge Analytica whistleblower to testify next week in front of Congress

Get ready for the show.
Get ready for the show.

Image: TOLGA AKMEN/Getty Images

The Cambridge Analytica scandal isn’t going away. In fact, it’s heading straight to Washington, D.C. 

Christopher Wylie tweeted early Saturday morning that he would soon testify in front of Congress. Wylie made international waves when he came forward in a Guardian story to blow the whistle on the now infamous data analytics firm that misappropriated Facebook user data and worked on behalf of Donald Trump’s presidential campaign. 

“I have accepted invitations to testify next week at the US House Intelligence Committee and House Judiciary Committee,” he wrote. “Democracies around the world are under threat from malicious actors who seek to use social media as an information battleground. We must take this seriously.” 

The invitation he spoke of was signed by Representative Adam Schiff of California, and provides a few hints as to what questions Wylie will likely face. Spoiler, they’re about Donald Trump, Steve Bannon, and Russia.

“If your clients’s account and documentation is accurate,” wrote Schiff about Wylie, “this misappropriation of private data is a serious invasion of the privacy interests of the American people by Cambridge Analytica and potentially other individuals and entities, and raises important questions about Cambridge Analytica’s activities on behalf of then-candidate Donald Trump’s campaign during the 2016 U.S. elections, the specific roles of persons of interest, including Steve Bannon and Robert and Rebekah Mercer, as well as the firm’s ties to Russia.”

This of course follows on Facebook CEO Mark Zuckerberg’s testimony earlier this month in front of the Senate’s Judiciary and Commerce, Science, and Transportation Committees, as well as the House’s Energy and Commerce Committee.

At this point, however, it’s not clear when exactly Wylie will testify or if his testimony will be public. We reached out to Congressman Schiff’s office for comment but received no response as of press time. 

Either way, that Wylie is heading to Washington proves the story of Cambridge Analytica isn’t going away anytime soon — which is appropriate, after all, as neither is the fallout from the firm’s alleged actions. 

Https%3a%2f%2fvdist.aws.mashable.com%2fcms%2f2018%2f4%2f5a47408e 9fd0 ca38%2fthumb%2f00001