Subscribe to Here’s the Deal, our politics
newsletter for analysis you won’t find anywhere else.
Thank you. Please check your inbox to confirm.
This week, Facebook revealed that security breaches on the social media site could expose personal data for approximately 50 million users. This comes as the company faces renewed criticisms for utilizing a hidden function to share users' contact information, like phone numbers and emails, with advertisers. Gizmodo reporter Kashmir Hill joins Hari Sreenivasan with more.
Facebook faced another privacy data breach this past week. The company admitted that attackers accessed 50 million accounts and that another 40 million were at risk. But there is another way your privacy is being compromised on Facebook and it's the subject of new reporting from Gizmodo as Kashmir Hill she joined us from San Francisco to talk about shadow contacts and the Facebook information you can't see or control.
Let's talk a little bit about the story that you had earlier this week. You talk about kind of a shadow profile that exists whether or not you exist on Facebook, whether or not you choose to have your identity revealed to Facebook. First, just for definitions sake, what are you talking about how does that happen?
Well, I call it shadow contact information. This is a profile for a person who is on Facebook. It's a profile that contains lots of information that you yourself having given to Facebook that they have collected from other sources. This is information that has been uploaded by people who know you from their contact books. So it may be e-mail addresses and phone numbers that you've used throughout your life. Facebook will absorb that from people who know you and layer onto your account and then you can't see or access access that information. But they use that information to make friend recommendation to you and also to target you with ads.
So for example if I've had a number of e-mail addresses in my past right so if you have me in your in your Rolodex you might have an e-mail account that is three years old or five years old one that I might not be using maybe it's a new job. So what happens. Do they have another data point on me with that old information?
Oh yeah exactly. So they probably know every e-mail address you've ever use for any job you've ever had. You know that e-mail address that you had in college. Every phone number that you've ever had you know probably the landline that you had as a kid. This is all layered onto your layered onto your account. And so this is why I originally became really interested in this concept because of people being so disturbed by their friend recommendations. Really creepy anecdotes from people like a psychiatrist whose patients were being recommended to each other they're a sex worker who was seeing her clients appear there. Even though she had you know communicated with them through a burner phone number and an e-mail address that she never used anywhere else as I was trying to figure out you know how it is that Facebook was so accurately able to make these predictions about who people knew and it what it boiled down to was the shadow contact information. If you have all the contact information that anybody has ever used and you're able to see into the contact books of millions of users you can just make connections between between people that are really incredible and really creepy like you basically know everybody in the world who has ever talked to anyone else in the world through an electronic means.
So what you're talking about if all of the people that are surrounding me and all of the contact information that exist about me in all of their different files technically speaking they own those files. Right? I can't go back to Facebook and say hey clean that information out because that's something that's in your phone and that's your information on me?
Right. What's so hard about this is it makes it impossible to protect your own privacy because you can't go out and scrub your information from the phone book or contact book or a Rolodex of anyone you've ever given it to your whole life. And then Facebook says they won't let you see this information because it's not your information. It belongs to the people who gave it to Facebook users and Europe actually have a very strong argument for why Facebook should show them this information because they there have this strong privacy law GDPR and it gives them the right to access the data that the company holds on them. And so I think they actually have a legal claim to get access to that information.
All right. Kashmir Hill of Gizmodo Media, joining us from California. Thanks so much.
Thanks for having me on.
Watch the Full Episode
Support Provided By: