Tag Archives: facebook

Suggested Reading: Barcelona, LETS, Freedom of Speech and more

Some links I thought worth reading the past few days

Suggested Reading: DNA, Reboot, Decentralisation and more

Some links I thought worth reading the past few days

WhatsApp, Telegram, Signal, Threema

The second founder, Jan Koum, of WhatsApp has left Facebook, apparently over differences in dealing with encryption and the sharing of data of WhatsApp. The other founder, Brian Acton, had already left Facebook last September, over similar issues. He donated $50 million to the non-profit Signal Foundation earlier this year, and stated he wanted to work on transparent, open-source development and uncompromising data protection. (Koum on the other hand said he was going to spend time on collecting Porsches….) Previously the European Union fined Facebook 110 million Euro for lying about matching up data of Whatsapp with Facebook profiles when Facebook acquired Whatsapp in 2014. Facebook at the time said it couldn’t match Whatsapp and Facebook accounts automatically, then 2 years later did precisely that, while the technology for it already existed in 2014 of which Facebook was aware. Facbeook says “errors made in its 2014 filings were not intentional” Another “we’re sorry, honestly” moment for Facebook in a 15 year long apology tour since even before its inception.

I have WhatsApp on my phone but never use it to initiate contact. Some in my network however don’t use any alternatives.

The gold standard for messaging apps is Signal by Open Whisper Systems. Other applications such as Whatsapp, FB Messenger or Skype have actually incorporated Signal’s encryption technology (it’s open after all), but in un-testable ways (they’re not open after all). Signal is available on your phone and as desktop app (paired with your phone). It does require you to disclose a phone number, which is a drawback. I prefer using Signal, but the uptake of Signal is slow in western countries.

Other possible apps using end-to-end encryption are:
Threema, a Switzerland based application, I also use but not with many contacts. Trust levels in the application are partly based on exchanging keys when meeting face to face, adding a non-tech layer. It also claims to not store metadata (anonymous use possible, no phone necessary, not logging who communicates with whom, contact lists and groups locally on your device etc). Yet, the app itself isn’t open for inspection.

Telegram (originating in Russia, but now banned for not handing over encryption keys to Russian authorities, and now also banned in Iran, where it has 40 million users, 25% of its global user population.) I don’t use Telegram, and don’t know many in my network who do.

Interestingly the rise in using encrypted messaging is very high in countries high on the corruption perception index. It also shows how slowly Signal is growing in other countries.

VPN tools will allow you to circumvent blocking of an app, by pretending to be in a different country. However VPN, which is a standard application in all businesses allowing remote access to employees, itself is banned in various countries (or only allowed from ‘approved’ VPN suppliers, basically meaning bans of a messaging app will still be enforced).

Want to message me? Use Signal. Use Threema if you don’t want to disclose a phone number.

Twitter Not GDPR Compliant (nor Flickr, nor ….)

Many tech companies are rushing to arrange compliance with GDPR, Europe’s new data protection regulations. What I have seen landing in my inbox thus far is not encouraging. Like with Facebook, other platforms clearly struggle, or hope to get away, with partially or completely ignoring the concepts of informed consent and unforced consent and proving consent. One would suspect the latter as Facebooks removal of 1.5 billion users from EU jurisdiction, is a clear step to reduce potential exposure.

Where consent by the data subject is the basis for data collection: Informed consent means consent needs to be explicitly given for each specific use of person related data, based on a for laymen clear explanation of the reason for collecting the data and how precisely it will be used.
Unforced means consent cannot be tied to core services of the controlling/processing company when that data isn’t necessary to perform a service. In other words “if you don’t like it, delete your account” is forced consent. Otherwise, the right to revoke one or several consents given becomes impossible.
Additionally, a company needs to be able to show that consent has been given, where consent is claimed as the basis for data collection.

Instead I got this email from Twitter earlier today:

“We encourage you to read both documents in full, and to contact us as described in our Privacy Policy if you have questions.”

and then

followed by

You can also choose to deactivate your Twitter account.

The first two bits mean consent is not informed and that it’s not even explicit consent, but merely assumed consent. The last bit means it is forced. On top of it Twitter will not be able to show content was given (as it is merely assumed from using their service). That’s not how this is meant to work. Non-compliant in other words. (IANAL though)

Suggested Reading: GDPR, Fintech, China and more

Some links I think worth reading today.

Facebook GDPR Changes Unimpressive

It seems, from a preview for journalists, that the GDPR changes that Facebook will be making to its privacy controls, and especially the data controls a user has, are rather unimpressive. I had hoped that with the new option to select ranges of your data for download, you would also be able to delete specific ranges of data. This would be a welcome change as current options are only deleting every single data item by hand, or deleting everything by deleting your account. Under the GDPR I had expected more control over data on FB.

It also seems they still keep the design imbalanced, favouring ‘let us do anything’ as the simplest route for users to click through, and presenting other options very low key, and the account deletion option still not directly accessible in your settings.

They may or may not be deemed to have done enough towards implementing GDPR by the data protection authorities in the EU after May 25th, but that’s of little use to anyone now.

So my intention to delete my FB history still means the full deletion of my account. Which will be effective end of this week, when the 14 day grace period ends.

From Semi Freddo to Full Cold Turkey with FB

I’ve disengaged from Facebook (FB) last October, mostly because I wanted to create more space for paying attention, and for active, not merely responsive, reflection and writing, and realised that the balance between the beneficial and destructive aspects of FB had tilted too much to the destructive side.

My intention was to keep my FB account, as it serves as a primary channel to some professional contacts and groups. Also FB Messenger is the primary channel for some. However I wanted to get rid of my FB history, all the likes, birthday wishes etc. Deleting material is possible but the implementation of it is completely impractical: every element needs to be deleted separately. Every like needs to be unliked, every comment deleted, every posting on your own wall or someone else’s wall not just deleted but also the deletion confirmed as well. There’s no bulk deletion option. I tried to use a Chrome plugin that promised to go through the activity log and ‘click’ all those separate delete buttons, but it didn’t work. The result is that deleting your data from Facebook means deleting every single thing you ever wrote or clicked. Which can easily take 30 to 45 mins to just do for a single month worth of likes and comments. Now aggregate that over the number of years you actively used FB (about 5 years in my case, after 7 years of passive usage).

The only viable path to delete your FB data therefore is currently to delete the account entirely. I wonder if it will be different after May, when the GDPR is fully enforced.

Not that deletion of your account is easy either. You don’t have full control over deletion. The link to do so is not available in your settings interface, but only through the help pages, and it is presented as submitting a request. After you confirm deletion, you receive an e-mail that deletion of your data will commence after 14 days. Logging back in in that period stops the clock. I suspect this will no longer be enough when the GDPR enters into force, but it is what it currently is.

Being away from FB for a longer time, with the account deactivated, had the effect that when I did log back in (to attempt to delete more of my FB history), the FB timeline felt very bland. Much like how watching tv was once not to be missed, and then it wasn’t missed at all. This made me realise that saying FB was the primary channel for some contacts which I wouldn’t want to throw away, might actually be a cop-out, the last stand of FOMO. So FB, by making it hard to delete data while keeping the account, made it easy to decide to delete my account altogether.

Once the data has been deleted (which can take up to 90 days according to FB after the 14 day grace period), I might create a new account, with which to pursue the benefits of FB, but avoid the destructive side and with 12 years of Facebook history wiped. Be seeing you!


FB’s mail confirming they’ll delete my account by the end of April.

Algorithms That Work For Me, Not Commodotise Me

Stephanie Booth, a long time blogging connection, has been writing about reducing her Facebook usage and increasing her blogging. She says at one point

As the current “delete Facebook” wave hits, I wonder if there will be any kind of rolling back, at any time, to a less algorithmic way to access information, and people. Algorithms came to help us deal with scale. I’ve long said that the advantage of communication and connection in the digital world is scale. But how much is too much?

I very much still believe there’s no such thing as information overload, and fully agree with Stephanie that the possible scale of networks and connections is one of the key affordances of our digital world. My rss-based filtering, as described in 2005, worked better when dealing with more information, than with less. Our information strategies need to reflect and be part of the underlying complexity of our lives.

Algorithms can help us with that scale, just not the algorithms that FB uses around us. For algorithms to help, like any tool, they need to be ‘smaller’ than us, as I wrote in my networked agency manifesto. We need to be able to control its settings, tinker with it, deploy it and stop it as we see fit. The current application of algorithms, as they usually need lots of data to perform, sort of demands a centralised platform like FB to work. The algorithms that really will be helping us scale will be the ones we can use for our own particular scaling needs. For that the creation, maintenance and usage of algorithms needs to have a much lower threshold than now. I placed it in my ‘agency map‘ because of it.

Going back to a less algorithmic way of dealing with information isn’t an option, nor something to desire I think. But we do need algorithms that really serve us, perform to our information needs. We need less algorithms that purport to aid us in dealing with the daily river of newsy stuff, but really commodotise us at the back-end.

Ton Zijlstra

17 April, 2018

“And you know what? After a week or ten days or so, my facebook feed started giving me the same feeling as daytime TV. … I stopped watching TV years ago.” says Stephanie Booth. Very recognisable.

Started Deleting My FB History

As a next step in rethinking my approach to using Facebook, I have started deleting my Facebook history. FB only let’s you delete things by hand, posting by posting, like by like, comment by comment. Which takes about as long or longer than the original time spent posting or liking. So I am using a Chrome plugin to do it for me by pretending to be me, going through all the delete and unlike links. I’m currently deleting 2014 data, to see how well that works. 2014 is the first full year I posted more than just the RSS feed of my blogposts, whereas 2013 and the years before that until October 2006 basically only contain my RSS feed, which only contains public material anyway.