If you use Facebook, then you know that the social networking site serves ads based upon your interests. And, you''d probably be surprised at what Facebook thinks you are interested in versus what you are really interested in.
To see what Facebook thinks you are interested in, you will need to access your Ad Preferences page. Sign into your Facebook account using the browser interface, and click on the triangle drop-down menu icon in the upper right corner. Next select Settings, and then select Ads in the left column. Your Ad Preferences page looks like this:
Facebook has neatly organized what it thinks your interests are into several categories: Your Interests, Advertisers You've Interacted With, Your Information, and Ad Settings. Open the Your Interests module:
This module includes several sub-categories: News & Entertainment, Business & Industry, Hobbies & Activities, Travel Places, & Events, People, Technology, and Lifestyle. Mouse over an item to reveal both an explanation why that item appears in your list and the "X" delete button. Click on the "X" button to remove that item.
Facebook has collected impressively long lists about what it thinks your interests are. So, click on the "See More" links within each sub-category. Facebook ads interest items based upon links you've selected, groups you've joined, ads you have viewed, the photos/videos you have uploaded, items (e.g., groups, events, status messages) you have "Liked," and more. There's plenty to browse, so you'll probably want to set aside 15 minutes to review and delete items.
There is a sneaky aspect to Facebook's interface. An item may appear in several categories. So, if you delete it in one category don't assume it was deleted in other categories. You'll have to visit each sub-category and delete it there, too. And, there is no guarantee Facebook won't re-add that item later based upon your activities within the site and/or mobile app.
Caution: even if you delete everything, Facebook will still show advertisements. Why? That's what the social networking service is designed to do. That's its business model. Even if you stop clicking "Like" buttons, Facebook will use alternate criteria to display ads. You can control or limit the topics for ads, but you can't stop ads entirely.
The Your Information module includes toggle switches to either activate or deactivate groups of items within your profile which Facebook uses to display ads:
It's probably wise to re-visit your Ad Preference page once yearly to delete items. What do you think?
A class-action lawsuit against Uber claims that the ride-sharing company manipulated its mobile app to simultaneously short-change drivers and over-charge riders. Ars Technica reported:
"When a rider uses Uber's app to hail a ride, the fare the app immediately shows to the passenger is based on a slower and longer route compared to the one displayed to the driver. The software displays a quicker, shorter route for the driver. But the rider pays the higher fee, and the driver's commission is paid from the cheaper, faster route, according to the lawsuit.
"Specifically, the Uber Defendants deliberately manipulated the navigation data used in determining the fare amount paid by its users and the amount reported and paid to its drivers," according to the suit filed in federal court in Los Angeles."
"Jones also confirmed the departure with a blistering assessment of the company. "It is now clear, however, that the beliefs and approach to leadership that have guided my career are inconsistent with what I saw and experienced at Uber, and I can no longer continue as president of the ride-sharing business," he said in a statement to Recode."
Prior to joining Uber, Jones had been the Chief Marketing Officer (CMO) at Target stores. Travis Kalanick, the Chief Executive Officer at Uber, disclosed that he met Jones at a Ted conference in Vancouver, British Columbia, Canada.
Given these movements by executives, one might wonder what is happening at Uber. A brief review of the company's history found controversy accompanying its business practices. Earlier this month, an investigative report by The New York Times described a worldwide program by Uber executives to thwart code enforcement inspections by governments:
"The program, involving a tool called Greyball, uses data collected from the Uber app and other techniques to identify and circumvent officials who were trying to clamp down on the ride-hailing service. Uber used these methods to evade the authorities in cities like Boston, Paris and Las Vegas, and in countries like Australia, China and South Korea.
Greyball was part of a program called VTOS, short for “violation of terms of service,” which Uber created to root out people it thought were using or targeting its service improperly. The program, including Greyball, began as early as 2014 and remains in use, predominantly outside the United States. Greyball was approved by Uber’s legal team."
An example of how the program and Greyball work:
"Uber’s use of Greyball was recorded on video in late 2014, when Erich England, a code enforcement inspector in Portland, Ore., tried to hail an Uber car downtown in a sting operation against the company... officers like Mr. England posed as riders, opening the Uber app to hail a car and watching as miniature vehicles on the screen made their way toward the potential fares. But unknown to Mr. England and other authorities, some of the digital cars they saw in the app did not represent actual vehicles. And the Uber drivers they were able to hail also quickly canceled."
"An Uber spokesman said Friday that the company has not used the Greyball program in Portland since then. Portland Commissioner Dan Saltzman said Monday that the investigation will focus on whether Uber has used Greyball, or any form of it, to obstruct the city's enforcement of its regulations. The review would examine information the companies have already provided the city, and potentially seeking additional data from them... The investigation also will affect Uber's biggest competitor, Lyft, Saltzman said, though Lyft did not operate in Portland until after its business model was legalized, and there's no indication that it similarly screened regulators... Commissioner Nick Fish earlier called for a broader investigation and said the City Council should seek subpoena powers to determine the extent of Uber's "Greyball" usage..."
"In a Tuesday letter to Governor Andrew Cuomo, Assembly Speaker Carl Heastie and Senate Majority Leader John Flanagan, UTA President John Tomassi wrote accused the company of possibly having used the Greyball technology in New York to evade authorities in areas where ride-hailing is not allowed. Uber and companies like it are authorized to operate only in New York City, where they are considered black cars. But UTA’s concerns about Greyball are spurred in part by reported pick-ups in some suburban areas."
"... news that President Barack Obama's former adviser and campaign strategist David Plouffe has joined the company as senior VP of policy and strategy delivers a strong message to its enemies: Uber means business. How dare you disrupt our disruption? You're going down.
Here in the Land of Lincoln, Plouffe's hiring adds another layer of awkward personal politics to the Great Uber Debate. It's an increasingly tangled web: Plouffe worked in the White House alongside Rahm Emanuel when the Chicago mayor was Chief of Staff. Emanuel, trying to strike a balance between Uber-friendly and cabbie-considerate, recently passed a bill that restricts Uber drivers from picking up passengers at O'Hare, Midway and McCormick Place... Further complicating matters, Emanuel's brother, Hollywood super-agent Ari Emanuel, has invested in Uber..."
That debate also included the Illinois Governor, as politicians try to balance the competing needs of traditional taxi companies, ride-sharing companies, and consumers. The entire situation raises questions about why there aren't Greyball investigations by more cities. Is it due to local political interference?
That isn't all. In 2014, Uber's "God View" tool raised concerns about privacy, the company's tracking of its customers, and a questionable corporate culture. At that time, an Uber executive reportedly suggested that the company hire opposition researchers to dig up dirt about its critics in the news media.
Uber's claims in January 2015 of reduced drunk-driving accidents due to its service seemed dubious after scrutiny. ProPublica explained:
"Uber reported that cities using its ridesharing service have seen a reduction in drunk driving accidents, particularly among young people. But when ProPublica data reporter Ryann Grochowski Jones took a hard look at the numbers, she found the company's claim that it had "likely prevented" 1,800 crashes over the past 2.5 years to be lacking... the first red flag was that Uber didn't include a methodology with its report. A methodology is crucial to show how the statistician did the analysis... Uber eventually sent her a copy of the methodology separately, which showed that drunk-driving accidents involving drivers under 30 dropped in California after Uber's launch. The math itself is fine, Grochowski Jones says, but Uber offers no proof that those under 30 and Uber users are actually the same population.
This seems like one of those famous moments in intro statistics courses where we talk about correlation and causality, ProPublica Editor-in-Chief Steve Engelberg says. Grochowski Jones agrees, showcasing how drowning rates are higher in the summer as are ice cream sales but clearly one doesn't cause the other."
Similar claims by Uber about the benefits of "surge pricing" seemed to wilter under scrutiny. ProPublica reported in October, 2015:
"The company has always said the higher prices actually help passengers by encouraging more drivers to get on the road. But computer scientists from Northeastern University have found that higher prices don’t necessarily result in more drivers. Researchers Le Chen, Alan Mislove and Christo Wilson created 43 new Uber accounts and virtually hailed cars over four weeks from fixed points throughout San Francisco and Manhattan. They found that many drivers actually leave surge areas in anticipation of fewer people ordering rides. "What happens during a surge is, it just kills demand," Wilson told ProPublica."
"... that consumers can benefit from surge pricing. They find this is the case when a market isn’t fully served by traditional taxis when demand is high. In short, if you can’t find a cab on New Year’s Eve, Daniels’ research says you’re better off with surge pricing... surge pricing allows service to expand during peak demand without creating idleness for drivers during normal demand. This means that more peak demand customers get rides, albeit at a higher price. This also means that the price during normal demand settings drops, allowing more customers service at these normal demand times."
In other words, "can benefit" doesn't ensure that riders will benefit. And "allows service to expand" doesn't ensure that service will expand during peak demand periods. "Surge pricing" does ensure higher prices. A better solution might be surge payments to drivers during peak hours to expand services. Uber will still make more money with more rides during peak periods.
The surge-pricing concept is a reminder of basic economics when prices are raised by suppliers. Demand decreases. A lower price should follow, but the surge-price prevents that. As the prior study highlighted, drivers have learned from this: additional drivers don't enter the market to force down the higher surge-price.
"... the company received five claims of rape and “fewer than” 170 claims of sexual assault directly related to an Uber ride as inbound tickets to its customer service database between December 2012 and August 2015. Uber provided these numbers as a rebuttal to screenshots obtained by BuzzFeed News. The images that were provided by a former Uber customer service representative (CSR) to BuzzFeed News, and subsequently confirmed by multiple other parties, show search queries conducted on Uber’s Zendesk customer support platform from December 2012 through August 2015... In one screenshot, a search query for “sexual assault” returns 6,160 Uber customer support tickets. A search for “rape” returns 5,827 individual tickets."
That news item is interesting since it includes several images of video screens from the company's customer support tool. Uber's response:
"The ride-hail giant repeatedly asserted that the high number of queries from the screenshots is overstated, however Uber declined BuzzFeed News’ request to grant direct access to the data, or view its data analysis procedures. When asked for any additional anonymous data on the five rape complaint tickets it claims to have received between December 2012 and August 2015, Uber declined to provide any information."
"I joined Uber as a site reliability engineer (SRE) back in November 2015, and it was a great time to join as an engineer... After the first couple of weeks of training, I chose to join the team that worked on my area of expertise, and this is where things started getting weird. On my first official day rotating on the team, my new manager sent me a string of messages over company chat. He was in an open relationship, he said, and his girlfriend was having an easy time finding new partners but he wasn't. He was trying to stay out of trouble at work, he said, but he couldn't help getting in trouble, because he was looking for women to have sex with... Uber was a pretty good-sized company at that time, and I had pretty standard expectations of how they would handle situations like this. I expected that I would report him to HR, they would handle the situation appropriately, and then life would go on - unfortunately, things played out quite a bit differently. When I reported the situation, I was told by both HR and upper management that even though this was clearly sexual harassment and he was propositioning me, it was this man's first offense, and that they wouldn't feel comfortable giving him anything other than a warning and a stern talking-to... I was then told that I had to make a choice: (i) I could either go and find another team and then never have to interact with this man again, or (ii) I could stay on the team, but I would have to understand that he would most likely give me a poor performance review when review time came around, and there was nothing they could do about that. I remarked that this didn't seem like much of a choice..."
Her story seems very credible. Based upon this and other events, some industry watchers question Uber's value should it seek more investors via an initial public offering (IPO):
"Uber has hired two outside law firms to conduct investigations related to the former employee's claims. One will investigate her claims specifically, the other is conducting a broader investigation into Uber's workplace practices...Taken together, the recent reports paint a picture of a company where sexual harassment is tolerated, laws are seen as inconveniences to be circumvented, and a showcase technology effort might be based on stolen secrets. That's all bad for obvious reasons... What will Uber's valuation look like the next time it has to raise money -- or when it attempts to go public?"
"In the past few weeks, Uber’s touted self-driving technology has come under both legal and public scrutiny after Alphabet — Google’s parent company — sued Uber over how it obtained its technology. Alphabet alleges that the technology for Otto, a self-driving truck company acquired by Uber last year, was stolen from Alphabet’s own Waymo self-driving technology... Alphabet alleges Otto founder Anthony Levandowski downloaded proprietary data from Alphabet’s self-driving files. In December 2015, Levandowski download 14,000 design files onto a memory card reader and then wiped all the data from the laptop, according to the lawsuit.
The lawsuit also lays out a timeline where Levandowski and Uber were in cahoots with one another before the download operation. Alphabet alleges the two parties were in communications with each other since the summer of 2015, when Levandowski still worked for Waymo. Levandowski left Waymo in January 2016, started Otto the next month and joined Uber in August as vice president of Uber’s self-driving technology after Otto was purchased by Uber for $700 million... This may become the biggest copyright infringement case brought forth in Silicon Valley since Apple v. Microsoft in 1994, when Apple sued Microsoft over the alleged likeness in the latter’s graphic user interface."
The Boston Public Library (BPL) offers a wide variety of programs, events and workshops for the public. The Grove Hall branch is offering several sessions of the free workshop titled, "Recognizing Fake News."The workshop description:
"Join us for a workshop to learn how to critically watch the news on television and online in order to detect "fake news." Using the News Literacy Project's interactive CheckologyTM curriculum, leading journalists and other experts guide participants through real-life examples from the news industry."
"Fake news is just as it sounds: news that is misleading and not based on fact or, simply put, fake. Unfortunately, the literal definition of fake news is the least complicated aspect of this complex topic. Unlike satire news... fake news has the intention of disseminating false information, not for comedy, but for consumption. And without the knowledge of appropriately identifying fake news, these websites can do an effective job of tricking the untrained eye into believing it’s a credible source. Indeed, its intention is deception.
To be sure, fake news is nothing new... The Internet, particularly social media, has completely manipulated the landscape of how information is born, consumed, and shared. No longer is content creation reserved for official publishing houses or media outlets. For better or for worse, anybody can form a platform on the Internet and gain a following. In truth, we all have the ability to create viral news—real or fake—with a simple tweet or Facebook post."
The News Literacy Project is a nonpartisan national nonprofit organization that works with educators and journalists to teach middle school and high school students how to distinguish fact from fiction.
The upcoming workshop sessions at the BPL Grove Hall branch are tomorrow, March 11 at 3:00 pm, and Wednesday, March 29 at 1:00 pm. Participants will learn about the four main types of content (e.g., news, opinion, entertainment, and advertising), and the decision processes journalists use to decide which news to publish. The workshop presents real examples enabling workshop participants to test their skills at recognizing the four types of content and "fake news."
While much of the workshop content is targeted at students, adults can also benefit. Nobody wants to be duped by fake or misleading news. Nobody wants to mistake advertising or opinion for news. The sessions include opportunities for participants to ask questions. The workshop lasts about an hour and registration is not required.
Several dozen human rights organizations, civil liberties advocates, and legal experts published an open letter on February 21,2017 condemning a proposal by the U.S. Department of Homeland Security to require the social media credentials (e.g., usernames and passwords) of all travelers from majority-Muslim countries. This letter was sent after testimony before Congress by Homeland Security Secretary John Kelly. NBC News reported on February 8:
"Homeland Security Secretary John Kelly told Congress on Tuesday the measure was one of several being considered to vet refugees and visa applicants from seven Muslim-majority countries. "We want to get on their social media, with passwords: What do you do, what do you say?" he told the House Homeland Security Committee. "If they don't want to cooperate then you don't come in."
His comments came the same day judges heard arguments over President Donald Trump's executive order temporarily barring entry to most refugees and travelers from Syria, Iraq, Iran, Somalia, Sudan, Libya and Yemen. Kelly, a Trump appointee, stressed that asking for people's passwords was just one of "the things that we're thinking about" and that none of the suggestions were concrete."
"The undersigned coalition of human rights and civil liberties organizations, trade associations, and experts in security, technology, and the law expresses deep concern about the comments made by Secretary John Kelly at the House Homeland Security Committee hearing on February 7th, 2017, suggesting the Department of Homeland Security could require non-citizens to provide the passwords to their social media accounts as a condition of entering the country.
We recognize the important role that DHS plays in protecting the United States’ borders and the challenges it faces in keeping the U.S. safe, but demanding passwords or other account credentials without cause will fail to increase the security of U.S. citizens and is a direct assault on fundamental rights.
This proposal would enable border officials to invade people’s privacy by examining years of private emails, texts, and messages. It would expose travelers and everyone in their social networks, including potentially millions of U.S. citizens, to excessive, unjustified scrutiny. And it would discourage people from using online services or taking their devices with them while traveling, and would discourage travel for business, tourism, and journalism."
The letter was signed by about 75 organizations and individuals, including the American Civil Liberties Union, the American Library Association, the American Society of Journalists & Authors, the American Society of News Editors, Americans for Immigrant Justice, the Brennan Center for Justice at NYU School of Law, Electronic Frontier Foundation, Human Rights Watch, Immigrant Legal Resource Center, National Hispanic Media Coalition, Public Citizen, Reporters Without Borders, the World Privacy Forum, and many more.
If you travel for business, pleasure, or both then today's blog post will probably interest you. Wired Magazine reported:
"In the weeks since President Trump’s executive order ratcheted up the vetting of travelers from majority Muslim countries, or even people with Muslim-sounding names, passengers have experienced what appears from limited data to be a “spike” in cases of their devices being seized by customs officials. American Civil Liberties Union attorney Nathan Wessler says the group has heard scattered reports of customs agents demanding passwords to those devices, and even social media accounts."
Devices include smartphones, laptops, and tablets. Many consumers realize that relinquishing passwords to social networking sites (e.g., Facebook, Instagram, etc.) discloses sensitive information not just about themselves, but also all of their friends, family, classmates, neighbors, and coworkers -- anyone they are connected with online. The "Bring Your Own Device" policies by many companies and employers means that employees (and contractors) can use their personal devices in the workplace and/or connected remotely to company networks. Those connected devices can easily divulge company trade secrets and other sensitive information when seized by Customs and Border Patrol (CBP) agents for analysis and data collection.
Plus, professionals such as attorneys and consultants are required to protect their clients' sensitive information. These professionals, who also must travel, require data security and privacy for business.
Wired also reported:
"In fact, US Customs and Border Protection has long considered US borders and airports a kind of loophole in the Constitution’s Fourth Amendment protections, one that allows them wide latitude to detain travelers and search their devices. For years, they’ve used that opportunity to hold border-crossers on the slightest suspicion, and demand access to their computers and phones with little formal cause or oversight.
For travelers wanting privacy, what are the options? Remain at home? This may not be an option for workers who must travel for business. Leave your devices at home? Again, impractical for many. The Wired article provided several suggestions, including:
"If customs officials do take your devices, don’t make their intrusion easy. Encrypt your hard drive with tools like BitLocker, TrueCrypt, or Apple’s Filevault, and choose a strong passphrase. On your phone—preferably an iPhone, given Apple’s track record of foiling federal cracking—set a strong PIN and disable Siri from the lockscreen by switching off “Access When Locked” under the Siri menu in Settings.
Remember also to turn your devices off before entering customs: Hard drive encryption tools only offer full protection when a computer is fully powered down. If you use TouchID, your iPhone is safest when it’s turned off, too..."
"... Ars spoke with several legal experts, and contacted CBP itself (which did not provide anything beyond previously-published policies). The short answer is: your device probably will be seized (or "detained" in CBP parlance), and you might be kept in physical detention—although no one seems to be sure exactly for how long.
An unnamed CBP spokesman told The New York Times on Tuesday that such electronic searches are extremely rare: he said that 4,444 cellphones and 320 other electronic devices were inspected in 2015, or 0.0012 percent of the 383 million arrivals (presuming that all those people had one device)... The most recent public document to date on this topic appears to be an August 2009 Department of Homeland Security paper entitled "Privacy Impact Assessment for the Border Searches of Electronic Devices." That document states that "For CBP, the detention of devices ordinarily should not exceed five (5) days, unless extenuating circumstances exist." The policy also states that CBP or Immigration and Customs Enforcement "may demand technical assistance, including translation or decryption," citing a federal law, 19 US Code Section 507."
The Electronic Frontier Foundation (EFF) collects stories from travelers who've been detained and had their devices seized. Clearly, we will hear a lot more in the future about these privacy issues. What are your opinions of this?
[Editor's note: today's guest post is by reporters at ProPublica. I've posted it because, a) many consumers don't know how their personal information is bought, sold, and used by companies and social networking sites; b) the USA is capitalist society and the sensitive personal data that describes consumers is consumers' personal property; c) a better appreciation of "a" and "b" will hopefully encourage more consumers to be less willing to trade their personal property for convenience, and demand better privacy protections from products, services, software, apps, and devices; and d) when lobbyists and politicians act to erode consumers' property and privacy rights, hopefully more consumers will respond and act. Facebook is not the only social networking site that trades consumers' information. This news story is reprinted with permission.]
Facebook has long let users see all sorts of things the site knows about them, like whether they enjoy soccer, have recently moved, or like Melania Trump.
But the tech giant gives users little indication that it buys far more sensitive data about them, including their income, the types of restaurants they frequent and even how many credit cards are in their wallets.
Since September, ProPublica has been encouraging Facebook users to share the categories of interest that the site has assigned to them. Users showed us everything from "Pretending to Text in Awkward Situations" to "Breastfeeding in Public." In total, we collected more than 52,000 unique attributes that Facebook has used to classify users.
Facebook's site says it gets information about its users "from a few different sources."
What the page doesn't say is that those sources include detailed dossiers obtained from commercial data brokers about users' offline lives. Nor does Facebook show users any of the often remarkably detailed information it gets from those brokers.
"They are not being honest," said Jeffrey Chester, executive director of the Center for Digital Democracy. "Facebook is bundling a dozen different data companies to target an individual customer, and an individual should have access to that bundle as well."
When asked this week about the lack of disclosure, Facebook responded that it doesn't tell users about the third-party data because its widely available and was not collected by Facebook.
"Our approach to controls for third-party categories is somewhat different than our approach for Facebook-specific categories," said Steve Satterfield, a Facebook manager of privacy and public policy. "This is because the data providers we work with generally make their categories available across many different ad platforms, not just on Facebook."
Satterfield said users who don't want that information to be available to Facebook should contact the data brokers directly. He said users can visit a page in Facebook's help center, which provides links to the opt-outs for six data brokers that sell personal data to Facebook.
Limiting commercial data brokers' distribution of your personal information is no simple matter. For instance, opting out of Oracle's Datalogix, which provides about 350 types of data to Facebook according to our analysis, requires "sending a written request, along with a copy of government-issued identification" in postal mail to Oracle's chief privacy officer.
Users can ask data brokers to show them the information stored about them. But that can also be complicated. One Facebook broker, Acxiom, requires people to send the last four digits of their social security number to obtain their data. Facebook changes its providers from time to time so members would have to regularly visit the help center page to protect their privacy.
One of us actually tried to do what Facebook suggests. While writing a book about privacy in 2013, reporter Julia Angwin tried to opt out from as many data brokers as she could. Of the 92 brokers she identified that accepted opt-outs, 65 of them required her to submit a form of identification such as a driver's license. In the end, she could not remove her data from the majority of providers.
ProPublica's experiment to gather Facebook's ad categories from readers was part of our Black Box series, which explores the power of algorithms in our lives. Facebook uses algorithms not only to determine the news and advertisements that it displays to users, but also to categorize its users in tens of thousands of micro-targetable groups.
Our crowd-sourced data showed us that Facebook's categories range from innocuous groupings of people who like southern food to sensitive categories such as "Ethnic Affinity" which categorizes people based on their affinity for African-Americans, Hispanics and other ethnic groups. Advertisers can target ads toward a group 2014 or exclude ads from being shown to a particular group.
Last month, after ProPublica bought a Facebook ad in its housing categories that excluded African-Americans, Hispanics and Asian-Americans, the company said it would build an automated system to help it spot ads that illegally discriminate.
Facebook has been working with data brokers since 2012 when it signed a deal with Datalogix. This prompted Chester, the privacy advocate at the Center for Digital Democracy, to filed a complaint with the Federal Trade Commission alleging that Facebook had violated a consent decree with the agency on privacy issues. The FTC has never publicly responded to that complaint and Facebook subsequently signed deals with five other data brokers.
To find out exactly what type of data Facebook buys from brokers, we downloaded a list of 29,000 categories that the site provides to ad buyers. Nearly 600 of the categories were described as being provided by third-party data brokers. (Most categories were described as being generated by clicking pages or ads on Facebook.)
The categories from commercial data brokers were largely financial, such as "total liquid investible assets $1-$24,999," "People in households that have an estimated household income of between $100K and $125K, or even "Individuals that are frequent transactor at lower cost department or dollar stores."
We compared the data broker categories with the crowd-sourced list of what Facebook tells users about themselves. We found none of the data broker information on any of the tens of the thousands of "interests" that Facebook showed users.
Our tool also allowed users to react to the categories they were placed in as being "wrong," "creepy" or "spot on." The category that received the most votes for "wrong" was "Farmville slots." The category that got the most votes for "creepy" was "Away from family." And the category that was rated most "spot on" was "NPR."
ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.
"To the tens of thousands who participated in today’s Women’s March on Boston Common earlier today, Saturday, January 21, 2017, the men and women of the Boston Police Department would like to thank you for the high levels of respectful and responsible behavior on display throughout the day. Said Commissioner Evans: "Really impressed with the amount of respect and courtesy shown to my officers by everybody attending today's Women’s March and I’d just like to personally thank everybody who demonstrated in a peaceful, polite and respectful manner."
"... the enormous crowd began streaming from Boston Common onto Charles Street, heading to Clarendon Street, where they turned around. So many people marched that it took more than an hour and a half to file out of the Common. City officials estimated that 175,000 attended the demonstration... The Boston event was one of more than 600 marches being held nationwide and globally, on the day after Trump took office... Speakers at the Boston kickoff included Warren, Mayor Martin J. Walsh of Boston, US Senator Edward J. Markey, and Attorney General Maura Healey... By about 1 p.m., marchers began to hit the streets, though the crowd was so big that many had to wait before they could get out of the Common. The gathering was almost evenly split between men and women, and a diverse range of agendas was represented: climate change, antiracism, and Trump’s ties to Russia. On Twitter, Boston police thanked protesters for remaining peaceful."
There more demonstrations in Massachusetts in Falmouth, Greenfield, Nantucket, Provincetown, Northampton, and Pittsfield. Social networking posts about the Boston event by the BPD on Twitter:
Respectful behavior all around: marchers and law enforcement. Congratulations and thanks to everyone involved, plus very respectful messages on social networking sites by the BPD. Hopefully, in the future more citizens and police departments around the country will follow Boston's lead. That is truly #BostonStrong.
Yes, I live and work in Boston. What happened in your city? How did your city's law enforcement respond. Share below.
The operators of the AshleyMadison.com dating site have agreed to settlement with the U.S. Federal Trade Commission (FTC) for security lapses in a massive 2015 data breach. 37 million subscribers were affected and site's poor handling of its password-reset mechanism made accounts discover-able while the site had promised otherwise. The site was know for helping married persons find extra-marital affairs.
"... Defendants collect, maintain, and transmit a host of personal information including: full name; username; gender; address, including zip codes; relationship status; date of birth; ethnicity; height; weight; email address; sexual preferences and desired encounters; desired activities; photographs; payment card numbers; hashed passwords; answers to security questions; and travel locations and dates. Defendants also collect and maintain consumers’ communications with each other, such as messages and chats... Until August 2014, Defendants engaged in a practice of using “engager profiles” — that is, fake profiles created by Defendants’ staff who communicate with consumers in the same way that consumers would communicate with each other—as a way to engage or attract additional consumers to AshleyMadison.com. In 2014, there were 28,417 engager profiles on the website. All but 3 of the engager profiles were female. Defendants created these profiles using profile information, including photographs, from existing members who had not had any account activity within the preceding one or more years... Because these engager profiles contained the same type of information as someone who was actually using the website, there was no way for a consumer to determine whether an engager profile was fake or real. To consumers using AshleyMadison.com, the communications generated by engager profiles were indistinguishable from communications generated by actual members... When consumers signed up for AshleyMadison.com, Defendants explained that their system is “100% secure” because consumers can delete their “digital trail”.
More importantly, the complaint alleged that the operators of the site failed to protect subscribers' information in several key ways:
"a. failed to have a written organizational information security policy; b. failed to implement reasonable access controls. For example, they: i) failed to regularly monitor unsuccessful login attempts; ii) failed to secure remote access; iii) failed to revoke passwords for ex-employees of their service providers; iv) failed to restrict access to systems based on employees’ job functions; v) failed to deploy reasonable controls to identify, detect, and prevent the retention of passwords and encryption keys in clear text files on Defendants’ network; and vi) allowed their employees to reuse passwords to access multiple servers and services; c. failed to adequately train Defendants’ personnel to perform their data security- related duties and responsibilities; d. failed to ascertain that third-party service providers implemented reasonable security measures to protect personal information. For example, Defendants failed to contractually require service providers to implement reasonable security; and e. failed to use readily available security measures to monitor their system and assets at discrete intervals to identify data security events and verify the effectiveness of protective measures."
The above items read like a laundry list of everything not to do regarding information security. Several states also sued the site's operators. Toronto, Ontario-based Ruby Corporation (Formerly called Avid Life media), ADL Media Inc. (based in Delaware), and Ruby Life Inc. (d/b/a Ashley Madison) were named as defendants in the lawsuit. According to its website, Ruby Life operates several adult dating sites: Ashley Madison, Cougar Life, and Established Men.
The Ashley Madison site generated about $47 million in revenues in the United States during 2015. The site has members in 46 countries, and almost 19 million subscribers in the United States created profiles since 2002. About 16 million of those profiles were male.
Terms of the settlement agreement require the operators to pay $1.6 million to settle FTC and state actions, and to implement a comprehensive data-security program with third-party assessments. About $828,500 is payable directly to the FTC within seven days, with an equal amount divided among participating states. If the defendants fail to make that payment to the FTC, then the full judgment of $8.75 million becomes due.
The defendants must submit to the FTC a compliance report one year after the settlement agreement. The third-party assessment programs starts within 180 days of the settlement agreement and continues for 20 years with reports every two years. The terms prohibit the site's operators and defendants from misrepresenting to persons in the United States how their online site and mobile app operate. Clearly, the use of fake profiles is prohibited.
"AshleyMadison/Ruby’s use of chat-bot-based fake or “engager profiles” that lured users into upgrading/paying for full memberships was also addressed in the complaint. According to a report in Fortune Magazine, men who signed up for a free AshleyMadison account would be immediately contacted by a bot posing as an interested woman, but would have to buy credits from AshleyMadison to reply.
Gizmodo, among many other sites, has examined the allegations of fake female bots or “engager profiles” used to entice male users who were using Ashley Madison’s free services to convert to paid services: “Ashley Madison created more than 70,000 female bots to send male users millions of fake messages, hoping to create the illusion of a vast playland of available women.” "
13 states worked on this case with the FTC: Alaska, Arkansas, Hawaii, Louisiana, Maryland, Mississippi, Nebraska, New York, North Dakota, Oregon, Rhode Island, Tennessee, Vermont, and the District of Columbia. The State of Tennessee's share was about $57,000. Vermont Attorney General William H. Sorrell said:
“Creating fake profiles and selling services that are not delivered is unacceptable behavior for any dating website... I was pleased to see the FTC and the state attorneys general working together in such a productive and cooperative manner. Vermont has a long history of such cooperation, and it’s great to see that continuing.”
The Office of the Privacy Commissioner of Canada and the Office of the Australian Information Commissioner reached their own separate settlements with the company. Commissioner Daniel Therrien of the Office of the Privacy Commissioner of Canada said:
“In the digital age, privacy issues can impact millions of people around the world. It’s imperative that regulators work together across borders to ensure that the privacy rights of individuals are respected no matter where they live.”
Australian Privacy Commissioner Timothy Pilgrim stated:
"My office was pleased to work with the FTC and the Office of the Canadian Privacy Commissioner on this investigation through the APEC cross-border enforcement framework... Cross-border cooperation and enforcement is the future for privacy regulation in the global consumer age, and this cooperative approach provides an excellent model for enforcement of consumer privacy rights.”
Kudos to the FTC for holding a company's feet (and its officers' and executives' feet) to the fire to protect consumers' information.
During the 2016 political campaign, candidate (and now President Elect) Donald Trump said he would require all Muslims in the United States to register. Mr. Trump's words matter greatly given his lack of government experience. His words are all voters had to rely upon.
"Every American corporation, from the largest conglomerate to the smallest firm, should ask itself right now: Will we do business with the Trump administration to further its most extreme, draconian goals? Or will we resist? This question is perhaps most important for the country’s tech companies, which are particularly valuable partners for a budding authoritarian."
The companies queried included IBM, Microsoft, Google, Facebook, Twitter, and others. What's been the response? Well, IBM focused on other areas of collaboration:
"Shortly after the election, IBM CEO Ginni Rometty wrote a personal letter to President-elect Trump in which she offered her congratulations, and more importantly, the services of her company. The six different areas she identified as potential business opportunities between a Trump White House and IBM were all inoffensive and more or less mundane, but showed a disturbing willingness to sell technology to a man with open interest in the ways in which technology can be abused: Mosque surveillance, a “virtual wall” with Mexico, shutting down portions of the internet on command, and so forth."
"Recent reports about Twitter data being used for surveillance, however, have caused us great concern. As a company, our commitment to social justice is core to our mission and well established. And our policies in this area are long-standing. Using Twitter’s Public APIs or data products to track or profile protesters and activists is absolutely unacceptable and prohibited.
To be clear: We prohibit developers using the Public APIs and Gnip data products from allowing law enforcement — or any other entity — to use Twitter data for surveillance purposes. Period. The fact that our Public APIs and Gnip data products provide information that people choose to share publicly does not change our policies in this area. And if developers violate our policies, we will take appropriate action, which can include suspension and termination of access to Twitter’s Public APIs and data products.
We have an internal process to review use cases for Gnip data products when new developers are onboarded and, where appropriate, we may reject all or part of a requested use case..."
"A prominent supporter of Donald J. Trump drew concern and condemnation from advocates for Muslims’ rights on Wednesday after he cited World War II-era Japanese-American internment camps as a “precedent” for an immigrant registry suggested by a member of the president-elect’s transition team. The supporter, Carl Higbie, a former spokesman for Great America PAC, an independent fund-raising committee, made the comments in an appearance on “The Kelly File” on Fox News...
“We’ve done it based on race, we’ve done it based on religion, we’ve done it based on region,” Mr. Higbie said. “We’ve done it with Iran back — back a while ago. We did it during World War II with Japanese.”
"As Facebook and now Google face scrutiny for promoting fake news stories, Melissa Zimdars, a communication and media professor from Merrimack College in Massachusetts, has compiled a handy list of websites you should think twice about trusting. “Below is a list of fake, false, regularly misleading, and otherwise questionable ‘news’ organizations that are commonly shared on Facebook and other social media sites,” Zimdars explains. “Many of these websites rely on ‘outrage’ by using distorted headlines and decontextualized or dubious information in order to generate likes, shares, and profits.” (Click here to see the list.)
Be warned: Zimdars’s list is expansive in scope, and stretches beyond the bootleg sites (many of them headquartered in Macedonia) that write fake news for the sole reason of selling advertisements. Right-wing sources and conspiracy theorists like Breitbart and Infowars appear alongside pure (but often misinterpreted) satire like the Onion and The New Yorker’s Borowitz Report."
[Editor's note: Today's guest post was originally published by ProPublica on November 11, 2016. It is reprinted with permission. This prior post explained the problems with Facebook's racial advertising filters.]
Facing a wave of criticism for allowing advertisers to exclude anyone with an "affinity" for African-American, Asian-American or Hispanic people from seeing ads, Facebook said it would build an automated system that would let it better spot ads that discriminate illegally.
Federal law prohibits ads for housing, employment and credit that exclude people by race, gender and other factors.
Facebook said it would build an automated system to scan advertisements to determine if they are services in these categories. Facebook will prohibit the use of its "ethnic affinities" for such ads.
Facebook said its new system should roll out within the next few months. "We are going to have to build a solution to do this. It is not going to happen overnight," said Steve Satterfield, privacy and public policy manager at Facebook.
He said that Facebook would also update its advertising policies with "stronger, more specific prohibitions" against discriminatory ads for housing, credit and employment.
After ProPublica published an article about its ad purchase, Facebook was deluged with criticism. Four members of Congress wrote Facebook demanding that the company stop giving advertisers the option of excluding by ethnic group.
The federal agency that enforces the nation's fair housing laws said it was "in discussions" with Facebook to address what it termed "serious concerns" about the social network's advertising practices.
And a group of Facebook users filed a&n class-action lawsuit against Facebook, alleging that the company's ad-targeting technology violates the Fair Housing Act and the Civil Rights Act of 1964.
Facebook's Satterfield said that today's changes are the result of "a lot of conversations with stakeholders."
Facebook said the new system would not only scan the content of ads, but could also inject pop-up notices alerting buyers when they are attempting to purchase ads that might violate the law or Facebook's ad policies.
"We're glad to see Facebook recognizing the important civil rights protections for housing, credit and employment," said Rachel Goodman, staff attorney with the racial justice program at the American Civil Liberties Union. "We hope other online advertising platforms will recognize that ads in these areas need to be treated differently."
ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.
The Facebook social networking site introduced on October 28, 2016 a new feature where provides its voting-age users with previews of candidates and questions. The site presented users with the following ad:
Like other ads in the site, users can disable the ad. Users that select the "Preview Your Ballot" link will see next three pop-up pages which explain the new feature:
Then,, users can preview their ballot based upon where they live, which includes national candidates running for office and ballot questions. To view local candidates running for office and local ballot questions, users must provide Facebook with their complete street address:
Within the new feature, users can preview information about each candidates: Issue Positions, Endorsements, Recent Posts, and Website. "Issue Positions" links to content within the candidate's Facebook page. The "Endorsements" and "Recent Posts" selections link similar. "Website" links to the candidate's external website. Issue Positions includes the topics you might expect: budget, civil rights, economy, education, energy, environment, foreign policy, guns, health, immigration, infrastructure, military, Social Security, taxes, terrorism, and more.
Why did Facebook introduce this new feature? According to a popup within the feature:
"You're seeing this because you may be in a state that has a voter registration deadline or election coming up. We want to help people have their voice heard in the elections this year, so we're showing this message to people who are old enough to vote - no matter who they support.
We send reminders about voting every now and then. If you'd rather not see these in the future, click or tap the in the top right corner of the reminder and select Hide Reminder, then Hide all voting reminders."
"Voting is important... we’re encouraging civic participation. We want to make it easier for people who want to participate to do so, and to have a voice in the political process... Today, we’re introducing a new feature that shows you what’s on the ballot — from candidates to ballot initiatives. We also show you where the candidates stand on the issues...Not all states in America mail out sample ballots ahead of an election. This can make it challenging to find comprehensive information about the questions you’ll be expected to consider when you walk into the voting booth. Thanks to data gathered from election officials by the nonpartisan Center for Technology and Civic Life (CTCL), we can present you with a preview of the ballot you’ll receive on November 8. If you notice an issue with the CTCL data, we’ve built in a way for you to provide feedback and help correct the dataset.
Challenging to find information? What a load of bull. The Internet makes it easy to visit websites for candidates and ballot questions. Plus, information is available at every state. Example: ballot information in Massachusetts is available at websites by the Secretary of the Commonwealth and the City of Boston. Sample ballots were available during the primaries, too. Every state in the Union has a Secretary of State whose website you should visit anyway for elections and other information. Find your state in this list.
I first saw Facebook's new Elections Ballot feature on November 2, 2016 -- five days after the announcement, and less than 6 days before the November 8 Elections Day. You'd think that Facebook would have introduced this feature sooner; ideally, as soon as the main parties had nominated their candidates. Facebook didn't. Not good. And, the feature's availability may be too late for early voters.
What else is happening with this new feature? Several items are worth mentioning. First, executives at Facebook are probably well aware that two-thirds of the site's users get their news at the site. This new feature is clearly an attempt to keep users within the Facebook bubble: increase the amount of time on site and the number of pages viewed within the site.
Second, the accuracy of the new feature is suspect. I have never shared my residential address with Facebook, so the elections feature displayed 4 questions when there are actually 5 where I live. The fifth question is a local ballot iniative. Users like me, who haven't provided street address information, may get a wrong impression of what's on their ballot -- if they fail to read the fine print. And, we know that too many consumers never read the fine print.
Third, the local candidates and ballot questions are a slick way for Facebook to force users to share their residential street address information. Fourth, the new feature is an opportunity to capture users' voting information. Of course, not the official ballots, but the next closest thing. Users can select which candidates are their Favorites and share it with their Friends: people, coworkers, classmates, family, neighbors, and others they are connected to at the site. Favoriting a candidate within this new feature seems like a pretty explicit and accurate proxy instead of an official ballot:
Fifth, armed with this ballot information about its users, Facebook can probably charge more to advertisers (e.g., political campaigns, political action committees, pollsters, data brokers) interested in purchasing information about voting populations and/or buying targeted ads at the site. Consider this report by BuzzFeed from November 2014:
"At some point in the next two years, the pollsters and ad makers who steer American presidential campaigns will be stumped: The nightly tracking polls are showing a dramatic swing in the opinions of the electorate, but neither of two typical factors — huge news or a major advertising buy — can explain it. They will, eventually, realize that the viral, mass conversation about politics on Facebook and other platforms has finally emerged as a third force in the core business of politics, mass persuasion.
Facebook is on the cusp — and I suspect 2016 will be the year this becomes clear — of replacing television advertising as the place where American elections are fought and won. The vast new network of some 185 million Americans opens the possibility, for instance, of a congressional candidate gaining traction without the expense of television, and of an inexpensive new viral populism. The way people share will shape the outcome of the presidential election."
It seems that day has arrived. Shape the conversation and outcome, indeed. It's all driven by data -- big data -- data mining.
Sixth, the new feature raises questions and issues for users. Should Facebook know your voting decisions? Does Facebook have a right to know your voting decisions? Has Facebook earned the right to know your voting decisions? Facebook is a money-making enterprise, so it will sell your information to as many other companies as possible. According to the October 28 announcement:
"How you vote is a personal matter, and we’ve taken steps to make sure that you have utmost control over your plan. After you make a selection, you have to choose who you want to be able to see it (“Only me” or “Friends”). For example, you may want to be private about your choice for president, but share with friends your pick for a congressional race or a ballot initiative."
The language in the announcement seems to confusingly refer to the Facebook feature as voting, when it isn't. Do all of your friends need to know your voting preferences? What about friends with Facebook profiles that are open to the general public? In the latter case, anybody wandering in can view your voting information. Is that what you really want?
Not me. What happens in the voting booth stays in the voting booth. I may express concerns on Facebook, but my final vote is private. No doubt, some consumers will share their voting preferences without considering the implications.
I visited the CTCL website and found it underwhelming and lacking key information to uderstand what this organization really is and does. Not good.
What are your opinions of Facebook's new elections and ballot feature?
Imagine if, during the Jim Crow era, a newspaper offered advertisers the option of placing ads only in copies that went to white readers.
That's basically what Facebook is doing nowadays.
The ubiquitous social network not only allows advertisers to target users by their interests or background, it also gives advertisers the ability to exclude specific groups it calls "Ethnic Affinities." Ads that exclude people based on race, gender and other sensitive factors are prohibited by federal law in housing and employment.
Here is a screenshot of a housing ad that we purchased from Facebook's self-service advertising portal:
The ad we purchased was targeted to Facebook members who were house hunting and excluded anyone with an "affinity" for African-American, Asian-American or Hispanic people. (Here's the ad itself.)
When we showed Facebook's racial exclusion options to a prominent civil rights lawyer John Relman, he gasped and said, "This is horrifying. This is massively illegal. This is about as blatant a violation of the federal Fair Housing Act as one can find."
The Fair Housing Act of 1968 makes it illegal "to make, print, or publish, or cause to be made, printed, or published any notice, statement, or advertisement, with respect to the sale or rental of a dwelling that indicates any preference, limitation, or discrimination based on race, color, religion, sex, handicap, familial status, or national origin." Violators can face tens of thousands of dollars in fines.
The Civil Rights Act of 1964 also prohibits the "printing or publication of notices or advertisements indicating prohibited preference, limitation, specification or discrimination" in employment recruitment.
Facebook's business model is based on allowing advertisers to target specific groups 2014 or, apparently to exclude specific groups 2014 using huge reams of personal data the company has collected about its users. Facebook's microtargeting is particularly helpful for advertisers looking to reach niche audiences, such as swing-state voters concerned about climate change. ProPublica recently offered a tool allowing users to see how Facebook is categorizing them. We found nearly 50,000 unique categories in which Facebook places its users.
Facebook says its policies prohibit advertisers from using the targeting options for discrimination, harassment, disparagement or predatory advertising practices.
"We take a strong stand against advertisers misusing our platform: Our policies prohibit using our targeting options to discriminate, and they require compliance with the law," said Steve Satterfield, privacy and public policy manager at Facebook. "We take prompt enforcement action when we determine that ads violate our policies."
Satterfield said it's important for advertisers to have the ability to both include and exclude groups as they test how their marketing performs. For instance, he said, an advertiser "might run one campaign in English that excludes the Hispanic affinity group to see how well the campaign performs against running that ad campaign in Spanish. This is a common practice in the industry."
He said Facebook began offering the "Ethnic Affinity" categories within the past two years as part of a "multicultural advertising" effort.
Satterfield added that the "Ethnic Affinity" is not the same as race 2014 which Facebook does not ask its members about. Facebook assigns members an "Ethnic Affinity" based on pages and posts they have liked or engaged with on Facebook.
When we asked why "Ethnic Affinity" was included in the "Demographics" category of its ad-targeting tool if it's not a representation of demographics, Facebook responded that it plans to move "Ethnic Affinity" to another section.
Facebook declined to answer questions about why our housing ad excluding minority groups was approved 15 minutes after we placed the order.
By comparison, consider the advertising controls that the New York Times has put in place to prevent discriminatory housing ads. After the newspaper was successfully sued under the Fair Housing Act in 1989, it agreed to review ads for potentially discriminatory content before accepting them for publication.
Steph Jespersen, the Times' director of advertising acceptability, said that the company's staff runs automated programs to make sure that ads that contain discriminatory phrases such as "whites only" and "no kids" are rejected.
The Times' automated program also highlights ads that contain potentially discriminatory code words such as "near churches" or "close to a country club." Humans then review those ads before they can be approved.
Jespersen said the Times also rejects housing ads that contain photographs of too many white people. The people in the ads must represent the diversity of the population of New York, and if they don't, he says he will call up the advertiser and ask them to submit an ad with a more diverse lineup of models.
But, Jespersen said, these days most advertisers know not to submit discriminatory ads: "I haven't seen an ad with 'whites only' for a long time."
ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.
" 'How about we partner with Pokemon Go?' -- Said in every office at every agency for every client this morning."
Probably. The augmented-reality (AR) mobile game requires players to travel real-life streets to find and capture digital characters superimposed on locations and displayed on the screens of players' phones. The game's screens also display PokeStops and gyms, locations superimposed on real-life landmarks. The CNN video at the end of this blog post provides a good summary. The Apple iTunes site explains important game details:
"Search far and wide for Pokémon and items: Certain Pokémon appear near their native environment—look for Water-type Pokémon by lakes and oceans. Visit PokéStops, found at interesting places like museums, art installations, historical markers, and monuments, to stock up on Poké Balls and helpful items... As you level up, you’ll be able to catch more-powerful Pokémon to complete your Pokédex. You can add to your collection by hatching Pokémon Eggs based on the distances you walk... Take on Gym battles and defend your Gym: As your Charmander evolves to Charmeleon and then Charizard, you can battle together to defeat a Gym and assign your Pokémon to defend it against all comers."
What do we know so far about the AR game? What has happened since the game's launch? What happens when a mobile fantasy game combines real-life locations? Are non-players affected? What might be the implications for future AR games? I looked for answers, found plenty, and organized my findings into good, bad, and ugly categories -- with apologies to Mr. Leone and Mr. Eastwood.
"... Pokemon Go’s game designers have perfectly executed on the “Hook Model” — a framework for gamification and getting users to come back again and again and again."
Advocates have said that the game has gotten gamers off of their couches (e.g., butts) and out into the real world to get exercise, meet people, and explore locations they probably wouldn't have visited otherwise. Sounds good.
Within the game, PokeStops and gyms are located in publicly-accessible locations, such as theme parks, gardens, and museums. This has increased the sales at some nearby, small businesses. IGN reported on July 21:
"Bok Tower Gardens, a “contemplative garden” and National Historic Landmark located in Lake Wales, Fl, is saturated with PokeStops. The non-profit recorded a 10 to 15 percent increase in ticket sales during the first week of Pokemon Go’s release... So far, the only way to become a PokeStop or gym is to send in a request to Niantic Labs, but it isn't likely to be accepted unless the location is one of cultural significance or in a Pokemon Go deadzone."
"... to connect “Pokemon Go!” with real-world flora and fauna... This interactive, ranger-guided walk will allow visitors to uncover the creatures, both physical and virtual, that can be found within the National Lakeshore. They will learn how these creatures do or do not fit in with the rest of the environment, and what can be done to help them thrive. At the end of the program, visitors will be able to design their own Pokemon. “Trainers” of all ages are welcome."
"Many local Minneapolis businesses have considered, or implemented, special promotions to attract more mobile-gamers. Last week, Sencha Tea Bar in Stadium Village released three special shakes in correspondence with the three color teams of the game — red, yellow and blue — said store manager Josh Suwaratana. Suwaratana said the store does special shakes for other occasions, so the Pokemon shakes weren’t anything out of the ordinary... Sencha is also located next to a Pokestop — a real-life location where players can obtain items in the game. Suwaratana said the proximity to the Pokestop has helped business attract players."
"... I would encourage parents to seize the opportunity for their children to capitalize on this gaming experience while at the park or when running errands. My advice is not to judge this new gaming experience as all bad and in need of limits. Rather let’s embrace a step toward video games and virtual reality that may one day be tailored to inspiring those we love with autism spectrum disorder (ASD) to leave the house and receive points/rewards/tokens for gathering information from other people they encounter in the store, at work, or at a place of leisure. To me that sounds an awful lot like what I have been trying to get them to do by learning social skills in my office each week..."
To focus the world's attention upon the impacts to citizens and children, activists have added Pokemon characters to images from war zones. C/Net reported on July 26 that Khaled Akil, a Syrian artist:
"... has taken Pokemon Go creatures and Photoshopped them into pictures of his war-torn homeland, presenting a stark contrast between the whimsy of the augmented-reality game and the sobering day-to-day realities of war... In one image, a young boy walks his bike through a street lined by bombed-out buildings, a Vaporeon by his side. In another, a Pikachu rests on a block of rubble next to a burning car... the activist group Revolutionary Forces of Syria Media Office has been tweeting poignant photos of kids holding up printouts of popular Pokemon creatures, along with their locations, which are identified as being near areas of heavy fighting, and the words 'save me'..."
To view photos, follow the links in the C/Net article to Akil's website and Instagram account.
"During game play, please be aware of your surroundings and play safely. You agree that your use of the App and play of the game is at your own risk, and it is your responsibility to maintain such health, liability, hazard, personal injury, medical, life, and other insurance policies as you deem reasonably necessary for any injuries that you may incur while using the Services. You also agree not to use the App to violate any applicable law, rule, or regulation (including but not limited to the laws of trespass) or the Trainer Guidelines, and you agree not to encourage or enable any other individual to violate any applicable law, rule, or regulation or the Trainer Guidelines. Without limiting the foregoing, you agree that in conjunction with your use of the App you will not inflict emotional distress on other people, will not humiliate other people (publicly or otherwise), will not assault or threaten other people, will not enter onto private property without permission, will not impersonate any other person or misrepresent your affiliation, title, or authority, and will not otherwise engage in any activity that may result in injury, death, property damage, and/or liability of any kind."
The "Conduct, General Prohibitions, and Niantic’s Enforcement Rights" section of the policy also lists the responsibilities of players, including players will not:
"... trespass, or in any manner attempt to gain or gain access to any property or location where you do not have a right or permission to be..."
So, it is important for players to know their responsibilities. Do they? Keep reading.
"Members of the East Providence Police Department said “Pokemon Go” has drawn huge crowds of people to local parks after hours... Officers say they have responded to several calls about the crowds. “They are very peaceful, they’re not causing problems, but it is in a public area – in public parks – and people who live in those areas do deserve to have their rest at night,” said Maj. William Nebus of the East Providence Police Department. “Our parks do close at 9 p.m. and just to have 200 people lurking in overnight hours is not peaceful to the residents.”
Law enforcement in Michigan ticketed players with misdemeanors after late-night, 12:30 a.m. game play. Nearby property owners have found players intrusive. There are two implications. First, it's important for players to understand and comply with local town ordinances and hour restrictions. Second, taxpayers will likely absorb the additional costs of park maintenance, clean-up, and law enforcement patrols to address the increased foot traffic in local parks.
"Your account was permanently terminated for violations of the Pokémon GO Terms of Service. This includes, but is not limited to: falsifying your location, using emulators, modified or unofficial software and/or accessing Pokémon GO clients or backends in an unauthorized manner including through the use of third party software."
"Security researcher Adam Reeve noted that when some users sign into Pokemon Go through Google on Apple devices, they effectively give the game and its developer full access to their Google account; this means, that at least in theory, Niantic... can access players' Gmail-based email, Google Drive based files, photos and videos stored in Google Photos, and any other content within their Google accounts. From a technical perspective, Niantic could potentially send emails on your behalf, or copy and distribute your photos. This is obviously concerning. Perhaps even scarier - and more eye-opening - is that users are accepting such permissions en masse without regard for the risks."
The Offensive Privacy blog offered privacy tips given the game's usage of smartphone cameras:
"While it's a bit outlandish to think that Niantic collects the video streams from every device, it is always a possibility that cannot be completely ruled out. This means anything your camera sees could, in theory, be stored by Niantic... I suggest some common sense tactics that apply to all cameras and video streams when using the AR mode of the game: 1) Never allow the camera to see personal ID such as your license, passport, or other sensitive document; 2) Never let the camera see a license plate or government building. This is especially true for those working in high-security environments; and 3) Avoid letting the camera see street signs, your house, house numbers, etc. It's also possible that metadata could be embedded in the image and made available if the image is shared publicly..."
Regular readers of this blog are already familiar with the privacy issues associated with metadata collection. Some players may be surprised that tips to maintain privacy while playing requires effort.
One measure of popularity are parodies. There is a porn parody of the game titled, "Poke-mon Ho!" Depending upon your lifestyle, you might categorize this as "good." Yes, the parody reportedly is NSFW. No, I haven't seen it.
"The United States Holocaust Memorial Museum and Arlington National Cemetery, both in Washington, DC area, have both issued appeals for players to avoid hunting Pokemon on their sites. "Playing Pokemon Go in a memorial dedicated to the victims of Nazism is extremely inappropriate," said Andy Hollinger, director of communications at the United States Holocaust Memorial Museum in Washington, D.C., in a statement sent to CNNMoney. "We are attempting to have the Museum removed from the game," the statement said... Pokemon Go has a link set up for people to report sensitive locations and contact on its website... According to a statement from The Pokemon Company International and Niantic -- the creators of Pokemon Go -- Pokestops and gyms in the app are found at publicly accessible places. That includes historical markers, public art installations, museums, monuments -- and apparently churches."
I see two problems with the approach the game's developers used. First, the approach seems to have treated all public spaces the same, without considering the unique needs of cemeteries, memorials, and similar places. Game-play isn't appropriate everywhere. Second, Niantic's approach automatically included real-life locations as PokeStops and gyms without first obtaining the property owners' permissions. This approach places the burden on property owners (who aren't players nor participants) to opt-out of the game. Not good. Maybe this was a slick attempt to force property owners to participate. Not good.
"Jeffrey Marder, a resident of West Orange, N.J., found in the days after the release of the successful augmented reality game Pokémon Go, that strangers, phone in hand, had begun lingering outside his home. At least five of them knocked on Marder’s door and asked for access to his backyard to catch and add to their virtual collections of the Pokémon images, superimposed over the real world, that the game developer had placed at the residence without his permission."
"Scott Dodich and Jayme Gotts-Dodich, of St. Clair Shores, filed a class action lawsuit against Niantic, The Pokemon Company and Nintendo... The couple lives on a private cul-de-sac and alleges that over several weeks, Pokemon Go players parked their vehicles on their street and blocked driveways. The couple also alleges that players trespassed on lawns, trampled landscaping and peered into windows. The complaint also alleges that when Jayme Gotts-Dodich asked a Pokemon Go player to leave her property, the player told her to “shut up b****, or else... The suit alleges that the intentional, unauthorized placement of Pokestops and Pokemon gyms on or near private property constitutes a continuing invasion of use and enjoyment. Due to the ignored repeated requests for removal, the couple believes that Niantic is liable for nuisance and that all defendants have been unjustly enriched.”
If a disagreement arises between Niantic and a player, that may not be resolved in court in front of a jury of the gamer's peers. The Niantic Terms of Service policy strips gamers of that right:
"ARBITRATION NOTICE: EXCEPT IF YOU OPT OUT AND EXCEPT FOR CERTAIN TYPES OF DISPUTES DESCRIBED IN THE “AGREEMENT TO ARBITRATE” SECTION BELOW, YOU AGREE THAT DISPUTES BETWEEN YOU AND NIANTIC WILL BE RESOLVED BY BINDING, INDIVIDUAL ARBITRATION, AND YOU ARE WAIVING YOUR RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS ACTION OR REPRESENTATIVE PROCEEDING."
"Pokemon Go has added a new layer of excitement to a day at Disney World for those who seek that variety of enchantment. Disney is benefiting from the craze, even as non-players shake their heads while swerving around distracted gamers. This also could and should be just the beginning. It's only a matter of time before it rolls out its own augmented-reality app... A Disney app likely also wouldn't include a Pokemon-like battle element, at least not in terms of pitting Pluto against Yoda in combat. However, the Disney gym equivalent could be mini-game stations offering everything from speed Disney trivia matches to Virtual Magic Kingdom-type competitions... There are more than 200 Disney Store locations scattered across North America, and more than 120 overseas. These stores can also serve as character-collecting hubs, giving players a local connection for special events. It would also keep interest active outside of theme park visits..."
Microsoft Corporation announced yesterday its plan to purchase the LinkedIn.com social networking site for $26.2 billion, or $196 per share. The Boards of Directors at both companies have approved the transaction. Microsoft will fund the acquisition with additional debt. The high-tech giant explained the acquisition in a blog post:
"LinkedIn is the world’s largest and most valuable professional network and continues to build a strong and growing business. Over the past year, the company has launched a new version of its mobile app that has led to increased member engagement; enhanced the LinkedIn newsfeed to deliver better business insights; acquired a leading online learning platform called Lynda.com to enter a new market; and rolled out a new version of its Recruiter product to its enterprise customers. These innovations have resulted in increased membership, engagement and financial results, specifically:
- 19 percent growth year over year (YOY) to more than 433 million members worldwide, - 9 percent growth YOY to more than 105 million unique visiting members per month, - 49 percent growth YOY to 60 percent mobile usage, - 34 percent growth YOY to more than 45 billion quarterly member page views, and - 101 percent growth YOY to more than 7 million active job listings."
128 million (of the 433 million total) users are in the United States. For 2015, LinkedIn's GAAP (Generally Accepted Accounting Principles) net loss was $166 million. In 2014, the social site lost $15.7 million. The company's Talent Solutions business generates the most revenues, followed by advertising on the site and in the mobile app, and then the site's premium subscription service for memebers.
"This deal brings together the world’s leading professional cloud with the world’s leading professional network... I wanted to share with you how I think about acquisitions overall. To start, I consider if an asset will expand our opportunity — specifically, does it expand our total addressable market? Is this asset riding secular usage and technology trends? And does this asset align with our core business and overall sense of purpose?
The answer to all of those questions with LinkedIn is squarely yes. We are in pursuit of a common mission centered on empowering people and organizations. Along with the new growth in our Office 365 commercial and Dynamics businesses this deal is key to our bold ambition to reinvent productivity and business processes. Think about it: How people find jobs, build skills, sell, market and get work done and ultimately find success requires a connected professional world. It requires a vibrant network that brings together a professional’s information in LinkedIn’s public network with the information in Office 365 and Dynamics. This combination will make it possible for new experiences such as a LinkedIn newsfeed that serves up articles based on the project you are working on and Office suggesting an expert to connect with via LinkedIn to help with a task you’re trying to complete. As these experiences get more intelligent and delightful, the LinkedIn and Office 365 engagement will grow. And in turn, new opportunities will be created for monetization through individual and organization subscriptions and targeted advertising."
LinkedIn went public in 2011. Mashable reported about a possible consolidation in the social networking industry. More sites may be acquired:
"Many of the flashy social networks that Wall Street once fawned over — even if it didn't understand what exactly they do — are now looking for the exit door as the mood sours. LinkedIn, like Twitter and Yelp, has seen its stock obliterated throughout much of the year as social media firms (other than Facebook) are experiencing slower growth, and investors are experiencing less patience... In February, LinkedIn stock was nearly halved overnight after a single disappointing earnings report. The plunge was so severe that the company's CEO had to give a pep talk to his team and later gave away his bonus to employees suffering from financial whiplash... Twitter, arguably the second most anticipated social media IPO after Facebook, has seen its market cap fall to less than $10 billion in recent weeks..."
And, there are three related privacy issues. First, LinkedIn had a massive data breach in 2012, affecting 117 million persons. Hopefully, the acquisition will also help the social networking site improve its data security. If not, the profitability slide will likely continue.
Second, it is important to remember that during any corporate acquisition, the acquiring company gets the assets of the acquired company. Assets usually include databases of information about customers, current employees, former employees, and contractors. If you use LinkedIn or did business with the social site and never did business with Microsoft, then Microsoft will soon have your sensitive personal and payment information.
Third, the acquisition reinforces the impression that Microsoft bought in entirely to big data. Like Google, it wishes to collect as much information as possible about as many people as possible. Big data matters, especially to cloud services vendors.
Recently, some friends and I were discussing the wisdom of getting your news from social networking websites (e.g., Facebook, Twitter, Snapchat, Youtube, LinkedIn, etc.) instead of directly from news media sites. Apparently, many consumers get their news from such sites.
The Pew Research Center reported that most adults in the United States, 62 percent, get their news from social networking sites. The corresponding statistic in 2012 was 49 percent. Fewer social media site users get their news from other platforms: local television (46 percent), cable TV (31 percent), nightly network TV (30 percent), news websites/apps (28 percent), radio (25 percent), and print newspapers (20 percent).
Pew analyzed which social networking sites were used the most for news, and whether consumers used multiple sites to obtain news. The Pew Research Center found:
"Two-thirds of Facebook users (66 percent) get news on the site, nearly six-in-ten Twitter users (59 percent) get news on Twitter, and seven-in-ten Reddit users get news on that platform. On Tumblr, the figure sits at 31 percent..."
The corresponding statistics are 23 percent for Instagram, 21 percent for Youtube, 19 percent for LinkedIn, and 17 percent at Snapchat. The implications:
"Facebook is by far the largest social networking site, reaching 67% of U.S. adults. The two-thirds of Facebook users who get news there, then, amount to 44% of the general population. YouTube has the next greatest reach in terms of general usage, at 48% of U.S. adults. But only about a fifth of its users get news there, which amounts to 10% of the adult population. That puts it on par with Twitter, which has a smaller user base (16% of U.S. adults) but a larger portion getting news there."
About audience overlap, Pew found that most people (64 percent) get their news from one social media site. 26 percent get their news from two social media sites, and 10 percent get their news from three social media sites. Pew also found that more users at Reddit, Twitter, and LinkedIn seek out news versus stumbling across it by accident:
Percent of news users of each site who mostly get news online
Social Networking Site
While doing other things
Because they're looking for it
Who are the news users at the five largest social sites with news users? The users vary by site:
"... while there is some crossover, each site appeals to a somewhat different group. Instagram news consumers stand out from other groups as more likely to be non-white, young and, for all but Facebook, female. LinkedIn news consumers are more likely to have a college degree than news users of the other four platforms; Twitter news users are the second most likely."
The demographic data:
Some of you are probably wondering about Google+ and Pinterest. Pew removed three social media sites because:
The survey was conducted from January 12 to February 8, 2016 and included 4,654 respondents (4,339 by web and 315 by mail). The methodology included a randomly-selected subset of U.S. adults (6,301 total web-based persons and 474 total mail persons.
David Carroll, an associate professor of media design at Parsons School of Design, posted the warning below on Twitter. I checked my Facebook settings and this specific advertisement setting had indeed been changed. So, check yours today. It's fast and easy. It will take at most half a minute to check and change it.
What's driving this activity by the social network? The Washington Post summarized the situation well when it discussed new ad features the site introduced in 2014:
"Things are about to get better for Facebook customers! Not you. You are not a Facebook customer. Advertisers are Facebook customers. You are part of the Facebook product... Facebook, at its moneymaking core, is a system for showing ads to people... why we’re seeing this is because Facebook is not a social network. It is an advertising network... And it seems to be banking on what is always banks on: our unwillingness to change any default settings or think about the flip side of data sharing."
Now, go check and restore your ad settings to maintain privacy.
"We recently learned that a third party had obtained access to a set of Tumblr user email addresses with salted and hashed passwords from early 2013, prior to the acquisition of Tumblr by Yahoo. As soon as we became aware of this, our security team thoroughly investigated the matter. Our analysis gives us no reason to believe that this information was used to access Tumblr accounts. As a precaution, however, we will be requiring affected Tumblr users to set a new password."
That early May announcement directed users to reset their passwords, and use secure https connections. It didn't state the number of affected accounts. Well, now we know more.
"Independent security researcher Troy Hunt revealed today that he received a data dump that contains 65,469,298 emails and hashed passwords, which the anonymous donor said belonged to Tumblr users. The researcher tracked the data dump to The Real Deal Dark Web marketplace, where a hacker by the name of Peace (also known as Peace_of_mind) is selling it for 0.4255 Bitcoin ($225)..."
That's 65.4 million passwords compromised. A massive breach affecting about one out of every eight Tumblr users. The good news: Tumblr had encyrpted its users' passwords. The bad news: the hackers have broken the encryption. That means Tumblr users probably should, a) change their passwords again, and b) inquire what Tumblr is doing to better protect sensitive information so this doesn't happen again.
It seems that Tumblr's breach detection and security processes are both lacking. Softpedia also reported: