Posts in Social media


It’s amazing how advertising can power huge companies. Google has over 57 000 employees and some 66 billion US dollars in revenue. And Facebook with 12 billion and 10 000 employees. These two giants are the best know providers of ad-financed services on the net. And modern advertising is targeted, which means that they must know what the users want to see. Which means that they must know you. Let’s take a closer look at Facebook. We have already written about their advertising preferences and I have been following my data for some time. Part of the data used to target ads is input by yourself, age, gender, hometown, movies you seen etc. But Facebook also analyzes what you do, both in Facebook and on other sites, to find out what you like. It’s obvious how the tracking works inside Facebook itself. Their servers just simply record what links you click. Tracking in the rest of the net is more sinister, it’s described in this earlier post. Your activity record is analyzed and you are assigned to classes of interest, called “Your Ad Preferences” by Facebook. Advertisers can then select classes they want to target, and the ad may be shown to you based on these classes. You can view and manage the list using a page that is fairly well hidden deep in Facebook’s menus. Let’s check your preferences in moment, but first some thoughts about this. Advertising may be annoying, but it is the engine that drives so many “free” services nowadays. So I’m not going to blame Facebook for being ad-financed. I’m not going to blame them for doing targeted ads either. That can in theory be a good thing, you see more relevant ads that potentially can be of value to you. But any targeted ad scheme must be based on data collection, and this is the tricky part. Can we trust Facebook et al. to handle these quite extensive personal profiles and not misuse them for other purposes? It’s also nice that Facebook is somewhat open about this and let you view “Your Ad Preferences” (Note. Not available in all countries.). But that name is really misleading. The name should be “Facebook’s Ad Preferences for You”. Yes, you can view and delete classes, but that gives you a false sense of control. Facebook keeps analyzing what you do and deleted classes will reappear shortly. I made a full clean-up a couple of months ago, but now I have no less than 210 classes of interest again! This is really amazing if you take into account that I block tracking outside of Facebook, so those activities are not contributing. And I have a principle of not clicking ads in any on-line media, including Facebook. And liking commercial pages in a very restrictive manner. But the thing is that Facebook has realized that people dislike ads. “Suggested posts” or “Sponsored posts” are in fact masqueraded ads and any interaction with them will record your interest in the classes they represent. I have to admit that I do click this kind of content regularly. And where did that suicide thing come from? No, I’m fine. I’m not going to jump off a bridge and I’m not worried about any of my dearests’ mental health. I have not interacted with any kind of Facebook content related to suicide. Except that I can’t know that for sure. Facebook tries to give an open and honest image of itself when presenting its Ad Preferences settings and the possibilities to manage them. But this rosy picture is not the full truth. The inner workings of Facebook advertising is in reality a very complex secret system. When you interact with something on Facebook, you have no way of knowing how it affects your profile. Something I have clicked was apparently associated with suicides even if I had no clue about it. Ok, time to take the Facebook personality test. Let’s see what kind of person they think you are. Follow these instructions: Go to Facebook and locate an ad, a “sponsored post” or a “suggested post”. These items should have a cross or a down-arrow in the upper right corner. Click it. Select “Why am I seeing this?” from the pop-up menu. This screen contains some interesting info but proceed to “Manage your ad preferences”. Review the list and come back here to tell us what you think of it. Delete the inappropriate classes. Deleting all may reduce the number of ads you see.   So let’s see what people think about this test’s accuracy:   [polldaddy poll=9023953]   So using Facebook’s Ad Preferences as a personality test may be entertaining, but not very accurate after all. You should probably look elsewhere for a real test. The catch is that you can select what test to take, but not how others collect data about you. Someone else may rely on this test when evaluating you. You have actually granted Facebook the right to share this data with basically anyone. Remember this clause in the agreement that you read and approved before signing up? “We transfer information to vendors, service providers, and other partners who globally support our business, such as providing technical infrastructure services, analyzing how our Services are used, measuring the effectiveness of ads and services, providing customer service, facilitating payments, or conducting academic research and surveys.” You did read it before signing, didn’t you?   Safe surfing, Micke   Image: Screenshot from  

August 13, 2015

The user register of AshleyMadison has been hacked. You don’t know what that is? Well, that’s perfectly fine. It’s a dating site for people who want to cheat on their spouses. Many dislike this site for moral reasons, but there is apparently a demand for it. The Canadian site has some 37 million users globally! Some user data has already been leaked out and the hackers, calling themselves Impact Team, have announced that they will leak the rest unless the site shuts down. So this hack could contribute to many, many divorces and a lot of personal problems! "We will release all customer records, profiles with all the customers' sexual fantasies, nude pictures and conversations and matching credit card transactions, real names and addresses." The Impact Team This is one hack in a long row, not the first and certainly not the last site hack where user data is leaked. But it is still remarkable because of the site’s sensitive nature. Think about it. What kind of information do you store in web portals and what bad could happen if that data leaks out? If you are cheating on your spouse, then that is probably one the most precious secrets you have. Disclosure of it could have devastating effects on your marriage, and maybe on your whole life. Millions of users have put their faith in AshleyMadison’s hands and trusted them with this precious secret. AshleyMadison didn’t misuse the data deliberately, but they failed to protect it properly. So it’s not that far-fetched to say that they cheated on the cheaters. What makes the AshleyMadison hack even worse is the site’s commercial nature. Users typically pay with a credit card issued in their own name. They can appear anonymously to their peers, but their true identities are known to the site owner, and stored in the database. So any leaked information can be linked reliably to real people. The sad thing is that the possibility of a leak probably never even crossed the mind of these 37 million users. And this is really the moral of the story. Always think twice before storing sensitive information in a data system. You must trust the operator of the system to not misuse your data, but also to have the skills, motivation and resources to protect it properly. And you have very poor abilities to really verify how trustworthy a site is. This is not easy! Refraining from using a site is naturally the ultimate protection. But we can’t stop using the net altogether. We must take some risks, but let’s at least think about it and reflect over what a compromised site could mean. This hack is really interesting in another way too. AshleyMadison is a highly controversial site as cheating is in conflict with our society’s traditional moral norms. The hack is no doubt a criminal act, but some people still applaud it. They think the cheaters just got what they deserved. What do you think? Is it right when someone takes the law in his own hands to fight immorality? Or should the law be strictly obeyed even in cases like this? Can this illegal hacking be justified with moral and ethical arguments? [polldaddy poll=8989656]       Micke   Image: Screenshot from  

July 21, 2015
Mikko Hypponen What Twitter knows

At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for, like a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason

May 15, 2015
nano freedome

When an enigmatic and groundbreaking artist started making waves on Youtube, the public was simultaneously curious and in awe of this new type of sonic assault, detached from any specific genre, culture or style. nano draws on life experience accumulated in NYC and Japan to create a truly global aesthetic. nano’s music transcends the confines of nationalities and ethnicities, and reflects nano’s “no national borders” motto. Despite being the product of a united and connected world, nano chooses to be shrouded with a veil of mystery and privacy. Like we here at Freedome, nano believes that personal privacy is a choice and the only person to control it should be YOU YOURSELF. We created Freedome because we LOVE the digital and connected world we all live in. We love it so much, that we want to give everyone the tools to enjoy it to the max by not having to worry about the negative sides that come with it. It’s all about choice and keeping control. A lot of your personal information is shared without your approval, and we should be able to share everything you want without fear of your stuff being stolen or used against you. Just like nano, we think that sharing your passions and keeping your privacy are not mutually exclusive. To celebrate our mutual  love for privacy and a connected world, nano has teamed up with Freedome with a special exclusive song, which can be found here. Join our global troop of digital freedom fighters. Your privacy, your choice.

April 22, 2015
Facebook, I love you, newsfeed

You should know that Facebook can play with your emotions. If you're reading this you're probably aware that your Facebook feed doesn't simply serve you the latest posts from the friends and pages you follow. Given that most of us follow hundred -- if not thousands -- of people, places and brands, a real-time feed would dramatically  change the Facebook experience. And it would likely greatly reduce engagement, which is the site's life force. But if you do know this, you may be in the minority. A new study from a team of researchers from University of Illinois at Urbana-Champaign, California State University, Fresno and the University of Michigan found that most of a group of 40 Facebook users, 62.5 percent had no idea that their feed is filtered by the world's largest social network. And not knowing that actually seemed to have negative affects on users' psyches. “In the extreme case, it may be that whenever a software developer in Menlo Park adjusts a parameter, someone somewhere wrongly starts to believe themselves to be unloved,” the researchers wrote. The study used a tool to create an unfiltered feed that showed them what they'd been missing. While they weren't thrilled how Facebook decided which friends posts they'd see, "[m]ost came to think that the filtering and ranking software was actually doing a decent job," Fusion's Alex Madrigal writes. In 2014, Facebook partnered in an academic paper that revealed it had manipulated users feeds to adjust how many positive and negative posts they saw. It found that moods were contagious. Positive feeds led to positive posts and vice versa. Users agree to such manipulation in Facebook's terms and conditions -- which you clearly know by heart -- but the revelation still led to a huge backlash. In the recent study, participants found that being aware they were being fed stories by Facebook's algorithm "bolstered overall feelings of control on the site" and led to more active engagement. So if you didn't know a formula was guiding your interactions before you probably already feel better. But there's more you can do if you want to make sure Facebook is showing you the things you actually want to see. 1. Be proactive. Go directly to the pages of the people, companies and artists you want to see more of then engage. Like posts or comments. Comment yourself. Share posts. Facebook's motivation is to keep you on the site as long as humanly possible--and it's very good at it. If it's not showing something you'd enjoy seeing, it probably would like to. So let it know. 2. Choose "Most Recent" posts.     In the left column of your home page, click on the arrow next to "News Feed". If you select "Most Recent", your experience will likely be less filtered. Though you still should not to expect to see every post that ends up on the site. 3. Go to News Feed Preferences. Click on the down arrow that's on every Facebook page and select News Feed Preferences. The goal here is to unfollow anything you're sick of seeing so you get more of what you do want. Or re-follow people or things you've missed. 4. Tell your feed what you like.         Facebook wants you to take an active role in adjusting your algorithm. That's why every post in your feed has a dim down arrow that you can select. If something really bugs you, tell Facebook you don't want to see and Unfollow the person or page. If you really love it, you can "Turn on notifications" which guarantees that every future post ends up in your notifications -- that little globe on the top navigation. Your notifications can act as a secondary newsfeed to make sure you don't miss posts from your favorites. 5. Switch to Twitter and Tweetdeck. If you want complete control over your newsfeed, you're never going to get it on Facebook. Even Twitter is moving away from this method of feeding content for a pretty simple reason, it needs more engagement. Given that Facebook and Twitter employee dozens if not hundred of programmers and experts paid to make their sites captivate you, they figure they're better at it than you. If you want to prove them wrong, Twitter's Tweetdeck app, which works in your browser, still offers unmediated newsfeeds so you can feed your own brain. Twitter isn't quite as personal or ubiquitous as Facebook -- but it is the next best thing. Try it out and see if you feel more loved. Cheers, Jason [Photo by Geraint Rowland | Flickr]

March 31, 2015

A new Mercedes. Nice. Or maybe an Audi R8? That would be cool. But hold it! Don’t sell your old car yet! Liking and sharing that giveaway campaign on Facebook will NOT give you a new car. Those prizes doesn’t even exist. They are just hoaxes. Internet and Facebook is full of crap, junk, rubbish, nonsense and gibberish. Nobody knows how many chain letters there are spreading some kind of unbelievable story. False celebrity news, bogus first-aid advice, phony charity campaigns and this kind of giveaways. We tend to think about these chain letters as hoaxes, pretty harmless jokes that doesn’t hurt us. But that’s not the full story. A hoax can be harmful, like the outright dangerous first aid advice that some people keep spreading. But a car giveaway is probably a harmless and safe prank, even if it’s false? No, not really. These chain letters are actually not traditional hoaxes, they are like-farming scams. There’s no free lunch, you don’t pay for Facebook with money but with your private data. The like-farming scams work in the same currency. You will not lose any money even if you like the page and share it. Instead you will participate in building a page with a lot of supporters, which is valuable and can be sold later. Needless to say, you will not get any of that money. Here’s how it works. Any business has a problem when starting on Facebook. An empty page without likes isn’t trustworthy. So the scammers set up a page containing anything that can go viral. A promise to get a luxury car works well. They just have to tell everyone to like the page and to share it as much as possible, to keep the chain reaction going and get even more likes. The scammers wait until there’s enough likes before they clean out the content, rename it and start looking for a buyer. The price is in “$ per k”, meaning dollars per 1000 likes. A page with 100 000 likes could sell for over $1000. So sharing the page can make quite a lot of money for the scammers if you have a lot of gullible friends, who in turn have a lot of gullible friends, and so on … The downside for you is that the likes stick even if the page is redesigned for some totally different purpose. Your face will be an evangelist for the page’s new owners and show up next to their brand. And you have no idea about what you will be promoting. I have friends who are anti-fur activists. You can probably imagine what one of them would feel when discovering that she likes a fur-coat designer! And finally some concrete advice. Review your list of old likes regularly. Remove everything except those things you truly like and want to support. When you encounter a giveaway post like this, check the involved brand’s main page in Facebook by searching for the brand name. You will in most cases notice that the giveaway is a totally different page that just is named similarly. That’s a strong scam indicator. Use common sense. From the above you get an idea about what likes in Facebook are worth. Does it make sense to give away luxury cars for this? Don’t participate in scams like this. It might feel tempting, but remember that your chance to win is exactly zero. Spread knowledge every time you see a scam of this kind. Comment with a link to this post or the appropriate description on Hoax-Slayer or Snopes.   Those sites are by the way fun and educating reading. I recommend spending some time there getting familiar with other types of hoaxes too. Read at least these two articles: Facebook car giveaway on Snopes and Facebook like-farming scams on Hoax-Slayer .   Safe surfing, Micke  

December 16, 2014
Facebook Terms and policies

You have seen them if you are on Facebook, and perhaps even posted one yourself. I’m talking about the statements that aim to defuse Facebook’s new terms of service, which are claimed to take away copyright to stuff you post. To summarize it shortly, the virally spreading disclaimer is meaningless from legal point of view and contains several fundamental errors. But I think it is very good that people are getting aware of their intellectual rights and that new terms may be a threat. Terms of service? That stuff in legalese that most people just click away when starting to use a new service or app. What is it really about and could it be important? Let’s list some basic points about them. The terms of service or EULA (End User License Agreement) is a legally binding agreement between the service provider and the user. It’s basically a contract. Users typically agree to the contract by clicking a button or simply by using the service. These terms are dictated by the provider of the service and not negotiable. This is quite natural for services with a large number of users, negotiating individual contracts would not be feasible. Terms of service is a defensive tool for companies. One of their primary goals is to protect against lawsuits. These terms are dictated by one part and almost never read by the other part. Needless to say, this may result in terms that are quite unfavorable for us users. This was demonstrated in London a while ago. No, we have not collected any children yet. Another bad thing for us users is the lack of competition. There are many social networks, but only one Facebook. Opting out of the terms means quitting, and going to another service is not really an option if all your friends are on Facebook. Social media is by its nature monopolizing. The upside is that terms of service can’t change the law. The legislation provides a framework of consumer and privacy protection that can’t be broken with an agreement. Unreasonable terms, like paying with your firstborn child, are moot. But be aware that the law of your own country may not be applicable if the service is run from another country. Also be aware that these terms only affect your relationship to the provider of the service. Intelligence performed by authorities is a totally different thing and may break privacy promises given by the company, especially for services located in the US. The terms usually include a clause that grant the provider a license to do certain things with stuff the users upload. There’s a legitimate reason for this as the provider need to copy the data between servers and publish it in the agreed way. This Facebook debacle is really about the extent of these clauses. Ok, so what about Facebook’s new terms of service? Facebook claim they want to clarify the terms and make them easier to understand, which really isn't the full story. They have all the time been pretty intrusive regarding both privacy and intellectual property rights to your content, and the latest change is just one step on that path. Most of the recent stir is about people fearing that their photos etc. will be sold or utilized commercially in some other way. This is no doubt a valid concern with the new terms. Let’s first take a look at the importance of user content for Facebook. Many services, like newspapers, rely on user-provided content to an increasing extent. But Facebook is probably the ultimate example. All the content you see in Facebook is provided either by the users or by advertisers. None by Facebook itself. And their revenue is almost 8 billion US$ without creating any content themselves. Needless to say, the rights to use our content is important for them. What Facebook is doing now is ensuring that they have a solid legal base to build current and future business models on. But another thing of paramount importance to Facebook is the users' trust. This trust would be severely damaged if private photos start appearing in public advertisements. It would cause a significant change in peoples relationship with Facebook and decrease the volume of shared stuff, which is what Facebook lives on. This is why I am ready to believe Facebook when they promise to honor our privacy settings when utilizing user data. Let’s debunk two myths that are spread in the disclaimer. Facebook is *not* taking away the copyright to your stuff. Copyright is like ownership. What they do, and have done previously too, is to create a license that grant them rights to do certain things with your stuff. But you still own your data. The other myth is that a statement posted by users would have some kind of legal significance. No, it doesn’t. The terms of service are designed to be approved by using the service, anyone can opt to stop using Facebook and thus not be bound by the terms anymore. But the viral statements are just one-sided declarations that are in conflict with the mutually agreed contact. I’m not going to dig deeper into the changes as it would make this post long and boring. Instead I just link to an article with more info. But let’s share some numbers underlining why it is futile for ordinary mortals to even try to keep up with the terms. I browsed through Facebook’s set of terms just to find 10 different documents containing some kind of terms. And that’s just the stuff for ordinary users, I left out terms for advertisers, developers etc. Transferring the text from all these into MS Word gave 41 pages with a 10pt font, almost 18 000 words and about 108 000 characters. Quite a read! But the worst of all is that there’s no indication of which parts have changed. Anyone who still is surprised by the fact that users don’t read the terms? So it’s obvious that ordinary user really can’t keep up with terms like this. The most feasible way to deal with Facebook’s terms of service is to consider these 3 strategies and pick the one that suits you best. Keep using Facebook and don’t worry about how they make money with your data. Keep using Facebook but be mindful about what you upload. Use other services for content that might be valuable, like good photos or very private info. Quit Facebook. That’s really the only way to decline their terms of service. By the way, my strategy is number 2 in the above list, as I have explained in a previous post. That’s like ignoring the terms, expecting the worst possible treatment of your data and posting selectively with that in mind. One can always put valuable stuff on some other service and post a link in Facebook. So posting the viral disclaimer is futile, but I disagree with those who say it’s bad and it shouldn’t be done. It lacks legal significance but is an excellent way to raise awareness. Part of the problem with unbalanced terms is that nobody cares about them. A higher level of awareness will make people think before posting, put some pressure on providers to make the terms more balanced, and make the legislators more active, thus improving the legal framework that control these services. The legislation is by the way our most important defense line as it is created by a more neutral part. The legislator should, at least in theory, balance the companies’ and end users’ interests in a fair way.   Safe surfing, Micke   Image: Screenshot from

December 3, 2014
privacy settings twitter

When it comes to privacy, Twitter's simplicity has always been its key advantage. Your tweets are public or they are protected. Of course, this implicit agreement with users has never been that simple. "Protected" tweets turned out to be searchable -- they aren't anymore. And if one of your followers decides to share your tweets through a manual retweet or a screenshot, you're just as exposed as you would be if your tweets were public. But that's true of any form of digital -- or real world -- communication. Now, Twitter is getting even more complicated to become in hopes of becoming as mainstream as Facebook, which is trying to improve the revelancy of its feed in order to replace Twitter as the go-to online destination for monitoring breaking news. You may have noticed that Twitter's is slowly rolling out changes to its web experience that may alter the way people understand the service. Tweets that have been favorited but not retweeted by people you follow may show up in your stream. More changes like location-based alerts and native video will soon follow. The closer-to-original Twitter experience still exists -- and will likely always exist -- in apps like Tweetdeck. But no matter how you use the service, your activity on and off the site is being tracked to improve outcomes for advertisers. This makes sense. It is a business and since you're not paying to use this valuable service, you are its product -- even if you're using the site for business. By offering tools like its free analytics, the site is striving to make it clear how useful it is and build good will as it evolves. However, Twitter recognizes that its users just may want to avoid allowing more "big data" tentacles into our digital brains. Thus it allows you to opt out of some tracking and features that may feel invasive. Here's how to do that: Go to your "Security and privacy" section of your Settings. Scroll all the way down. If you're interested in maximum privacy, I recommend your uncheck the three boxes at the bottom of the page -- Discoverability, Personalization and Promoted Content -- then click "Save changes". While you're on this page, make sure you're taking advantage of Twitter's best security tool: Login verification. Turn on two-factor authentication by activating "Send login verification requests to my phone". Twitter's biggest security problem is that everyone in the world knows your login. Unless you turn on Login verification, all an intruder needs is your password. You may also want to make sure "Tweet location" is off and erase all of your previous locations, if you're worried about being tracked in the real world. One last thing while you're checking your settings, click on Apps. Then "Revoke access" of any you're not using. Not sure if you're not using an app? Get rid of it and you can always renew its access later. Cheers, Jason [Image courtesy of Rosaura Ochoa via Flickr.]

December 1, 2014