The wisdom of Ben (Stratechery) Thompson

It seems far more likely that Facebook will be directly regulated than Google; arguably this is already the case in Europe with the GDPR. What is worth noting, though, is that regulations like the GDPR entrench incumbents: protecting users from Facebook will, in all likelihood, lock in Facebook’s competitive position.

This episode is a perfect example: an unintended casualty of this weekend’s firestorm is the idea of data portability: I have argued that social networks like Facebook should make it trivial to export your network; it seems far more likely that most social networks will respond to this Cambridge Analytica scandal by locking down data even further. That may be good for privacy, but it’s not so good for competition. Everything is a trade-off.

Here is the link to the longer piece, to get them regularly you have to pay, definitely recommended, now more than ever.

Comments

Under the gpdr, must Facebook delete any data they hold on me, no matter where they got it from? (E.g. if they got it from other people I know in the real world)

In the EU, you own your data, not anyone else. So yes, if you request Facebook to delete all data that is in your profile, they pretty much have to do it. As noted in this extremely long running dispute, which Facebook continues to be on the losing side - 'The Advocate General in Europe’s highest court has said that the privacy campaigner Max Schrems is entitled to use his consumer status to sue Facebook Ireland through the Austrian courts.

However, Mr Schrems' consumer privilege was limited to his own Facebook account, and it would be against the rules for him to bring a class action suit against the social media site, the Advocate General said.

Mr Schrems has been locked in a long-running legal dispute with Facebook, claiming the US tech giant collects more private data than is permitted under European Union law.

Because Facebook’s European headquarters is in Ireland, his legal actions in the past have involved Facebook Ireland and the Irish Data Protection Commissioner.

Today's non-binding opinion by the European Court of Justice’s Advocate General relates to a case taken by Mr Schrems through the Austrian courts, in which he claims that Facebook operates in Europe with contracts that are illegal under EU consumer law.' https://www.rte.ie/news/courts/2017/1114/919881-data-protection/

Somewhat less obviously, data in someone else's profile may also be your data, to the extent that Facebook has a profile related to you, and not the other person. Shadow users, to be more precise - https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691

That genie isn't going back into the bottle. If your private information is already out there, it will stay there.

'lock in Facebook’s competitive position'

No, the idea is to basically prevent any company like Facebook from existing in the EU, as noted below.

'On Tuesday, the Irish High Court said it would ask the European Union’s top court to decide whether Facebook (fb) can continue to send Europeans’ personal data to its U.S. operations. And whatever the Court of Justice of the European Union (CJEU) decides will have major implications for many companies, not just Facebook.

Facebook has been relying on a legal mechanism called “standard contractual clauses” for its transatlantic data flows, ever since the CJEU cancelled the so-called Safe Harbor data-sharing agreement between the EU and the U.S. The court struck down the deal largely because it did not guarantee the safety of Europeans’ personal data from the U.S. National Security Agency (NSA) and its PRISM program.

That ruling came in a long-running case brought against Facebook by an Austrian law student named Max Schrems, who was concerned about the privacy of the personal information he puts onto the social network.

Schrems continued his fight after the Safe Harbor ruling, turning his attention to Facebook’s use of standard contractual clauses to send user data from its subsidiary in Ireland—where its EU operations are based—to the U.S. mothership.

Specifically, he wanted the Irish privacy regulator to declare that Facebook was breaking the terms of the mechanism as it could not stop the NSA from rifling through his communications.' http://fortune.com/2017/10/03/facebook-max-schrems-ireland-cjeu-privacy/

The EU seems much more aware of what sort of thing Facebook is than most Americans. Probably because Europe has centuries of experience with older fashioned surveillance states, the ones not run for profit.

(One need not to wonder if Stratechery is interested in the referer data, MR's reach, the conversion rate between clicks and membership, and of course, whatever data can be extracted from the Facebook, twitter, reddit information available through a visitor's own open data connections.)

"(One need not to wonder if Stratechery is interested in the referer data, MR’s reach, the conversion rate between clicks and membership, and of course, whatever data can be extracted from the Facebook, twitter, reddit information available through a visitor’s own open data connections.)"

Not interested at all. Don't have any trackers on my site outside of Google Analytics either, and I check that every other month or so out of idle curiosity (I do embed tweets, but I don't see that data).

'Don’t have any trackers on my site outside of Google Analytics either'

Well, apart from one of the largest ones, that is.

And no one running an efficient website generally ignores referer information - it is far too useful to see what is going on. For example, why did a web site suddenly gain 800% more visitors in 12 hours? Or where did all those fraudulent credit card number users come from? (Referer info can be spoofed or removed, of course, though depending on the browser, it can also defeat a VPN hiding an IP address in the server log. And this is completely leaving aside Flash, which is much, much more persistent than http_referer)

'and I check that every other month or so out of idle curiosity'

Google checks it a lot more often, and much more comprehensively. And to be honest, anyone with this framework - https://stratechery.com/membership/ - is not simply ignoring what is going on at a web site that allows one to be 'fully supported by my work at Stratechery.' Though who knows, maybe the sort of common skills known to anyone running a web site for profit in 2008 have atrophied in a more modern age. Particularly the conversion rate in terms of referer info - maybe you should check into that, it sounds as if you are really potentially leaving a lot of money on the table.

That Google, Facebook, et al are making money off you, without you earning any from them in return, is to your credit. Or debit, possibly.

Such kind words.

"No, the idea is to basically prevent any company like Facebook from existing in the EU, as noted below."

So it's clearly a popular product that millions of users in the EU like, but the neo-Puritans want to run it out of business. There are always people who want to publicly condemn other people. Who want to use the wheels of the state to enforce public morality. This is just one of those groups.

Would you have said the same about Standard Oil? People wanted to buy their products.

Standard Oil wasn't 'prevented from existing'. It was broken up into a bunch of smaller companies that people could still buy oil from.

These regulations won't prevent Facebook from existing.

The idea behind the regulations and the actual effect of them may be different.

Since the election of Obama, and more so with the election of Trump, the ruling elites have realized that politicians can speak to their voters without the traditional mediators - the media and the parties. This has clearly scared them. They are responding by making it hard for anyone to do what Trump did.

This is not a surprise. The Belgians have a tragic habit of voting for parties the ruling politicians do not like. So they have made all parties depend on the state for funding. And banned anyone else funding political parties. And then banned the parties they do not like from getting any state funding. Now the oligarchs in the traditional parties can rest easy that they won't lose an election.

I doubt that regulation will work. People will find a way to talk to each other freely. But the alternative is to pursue policies the voters like and that is unacceptable.

Excellent comment. +1

I am, however, not as hopeful that ‘people will find a way’. Guns are a very powerful method of control and getting around them is difficult.

People like to say that private companies like Facebook, Google, etc. have the right to censor content even if the government doesn't. However, when the government threatens firms with adverse regulation to get them to censor speech that the government itself would not be permitted to censor, then that distinction ceases to be salient. What's the difference between the government censoring speech and Facebook censoring speech on the government's behalf? Internet executives have already been hauled before Congress, where Congresspersons have demanded that they report on their "progress" in censoring their networks or risk additional regulation. A progress report is something a boss asks a subordinate for.

Facebook should innoculate itself from pressure to censor by declaring a policy of not censoring speech that the government itself would not be permitted to censor. Who could object to such a policy without revealing themselves to be in favor of government censorship? If Facebook can make such a promise credible, then that might stop the current game where would-be government censors keep threatening regulation until Facebook adopts their desired censorship regime.

Facebook should inoculate itself from pressure to censor by declaring a policy of not censoring speech that the government itself would not be permitted to censor.

Here you have the right argument, but only if Facebook were run by people who don't believe in censorship in the first place. That condition isn't satisfied, though.

In what seems like a contradiction of Thompson's view, according to this article in the NYT, it was third-party apps that collected data about users' lives: https://www.nytimes.com/2018/03/19/technology/facebook-data-sharing.html

Sort of - using data already gathered by Facebook is generally much more effective than attempting to somehow collect that data independently..

Of course, an app can have its own data collection framework apart from Facebook, especially when that app is installed on multiple systems that people use to communicate with each other.

"What is worth noting, though, is that regulations like the GDPR entrench incumbents: protecting users from Facebook will, in all likelihood, lock in Facebook’s competitive position."

Facebook doesn't seem to think so.

Thank you Tyler, for once, being on the side of freedom.

What programmers know, but maybe other people don't, is that the API is the law. It is the only law. One simply does not publish an open API and then in the boilerplate say "don't use it such and such."

Programmers know programmers, and they know that someone will exploit an API fully, and probably immediately.

So Facebook's real serious vulnerability here is that they didn't even "sell" your privacy. They gave it away at a colossal scale.

I don't really fear Facebook. I don't participate, and very rarely access it. It's basically a fad which has already peaked. If I were Mark Zuckerberg I'd be diversifying my portfolio very quickly.

I don't fear Amazon. I've never bought anything from them and given their politics I probably won't ever. Despite all the buzz and the decimation of physical channel retailing, they still account for a relatively small market share and still face stiff competition from WalMart and scores of niche online retailers with loyal followings.

I don't fear Apple. There's nothing that they produce that their many competitors can't. All they offer is an (for the time being anyway) upscale label which is quite useless to me, my prepaid cell phone service and my three year-old $10 flip phone which works just fine thank you. They'll be around for the long term, but perhaps not in the configuration they are today.

I DO fear Google, a completely evil company whose purpose these days is not to provide convenience and turn a buck but rather thought control among the "wrong kinds of people" who need their benevolent guidance. Anything the government can do to rein them in has my support.

Comments for this post are closed