View profile

Facebook shows off its GDPR designs (and doesn't invite us)

Revue
 
In the weeks leading up to its implementation, Facebook has made many appreciative noises about Europ
 
April 18 · Issue #122 · View online
The Interface
In the weeks leading up to its implementation, Facebook has made many appreciative noises about Europe’s General Data Protection Regulation. “We believe that everyone around the world deserves good privacy controls,” Mark Zuckerberg told Congress last week. “We’ve had a lot of these controls in place for years. The GDPR requires us to do a few more things, and we’re going to extend that to the world.”
Late last night, Facebook offered a preview of what those controls will look like. Here’s Deepa Seetharaman in the Journal:
As part of the changes, Facebook will this week begin to prompt its users in Europe to decide whether they would like to see targeted ads based on political, religious and relationship details they share on their profiles or from data collected by some of Facebook’s external partners. Facebook will also ask users to explicitly allow the company to use its facial-recognition technology, which the company relies on to identify people in images.
Facebook said it would allow users in the U.S. and the rest of the world to review those details in coming months.
Facebook held a briefing for reporters yesterday on the subject, but sadly did not invite The Interface. (Or Wired. Or Bloomberg. Among others.) According to TechCrunch’s Josh Constine, questions from reports focused on the design of this new data-sharing regime:
Feedback was heavily critical as journalists grilled Facebook’s deputy chief privacy officer Rob Sherman. Questions centered around how Facebook makes accepting the updates much easier than reviewing or changing them, but Sherman stuck to talking points about how important it was to give users choice and information.
“Trust is really important and it’s clear that we have a lot of work to do to regain the trust of people on our service” he said, giving us deja vu about Mark Zuckerberg’s testimonies before congress. “We know that people won’t be comfortable using Facebook if they don’t feel that their information is protected.”
Multiple reporters noted that the design seems intended to whisk you through your choices as quickly as possible. Here’s Constine again:
 As you’ll see at each step, you can hit the pretty blue “Accept And Continue” button regardless of whether you’ve scrolled through the information. If you hit the ugly grey “Manage Data Setting” button, you have to go through an interstitial where Facebook makes its argument trying to deter you from removing the info before letting you make and save your choice. It feels obviously designed to get users to breeze through it by offering no resistance to continue, but friction if you want to make changes.
Former Facebook employee Sandy Parakilas doesn’t like it, either. Here’s what he told Nitasha Tiku:
Sandy Parakilas, a former Facebook operations manager who warned the company about privacy issues, says Facebook appears to want to comply with the letter of the European rules, while changing as few of its data-handling practices as possible. “Everything about the page is designed to manipulate you into doing the thing they want,” he says. “The goal of the design exercise is to get you to accept, and not go into your settings and turn things off.”
This is a challenging project. Companies have little experience in designing for compliance, beyond the standards terms-of-service that everyone breezes through when they first create an account. It makes sense Facebook would default to the same breezy approach it takes with the terms of service to the GDPR. I would expect a similar approach from a Google, or a Twitter, or an Apple. Everyone agrees informed consent about data collection is a good thing. How to inform people, on the other hand, is a subject where there will be lots of disagreements.
Still, there’s room for criticism here. When your choices are “accept and continue” or “manage settings,” as they are in Facebook’s new compliance flow, it’s not clear you actually have much choice at all. The GDPR offers Facebook a new chance to build trust with users by forcing them to slow down and understand data privacy in much greater detail. It’s a chance the company has been seeking since the Cambridge Analytica scandal broke. But the designs it unveiled this week suggested the company is more interested in users forgetting it ever happened in the place.

Democracy
In one month, Facebook doubled the countries using its fact-checking tool
Iran bans government bodies from using foreign message apps
A Google update just created a big problem for anti-censorship tools
Elsewhere
Facebook Is Forming a Team to Design Its Own Chips
No boundaries for Facebook data: third-party trackers abuse Facebook Login
Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others
These Charts Show What Facebook's Media Backlash Looks Like
Here's What An Ad-Free Facebook Could Cost
Right-Wing Commentators Say YouTube Is Censoring Them, So They’re Starting to Move To Other Video Platforms
A Computer-Generated, Pro-Trump Instagram Model Said She Hacked Lil Miquela, Another CGI Instagram Model
Hackers keep robbing cryptocurrency YouTubers
Multilevel-Marketing and the Mass Hoax of Selling Yoga Pants on Facebook
Gay Sex For Rent: Landlords Are Offering Free Rooms To Young Men And Facebook Is Letting Them
Launches
Facebook is testing a way to let people watch video premieres in Facebook Live
Snap is putting ads that look like ads into the Snapchat camera
Snapchat gives 'subscriptions,' 'chats,' 'groups' tabs to select users
Takes
What Comes After The Social Media Empires
Milestones
Today this newsletter reached 3,000 subscribers. Thanks to everyone who has shared it with a friend, especially those who tweeted nice words about it. My vanity retweet program for nice words about The Interface is extremely inclusive, so please keep them coming!
And finally ...
Citizen Zuck: The making of Facebook's Mark Zuckerberg
Talk to me
Questions? Comments? Alternate GDPR compliance flow designs? casey@gmail.com
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue