Zuckerberg gaslights Congress

April 10, 2018 From elsewhere Comments 0 Comment

Facebook was warned five years ago that the “reverse-lookup” feature in its search engine could be used to harvest names, profiles, and phone numbers for virtually all its users. But the company ignored the red flags until last week, after it happened.

In prepared testimony to Congress released Monday, Mark Zuckerberg acknowledged that malefactors had used the reverse-lookup “to link people’s public Facebook information to a phone number,” he wrote (PDF). “When we found out about the abuse, we shut this feature down.” He said that Facebook only discovered the incidents two weeks ago.

Zuckerberg is set to testify at a joint hearing before the Senate’s Judiciary and Commerce committees on Tuesday, and then return to Capitol Hill on Wednesday to appear before the House Energy and Commerce Committee. This will be the first time Facebook’s billionaire founder and CEO has ever appeared before Congress. Last fall the company’s vice president and general counsel Colin Stretch appeared at the hearings probing Russia’s election interference campaign.

The hearings are a response to last month’s revelations that Cambridge Analytica, a U.K.-based consulting firm that worked for the Trump campaign, harvested data on as many as 87 million Facebook users without their knowledge.

Facebook revealed the separate reverse-lookup data spill while responding to the Cambridge Analytica controversy.

The issue was that Facebook allowed users to find anyone on the site by entering either their phone number or email address. In 2010, computer science researchers in Greece showed how spammers could use that feature to validate address lists and “craft personalized phishing emails that are far more efficient than traditional techniques by using personal information publicly available in social networks” (PDF).

But Zuckerberg’s written testimony reveals for the first time that it was phone number lookups that were used in the large scale scraping. That’s a more potent weapon for bulk harvesting, because a data miner can programatically cycle through every possible phone number to get a complete corpus. With some exceptions—custom privacy settings or accounts with no phone number attached—sequential mining would yield every Facebook profile. [Continue reading…]

Don’t miss the latest posts at Attention to the Unseen: Sign up for email updates.

Print this post

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Leave a Reply