The Federal Trade Commission (FTC) and U.S. Justice Department (DOJ) have been taking Facebook to task regarding its recent privacy blunders, including the company’s failure to comply with a 2012 FTC ruling over how Facebook handles its users’ data.
While the DOJ lawsuit is still being litigated, Facebook recently agreed to an FTC order that requires the company to pay $5 billion in fines and submit to a 20-year oversight program—including annual reviews of its privacy and data collection practices.
The finer points of the FTC’s ruling mostly affect Facebook’s business structure and won’t have an immediate impact on the user experience (if any at all). However, there are several changes to how Facebook collects and disseminates data that will affect users—some of which build upon existing changes Facebook recently made, likely in anticipation of what was coming down the pike.
Here’s a quick rundown of the privacy changes that you should know about, and how they affect you and your Facebook data.
New rules for sharing data with third-party apps and advertisers
The FTC ruling sets stricter standards for how Facebook deals with third-party apps and advertisers. Facebook is now required to remove third-party entities that don’t comply with Facebook’s policies or cannot reasonably justify their requests for specific data from Facebook’s users.
This means that these apps and advertisers no longer have carte-blanche access to user data and must explain exactly how and why that data will be used, but the exact standards for “justifying” requests are not defined. That lack of definition could lead to a lot of grey areas regarding these rules, but Facebook users have several tools for seeing how their data is brokered, and controlling access to it. Most importantly, this ruling doesn’t place limits on how facebook can learn more about you; rather, it’s attempting to curb what Facebook sells to advertisers.
Better transparency for facial-recognition technology
Facebook now has to clearly alert users that it uses facial-recognition technology, be more forthcoming about how and why it’s used, and alert users if it updates its technology or functionality beyond what users were originally asked to agree to. The company also has to get express consent from users in order to opt them into facial recognition features in the first place—something it notoriously overlooked in the past.
Paradoxically, it was both shocking and unsurprising when reports exposed how Facebook’s poor password data protection. Thankfully, as per the FTC ruling, all password data must now be fully encrypted and the company is now required to regularly scan for plain text storage on its servers. Similarly, Facebook won’t be able to ask new users your email passwords to their other services, either.
Restricted collection of phone numbers
In the past, Facebook had ways of finding (and then distributing) your phone number, even if you didn’t supply such data in your profile. With this new FTC ruling, Facebook is now barred from “using” phone numbers it obtained through security features, such as two-step verification.
What’s unclear, however, is what exactly “using” means. Collecting them? Selling them? It’s hard to say, and that’s frustrating since Facebook has a habit of “accidentally” collecting phone numbers. Thankfully, there are ways to delete such information from your profile and keep Facebook from snooping around your device’s contact information.
We won’t know the full effect users will see from these changes until they’re implemented and acted upon, but it’s hard to put much faith in these changes as long as the platform subsists on collecting and selling your data. We’ll have to wait and see how it all shakes out (including the still-in-progress DOJ lawsuit), but in the meantime, it may be wise to consider whether Facebook is worth keeping—or if you should delete it for good.
On Tuesday Facebook announced Libra, a cryptocurrency that it will launch (along with 27 other partners) in 2020. A little like Bitcoin and a little like PayPal, Libra will be a new digital currency, one available to people without bank accounts or credit cards, but that could potentially be a major force for the rest of us, too. But first you have to trust Facebook with yet more personal data. Here’s what you need to know.
How does it work?
Libra is an upcoming digital currency that users can access through apps and use to pay for things or to send money to each other. In that way it’s a lot like PayPal and Venmo.
But unlike PayPal and Venmo, Libra is largely aimed at people without bank accounts. (See “Why would I want to use it?” below.)
To keep and exchange Libra, you’ll need to use a “wallet”: an app that might be integrated into existing apps, the way PayPal or Apple Pay is integrated into other apps. The current plan is to let many developers make their own wallets.
Unlike Bitcoin, Libra’s value is tied to government-issued currency like the dollar—specifically to “a market-value basket of several trusted currencies,” says Wired. That’s one of several ways that Libra will try to avoid the weird, scammy, gambling vibe of Bitcoin and other cryptocurrencies. This isn’t a coin that you buy because you think it will grow 100 times as valuable. It’s more like exchanging a dollar for a Euro.
You don’t need to know this next part, but it has some consequences that we’ll explain later. On the backend, Libra handles transactions with a blockchain, kind of like Bitcoin. A blockchain is a distributed record of transactions that records who owns how much of a coin, and who transferred what coin to whom. But while Bitcoin’s blockchain is distributed among everyone who uses it, Libra’s blockchain is managed by the Libra Association. (See “Who controls it?” below.)
When is it coming?
The Libra Association plans to launch the coin some time in 2020. It will immediately be available on WhatsApp and Facebook Messenger, and through several other Libra partners.
Will I have to use it?
Not yet. Maybe not ever. The answer will probably lie between your answers to “Do you need Venmo?” and “Do you need a credit card?”
The new coin and its underlying code are controlled by the Libra Association, a 28-partner consortium of companies and foundations, but Facebook is the driving force.
Founding partners include eBay, PayPal, Vodafone, Spotify, several investment firms and cryptocurrency companies, and a few non-profits. Each partner gets a vote on group decisions. Each partner invested at least $10 million, partly to build a reserve of fiat currency (that is, regular dollars) to exchange for Libra.
Facebook is one partner. Calibra, its wholly owned spinoff company, is another. The association hopes to add more partners over time, to further decentralize the currency and lower their own control over it—while also building faith in the currency as something bigger and “realer” than Flooz or airline miles or Disney Dollars.
Calibra makes, and is, a “wallet”: an app that lets you exchange Libra. While other developers can make their own wallets, Facebook will integrate Calibra into WhatsApp and other Facebook apps, so they’ll have a huge advantage. On those apps, you’ll be able to send money as simply as texting, similar to Apple Pay in the Messages app.
While Facebook shares control over the Libra currency with the rest of the Libra Association, it entirely owns Calibra, and that’s not likely to change.
Why would I want to use it?
If PayPal and Venmo work fine for you, you might not have a reason to, according to Aaron Lammer, co-host of the cryptocurrency podcast CoinTalk. But you’re not who Libra is aiming at right now. The biggest market, he tells Lifehacker, is people sending money to family abroad.
According to Libra’s white paper published Tuesday, “1.7 billion adults globally remain outside of the financial system with no access to a traditional bank.” That’s 31% of the world’s adult population. And if you’re trying to send money to one of those 1.7 billion, your current options, says Lammer, are “fairly predatory.” Fees for these international transfers average 7%, according to TechCrunch.
You can’t use PayPal or Venmo to solve this; both of those require a bank account. But you don’t need a bank account to get on Libra. A billion of those unbanked people have a mobile phone, and half a billion have internet access. They could receive money in the form of Libra on their phones—and spend that money as Libra as well. Libra will make these transactions cheaper than other non-bank options.
Of course, you can fund your Libra account from your bank account too, through PayPal or Stripe, which are founding members in Libra. And not just to send it to people without banks. For the rest of us, there will still be advantages to Libra, especially incentives to use it instead of a credit card. Other founding members of the association include Uber and Lyft, eBay, and Spotify. These companies will all be eager to let you pay in Libra—and they might offer discounts if you do.
Lammer compares it to credit card rewards, which try to keep you locked into their ecosystem. For example, the Amazon rewards card gives users 5% back on all Amazon purchases—in the form of Amazon credit. If taking an Uber is 1% cheaper with Libra than with dollars, you’ll think about getting Libra. Specific discounts like this haven’t been announced yet, but they’re definitely in the works.
Why would a company want me to use it?
To keep you as a customer
First, companies like Spotify say they want to get customers who currently can’t pay because they don’t have a credit card. Second, they can win your loyalty by encouraging you to keep your money in Libra, and use partnered promotions to swap customers, until every Uber customer joins Spotify and vice versa.
To save money
Keeping you in Libra could save these companies a lot of money. If they want to get your money via credit card, they have to pay a transaction fee. (That’s why so many local stores offer a “cash discount” or a minimum purchase, even though it’s against the credit card issuer’s rules. They hate sending so much of their money to Visa and Mastercard.) But if you use Libra, there’s only a tiny fee, much tinier than a credit card transaction, says TechCrunch.
To track your purchases
The biggest reason might be customer data. Libra transactions will be pseudonymous—you’ll be able to have an account that’s not linked to your real-world identity—but there will still be plenty of user behavior to track. Even aggregate data will give Libra’s members a valuable insight into customer behavior, so they can better target advertising, and get you to spend more of your money. And while Libra and Facebook promise to keep a wall between your individual financial data and social data…well…do you trust them?
To sell you more services
Facebook’s Calibra will build more financial services on top of Libra, Calibra VP Kevin Weil tells the Verge. For example, he says, they might offer lines of credit. While Facebook won’t be fully in control of the currency, it will be offering the default app to access that currency. It’s the Apple Podcasts app of money. So Facebook gets to double dip into this currency in a way that most of its partners won’t.
How much does it cost?
Libra will be cheaper to use than many other money transfer services, with transactions costing a small fraction of a cent. And for businesses that accept it, it will have much lower transaction fees than credit cards—which might even make microtransactions more attractive.
If you mean “how much is one Libra worth”: somewhere around one dollar, one Euro, or one pound. And that won’t dramatically change—unless some major world currencies dramatically change.
Can I invest in it?
Not the way you can invest in Bitcoin, because Libra won’t significantly gain (or lose) value. You could apply to be a member of the Association, if you have $10 million and a good reason they should include you. Or you can invest in the many businesses that will spring up around Libra support.
Will my money become worthless?
Very unlikely. If Libra is successful, its value will remain stable. If it tanks and no one uses it, the Libra Association still has reserve money, so if there’s a “bank run”—if all the users withdraw their money at once—the Association is good for it. There’s always some risk, but it’s nowhere near as risky as Bitcoin, where the price wildly fluctuates.
Will my money get hacked or stolen?
That depends on how adventurous you get. If you only use Facebook’s Calibra app and other official apps, and you don’t just send money to anyone who asks for it, you’ll be pretty safe. As it tries to establish Libra’s legitimacy, Facebook will prioritize security, but the company has been hacked before. There’s one more possible safety measure: As long as a small consortium controls the currency, says Lammer, even a major hack could theoretically get rolled back if the controlling members agreed.
You need to be more careful with third-party apps. The Libra Association released open-source code so outside developers can make their own Libra apps without any vetting process from the Libra Association. So you shouldn’t use just any app unless you can confirm it’s legit. And just because an app makes it onto the Google, Apple, or Amazon app stores doesn’t mean it’s legit; Apple unintentionally let some apps record users’ screens without their knowledge, and Google and Apple both approved apps with malware that sends data to a malicious server.
You could always fall for a scam the same ways you could with your regular credit card or PayPal. You have to be just as careful with your Libra as you are with the rest of your money. Calibra will have fraud protection much like on PayPal or your credit card’s, but we’ll have to see how good the customer service is.
Can I trust Facebook?
Facebook promises not to take specific data from your Libra transactions and use it on other parts of Facebook, like serving you targeted ads or deciding which posts to put in your feed. But in Calibra’s “customer commitment” document, it’s already carved out some ways it can share data, like anonymized data for research and aggregated data for Facebook, and police requests.
That alone is a big drawback, at least versus more decentralized and anonymous cryptocurrencies. Lammer points out that tracking transactions is a common way to catch white-collar criminals. Facebook and other tech giants have a history of handing over lots of data to law enforcement. Do you trust government authorities to never abuse their surveillance power? Have…have you heard of the NSA?
You don’t have to have a Facebook account to join Calibra. But you do have to give Calibra a government-issued ID. (Third-party developers might let you skip that step.) There’s a balance Facebook has to reach here: it wants a freer currency, but it doesn’t want to be a playground for money launderers and criminals, which some other cryptocurrencies famously are. Lammer even bets that early PayPal was a useful tool for money launderers, before it needed to legitimize itself and avoid prosecution. Facebook is too established to play that game, at least as aggressively as a young startup.
Calibra explicitly says it’s allowed to use your data to market other Calibra products to you. Which is not unusual. And while it won’t share Calibra data to Facebook, it might ask you to share your Facebook data to Calibra. But it promises to ask your permission.
And as for Facebook’s promises, well, Facebook has never abused its users’ privacy before, right? Lammer thinks the company will get creative and find ways to cash in on all this transaction data. But to be fair, they’ve at least started with a public promise to keep their fingers out of their own data. Not that you could stop them if they changed their minds.
Will there be a Google coin and an Apple coin too?
One motivation behind Libra, says Wired, was that Google, WeChat, and Apple all had their own payment services. That’s why Lammer thinks that the other tech giants aren’t going to launch a coin like Facebook’s; they each have different strategies to insert themselves into the middle of transactions.
Apple and Google both have app stores where they can take a bite of every software purchase, and payment systems that make your phone as indispensable as your credit card. Amazon turned its online store into a platform where anyone can sell anything, and give Amazon a little of the money; it uses partnerships, credit card rewards, and Amazon Prime subscriptions to make Amazon your favorite way to buy any physical item.
And Facebook makes money by helping advertisers target you, so Libra is a money play that helps it collect more data about purchasing. Anonymized data, maybe, but still. Any time a big tech company has a shiny new product to offer you, ask yourself how they’ll make their money back.
We hear a lot about the problem of Facebook ads—whether it’s about user information being tracked for targeted ads, or fishy groups using ads to spread misinformation. Just look at the effects on our political landscape: we have voters and politicians who spout false information, often just because they saw it on social media. Facebook ads are particularly egregious since the website collects personal data and tailors the ads you see based on your browsing behaviors. That leads to not only creepily specific targeted ads, but also a greater chance for those who don’t fact-check properly to be duped by ads containing false or misleading information.
To combat this, most people boost their privacy settings, or leave Facebook entirely. If you’re not ready to dump Facebook but you’re also not in the mood to be lied to, there’s another alternative: you can now get information on every entity that’s advertising or promoting content on Facebook.
Facebook political ads database
In 2018, Facebook created a searchable database of all political ads that have been run on the platform since May 2018. Ads will remain in the database for seven years. Everything in the database is searchable and viewable by all users, meaning you won’t just be shown ads that have been targeted at you. Search results include any ads whose organization, page, or description match the search keywords, and users can filter based on country, for active and inactive ads, and ads run on related pages. By clicking on an ad’s info, you can see who paid for the ad, how many times it was viewed, how long it ran, and other metrics.
Facebook also puts together a publicly available, downloadable weekly ad report that details what ads were run on the platform that week, who paid for the ads, and the total spent.
According to these reports, over 3 million political ads ran on Facebook between May 2018 and April 20, 2019, which cost advertisers over $547 million. The long list of advertisers is largely unsurprising, such as the group Beto for Texas, or the Trump Make America Great Again Committee, followed by a long list of other political campaigns, special interest groups, and lobbyists. This transparency makes it easy to see who’s paying to spread their information on Facebook, and just how many users are seeing it.
There are some odd inclusions, however. Because the database contains any and all politics-related ads, even those without an inherently political message, such as those from news organizations and politically unaffiliated pages, get added. Because of this, some unexpected names appear on the list of Facebook’s political advertisers, like Cyndi Lauper, who advertised T-shirts made in solidarity with the Time’s Up Movement, and ads for Funny or Die’s content, which often spoofs and satirizes real-world events. The database even counts ads from Microsoft or Stella Artois highlighting pollution and access to drinking water:
I wish we didn’t live in a world where wanting clean drinking water and healthy marine habitats is considered political, but the transparency is important nonetheless.
Check a page’s active ads
While being able to search for all political ads is helpful, and a wise decision on Facebook’s behalf, there are many non-political ads that show up on Facebook, too.
With a few clicks, users can see any currently active ads from any page. On any public Facebook page, click the “Info and Ads” option at the bottom of the left side menu of the page. This will open a new page that displays any active ads the page has running on Facebook, Instagram, and/or Facebook Messenger (whether those ads are directed at you or not). You’ll also find links to ads run by related pages, and if the page has run political ads—and if it has, it’ll link to the ad library, above.
With every bit of new technology that hits the market, it’s hard not to wonder: In what previously unimagined ways will this compromise my privacy? Turns out that’s also something very much on the mind of the people who make the latest gear. On Thursday, Oculus co-founder Nate Mitchell informed the public via Twitter that tens of thousands of Oculus Touch controllers have shipped with creepy privacy-related Easter Egg messages hidden on their internal hardware.
Crack open one of these controllers and in the device’s guts you might find a message like “The Masons were here” inscribed on a cable. Other devices apparently shipped with “Big Brother Is Watching,” but according to Mitchell only developer kits have that joke inscribed in them.
Mitchell’s statement goes on to apologize for these Easter Eggs slipping past the prototype phase and into production, calling them “inappropriate” and saying their internal processes have been changed to avoid this happening again.
According to a report from Business Insider, the affected Touch controllers are meant to ship with the upcoming Rift S and Oculus Quest headsets, and are not yet available. There are no plans to recall the controllers.
The messages are a bit of bleak, uncomfortable gallows humor from the Facebook-owned company, given how powerful—and delinquent—Facebook has been in the realm of online privacy. It’s a bit of real-world context that takes a very common practice (plenty of creative industries from automakers to, well, video games, are full of hidden easter eggs) and gives it a discomfiting layer. Sure, maybe it’s all in good fun, but it could only be funny if the company making the joke actually took privacy seriously.
Goodbye Big FiveReporter Kashmir Hill spent six weeks blocking Amazon, Facebook, Google, Microsoft, and Apple from getting her money, data, and attention, using a custom-built VPN. Here’s what happened.
Week 6: Blocking them all
A couple of months ago, I set out to answer the question of whether it’s possible to avoid the tech giants. Over the course of five weeks, I blocked Amazon, Facebook, Google, Microsoft, and Apple one at a time, to find out how to live in the modern age without each one.
To end my experiment, I’m going to see if I can survive blocking all five at once.
Not only am I boycotting their products, a technologist named Dhruv Mehrotra designed a special network tool that prevents my devices from communicating with the tech giants’ servers, meaning that ads and analytics from Google won’t work, Facebook can’t track me across the internet, and websites hosted by Amazon Web Services, or AWS, hypothetically won’t load.
I am using a Linux laptop made by a company named Purism and a Nokia feature phone on which I am relearning the lost art of T9 texting.
I don’t think I could have done this cold turkey. I needed to wean myself off various services in the lead-up, like an alcoholic going through the 12 steps. The tech giants, while troubling in their accumulation of data, power, and societal control, do offer services that make our lives a hell of a lot easier.
Earlier in the experiment, for example, I realized I don’t know how to get in touch with people without the tech giants. Google, Apple, and Facebook provide my rolling Rolodex.
So in preparation for the week, I export all my contacts from Google, which amounts to a shocking 8,000 people. I have also whittled down the over 1,500 contacts in my iPhone to 143 people for my Nokia, or the number of people I actually talk to on a regular basis, which is incredibly close to Dunbar’s number.
I wind up placing a lot of phone calls this week, because texting is so annoying on the Nokia’s numbers-based keyboard. I find people often pick up on the first ring out of concern; they’re not used to getting calls from me.
On the first day of the block, I drive to work in silence because my rented Ford Fusion’s “SYNC” entertainment system is powered by Microsoft. Background noise in general disappears this week because YouTube, Apple Music, and our Echo are all banned—as are Netflix, Spotify, and Hulu, because they rely on AWS and the Google Cloud to get their content to users.
The silence causes my mind to wander more than usual. Sometimes this leads to ideas for my half-finished zombie novel or inspires a new question for investigation. But more often than not, I dwell on things I need to do.
Many of these things are a lot more challenging as a result of the experiment, such as when I record an interview with Alex Goldman of the podcast Reply All about Facebook and its privacy problems.
I live in California, and Alex is in New York; we would normally use Skype, but that’s owned by Microsoft, so instead we talk by phone and I record my end with a handheld Zoom recorder. That works fine, but when it comes time to send the 386 MB audio file to Alex, I realize I have no idea how to send a huge file over the internet.
My Gmail alternatives—ProtonMail and Riseup—tell me the file is too large; they tap out at 25 MB. Google Drive and Dropbox aren’t options, Dropbox because it’s hosted by Amazon’s AWS and relies on Google for sign-in. Other file-sharing sites also rely on the tech giants for web hosting services.
Before resorting to putting the file on a thumb drive and dropping it in a IRL mailbox, I call up my tech freedom guru, Sean O’Brien, who heads Yale Law School’s Privacy Lab. He also does marketing work for Purism, the company that makes my laptop. O’Brien tries to avoid tech giants in favor of open source technologies, so I figure he might be able to help.
O’Brien directs me first to Send.Firefox.com, an encrypted file-sharing service operated by Mozilla. But… it uses the Google Cloud, so it won’t load. O’Brien then sends me to Share.Riseup.net, a file-sharing service from the same radical tech collective that is hosting my personal email, but it only works for files up to 50 MB.
O’Brien’s last suggestion is Onionshare, a tool for sharing files privately via the “dark web,” i.e. the part of the web that’s not crawled by Google and requires the Tor browser to get to. I know this one actually. My friend Micah Lee, a technologist for the Intercept, made it. Unfortunately, when I go to Onionshare.org to download it, the website won’t load.
“Hah, yes,” emails Micah when I ask about it. “Right now it’s hosted by AWS.”
As I encountered at the beginning of this experiment, Amazon’s most profitable business isn’t retail; it’s web hosting. Countless apps and websites rely on the digital infrastructure provided by AWS, and none of them are working for me this week.
Micah suggests I download it from Github, but that’s owned by Microsoft. Thankfully, O’Brien tells me I can download the Onionshare program directly from Micah’s server via command line on my Linux computer. He has to walk me through it step-by-step, but it works. I’m able to run Onionshare, drop my file into it, creating a temporary onion site; I send the URL for the onionsite to Alex so he can download it via the Tor browser. Once he downloads it, I tell Onionshare to “stop sharing,” which takes the onion site down, erasing the file from the web.
(In the end, Alex doesn’t even wind up using my audio for Reply All’s year-end finale. Sigh.)
I realize that’s a long story about sharing one file, but it’s a nice summation of what online tasks are like this week. There are workarounds for services offered by the tech giants, but they take extra research to find and are often more difficult to use. I wind up in strange parts of the internet, using Ask.com (formerly known as Ask Jeeves) as my search engine, for example, after I ixnay Google.com and realize DuckDuckGo is hosted by AWS.
But Ask.com is not necessarily a great replacement: it’s owned by IAC, the media and dating company behemoth. I’ve just traded one huge corporation seeking to monetize my searches for another, less competent one.
Some strange things are delightful: I discover that my Nokia phone can play the radio, so when I go running, I listen to NPR instead of my usual go-tos: Spotify, a podcast, or an audiobook. I’m planning a trip to South Africa, and wind up in charming conversations with the travel agents I have to call for help; it’s more costly and less efficient to book via a travel agency, but it’s the only option because travel-booking websites aren’t working for me.
Something not delightful is my Nokia 3310’s camera; it takes terrible, dark photos. I have an old Canon point-and-shoot digital camera, but I find I don’t take many photos this week—because without Facebook and Instagram, I don’t have anywhere to share them.
Sometimes I just can’t find a digital replacement. Venmo won’t work without a smartphone, so I pay our babysitter in cash. I start using a physical calendar to keep track of my schedule. When it comes to getting around, Marble Maps is an option, but I’m confused by the interface, so I stick to places I know, and buy a physical map as a back-up.
“It’s funny because Nokia used to have amazing navigation with Navtech,” a technologist says to me one day when I’m talking about how hard driving is without mapping apps, “but then they sold themselves to Microsoft.”
Fuck, I think, my Nokia 3310 might be made by Microsoft.
But it turns out, while Microsoft did buy Nokia’s mobile devices division for $7.2 billion in 2014, it sold Nokia’s “feature phone assets” two years later for a painful write-down, $350 million, to Foxconn (of Apple outsourcing fame) and to HMD Global, a Finnish firm helmed by a former Nokia executive. HMD Global now uses Nokia’s “intellectual property,” i.e. brand, to sell phones. Most “Nokia” phones are Android smartphones, but there’s a line of “classic” phones, including the 3310, which run an operating system called FeatureOS made by Foxconn.
My Nokia 3310 is not a tech giant phone, but it’s certainly tech giant adjacent.
To find out why the HMD Global is still selling dumbphones, I call its Hong Kong-based chief product officer, Juho Sarvikas. Sarvikas tells me that the company thought the core market for “classic” phones would be in Asia and Africa, where smartphones are less prevalent, but he says the devices have done surprisingly well in America.
“Digital well-being is a concrete area now,” he says. “When you want to go into detox mode or if you want to be less connected, we want to be the company that has the toolkit for you.”
“So these phones are the nicotine patch for smartphone addiction,” I say.
He laughs, “I’ve never put it that way before, but yes.”
I had assumed that the phones were for parents who wanted their kids to have phones sans a pipeline to social media and apps.
“That too,” says Sarvikas.
Many people I talk to about this experiment liken it to digital veganism. Digital vegans reject certain technology services as unethical; they discriminate about the products they use and the data they consume and share, because information is power, and increasingly a handful of companies seem to have it all.
When I meet a full-time practitioner of the lifestyle, Daniel Kahn Gillmor, a technologist at the ACLU, I’m not totally surprised to discover he’s an actual vegan. I am surprised by the lengths to which he’s gone to avoid the tech giants: he doesn’t have a cellphone and prefers to pay for things with cash.
“My main concern is people being able to lead autonomous healthy lives that they have control over,” Gillmor tells me during a chat via Jitsi, an open-source video-conferencing service that will work on any web browser. There’s no proprietary app you have to download and it doesn’t require you to create an account.
Gillmor hosts his own email and avoids most social media networks (he makes exceptions for Github and Sourceforge, because he’s an open source developer who wants to share his code with others). He refers to joining social networks as being “bait” that lures other people into “surveillance traps.”
Gillmor thinks people will have better lives if they aren’t being data-mined and monetized by companies that increasingly control the flow of information.
“I have the capacity to make this choice. I know a lot of people would like to sign off but can’t for financial reasons or practical reasons,” he tells me. “I don’t want to come across as chastising people who don’t make this choice.”
And there are definitely costs to the choice. “How things are structured determines the decisions people can make socially,” he says. “Like you didn’t get invited to a party [via Facebook] because you chose not to be part of a surveillance economy.”
Gillmor teaches digital hygiene classes where he tries to get people to think about their privacy and security. He usually starts the class by asking people if they know when their phones are communicating with cell towers. “Most people say, ‘When I use it,’ but the answer is, ‘anytime it’s on,’” he says.
He wants people to think about their own data trails but also when they are creating data trails for other people, such as when a person uploads their contacts to a technology service—sharing information with the service that those contacts might not want shared.
“Once the data is out there, it can be misused in ways we don’t expect,” he says.
But he thinks it’s going to take more than actions by individuals. “We need to think of this as a collective action problem similar to how we think about the environment,” he says. “Our society is structured so that a lot of people are trapped. If you have to fill out your timesheet with an app only available on iPhone or Android, you better have one of those to get paid.”
Gillmor wants lawmakers to step in, but he also thinks it can be addressed technologically, by pushing for interoperable systems like we have for phone numbers and email. You can call anyone; you don’t need to use the same phone carrier as them. And you can take your phone number to a different carrier if you want (thanks to lawmaker intervention).
When companies can’t lock us into proprietary ecosystems, we have more freedom. But that means Facebook would have to let a Pinterest user RSVP for an event on its site. And Apple would need to let you Facetime an Android user.
The Amazon block continues to be the most challenging one for me.
My friend Katie is in town from New York; we have plans to meet for dinner one night at a restaurant near my house, an event marked on my physical calendar. On the morning we are to meet, I get an email from her to my Riseup account with the subject line, “What is happening.”
Katie had been sending me messages for days via Signal, but I hadn’t gotten them because Signal is hosted by AWS. When she didn’t hear from me, she sent an “ARE YOU GETTING MY TEXTS” email to Gmail, and got my away message directing her to my Riseup account.
I tell her dinner is still a go, but it’s a reminder of the costs of leaving these services. I can opt out, but people might not realize I’ve left, or might forget, even if they do know.
One day, I ask my husband, Trevor, who declined to do the block with me because he has “a real job,” what the hardest part of my experiment is for him. “I never know if you’re going to respond to my texts,” he says.
“What do you mean?” I ask. “What have I not responded to?
“I sent you some messages on Signal,” Trevor says, having forgotten I am off it.
The block provides constant conversation fodder, and I find myself in conversations more often because, at social gatherings, I don’t have a smartphone to stare at.
An Ivy League professor tells me he regularly employs a Google blocker. “I had to disable it when I paid my taxes because they have Google Analytics on the IRS website,” he says. “It was kind of horrifying.”
People under 35 are intrigued (and sometimes jealous) of life without a smartphone; people over 35 just seem nostalgic.
One night, I run into Internet Archive founder Brewster Kahle, who is delighted to hear about the block. “It’s hard to get away from technology,” he says. “A friend was just telling me about trying to get a TV that wasn’t smart and didn’t have a microphone. It was impossible. He wound up getting a 27-inch [computer] monitor.”
Sometimes we make the choice to bring technology into our lives, but sometimes it’s forced upon us. Television makers have turned their products into surveillance machines that collect what we watch and what we don’t watch and sometimes even what we say, and that’s just how most TVs come now.
This week, I stop watching TV altogether because we don’t have cable and internet TV isn’t an option. I hadn’t meant to make this experiment a “rejection of all technology”—but it happens despite my intentions.
I’m most frustrated by this with my phone. I would love to be using a tech-giant free smartphone, but they aren’t really commercially available yet. If you want one, you need to be technically savvy and install a custom operating system on special phone models. That will hopefully change soon, with commercial offerings on the horizon from Eelo and Purism.
In the past, I would have assumed that idealistic projects like these were doomed, but there seems to be a heightened awareness these days of the dystopia created by the tech giants. Everywhere I look, I see criticism of the Frightful Five.
The tech giants laid down all the basic infrastructure for our data to be trafficked. They got us to put our information into public profiles, to carry tracking devices in our pockets, and to download apps to those tracking devices that secretly siphon data from them.
It’s in the air. The tech giants were long revered for making the world more connected, making information more accessible, and making commerce easier and cheaper. Now, suddenly, they are the targets of anger for assisting the spread of propaganda and misinformation, making us dangerously dependent on their services, and turning our personal information into the currency of a surveillance economy.
The world is flawed, and, fairly or not, the tech titans are increasingly being blamed.
A new book about “surveillance capitalism” by Harvard Business School professor Shoshana Zuboff argues that the extreme mining and manipulation of our data for profit is making an inescapable panopticon the driver of our economy.
Zuboff’s publicist sent me an advance copy as an e-book, and I’ve really been enjoying it, but I have to put it down this week because I can’t read it on my Kindle. Instead, I’m reading a physical book—Henry Thoreau’s Walden, which I ordered from Barnes & Noble. It too is full of calls to re-immerse ourselves in the natural world and not get too caught up in the distractions of modern life.
But, because it was published in 1854, it warns people to get away from work and newspapers rather than smart devices and screens.
For ideas about what the government can do about all this, I call Lina Khan, a fellow at the Open Markets Institute who wrote a blockbuster paper on the need to regulate Amazon’s monopoly power. (At least it’s a blockbuster by academic standards.)
Khan is in New York doing an academic fellowship at Columbia University where she is working on more papers. Khan doesn’t have a Prime account and avoids Gmail. Right before I call her, I see a tweet from a video producer at the Washington Post who got bombarded with baby ads after she had a stillborn delivery.
“Please, Tech Companies, I implore you: If your algorithms are smart enough to realize that I was pregnant, or that I’ve given birth, then surely they can be smart enough to realize that my baby died, and advertise to me accordingly — or maybe, just maybe, not at all,” she wrote in yet another reminder that privacy invasions have real harms.
I recount the story to Khan at the beginning of our call and say that this type of anger seems to be on the rise.
“The tech companies’ own actions are prompting the tide to turn. It is a belated reckoning, but it seems to be a reckoning nonetheless,” she says. “Companies started monetizing user data far before most users even realized their data was valuable, let alone being collected by private actors. If users had been told that the price for access would be near-total surveillance, would they have agreed? Would companies have been forced to offer different business models?”
Khan thinks law enforcers need to get involved to keep these companies from using anti-competitive tactics to dominate the business landscape, as public officials did in the ‘90s against Microsoft.
“Several of the big tech firms have acquired rivals and inhibited competitors through predatory conduct,” she says, a topic that’s been in the news recently with the exposure of Facebook emails where CEO Mark Zuckerberg talks about cutting off then-viral video service Vine’s access to the Facebook social graph. “They have engaged in practices that, a few decades ago, were widely considered monopolistic. We need investigations by the Department of Justice, the Federal Trade Commission, or state attorneys general.”
Europe is on the case, its regulators fining Google and saying Facebook can’t combine users’ data from Facebook, WhatsApp, and Instagram without their consent. But antitrust regulators in the U.S. have stayed away from these companies because their services are cheap or free, so they’re perceived as pro-consumer, which is ultimately what regulators want to encourage. But how does that work when the “consumer” is what the company is selling?
An uncomfortable idea I keep coming up against this week is that, if we want to get away from monopolies and surveillance economies, we might need to rethink the assumption that everything on the internet should be free.
So when I try to create a fourth folder in ProtonMail to organize my email and it tells me that I need to upgrade from a free to a premium account to do so, I decide to fork over 48 euros (about $50) for the year. In return, I get a 5 GB email account that doesn’t have its contents scanned and monetized.
However, I’m well aware that not everyone has $50 dollars to spare for something that they can easily get for “free,” so if that’s the way things go, the rich will have privacy online and the poor (and most vulnerable) will have their data exploited.
The previous week, my 1-year-old, Ellev, started saying that Alexa is “scary” and “spooky,” concepts she learned while trick-or-treating. It’s not unreasonable; I can see how a disembodied voice that’s always there and always listening would be disconcerting to a toddler—or really any normal human being.
But this week, she keeps crying for Alexa, wanting her to play “Baby shark” and other music that is otherwise absent from our home. “I miss Alexa,” she says, and I feel terrible both for depriving her and for making her dependent on an AI at such a young age.
On the last day of the block, Trevor and I are flying to New York, and he’s begging me to end the experiment early so we can use the iPad to keep Ellev happy. However, I’m adamant about maintaining the blockade for the six-hour flight.
“I’m changing my seat to a different part of the plane,” Trevor warns, kiddingly.
Trevor charges the iPad up in case my will falters. But I hold strong. We read books with Ellev, doodle on a magnetic drawing board, sing songs, and play for at least an hour with sticky, flexible “Wizzle sticks” that come in her Alaska Airlines snack pack. She sleeps for the last hour and a half of the flight, something she doesn’t usually do if there is an iPad available.
That was Ellev’s 26th flight. In the taxi after we land, Trevor turns to me and says, “That’s the easiest flight we’ve ever had with her.”
We get to our Airbnb in Brooklyn, which I booked months before the experiment. (It should technically be banned because Airbnb is hosted by AWS.) There’s a lock box on the outside of the apartment building that I open with a four-digit code. Inside is a key that gets us into the building and the same four-digit code opens a digital lock on the apartment’s door. I had written down the address and code on a piece of paper knowing I wouldn’t be able to access the Airbnb website.
We get in with no problem. We’re starving so head to a restaurant we passed in our taxi. Afterward, we need groceries, but Ellev is melting down, so I head to the Airbnb while Trevor goes to shop. I get into the building with the key, but once Ellev and I climb four flights of stairs to the apartment, I realize I don’t have the piece of paper with the door code on it—and I don’t remember the code.
Ellev is crying and trying to turn the doorknob. I start to feel that desperate panic of an earlier age that nowadays accompanies a dying smartphone battery.
My laptop is inside the locked apartment. I use a password manager, stored on that laptop, to get into all my online accounts, so I couldn’t get into Airbnb on another computer even if I wanted to toss in the towel on the blockade.
A masochistic part of my brain reminds me that I am in this mess because I used a site hosted by AWS. I could have just booked a normal hotel room via the phone, and then I would be picking up a new key card at this very moment. Technology creates the problems that technology solves, and vice versa.
While soothing Ellev, I try a bunch of different combinations on the lock based on my vague recollection of what the four numbers are. One of them works. As soon as I get inside, I plug my iPhone into the charger, relieved I’ll resume using it the next day.
Critics of the big tech companies are often told, “If you don’t like the company, don’t use its products.” I did this experiment to find out if that is possible, and I found out that it’s not—with the exception of Apple.
These companies are unavoidable because they control internet infrastructure, online commerce, and information flows. Many of them specialize in tracking you around the web, whether you use their products or not. These companies started out selling books, offering search results, or showcasing college hotties, but they have expanded enormously and now touch almost every online interaction. These companies look a lot like modern monopolies.
Since the experiment ended, I’ve resumed using the tech giants’ services, but I use them less. I deliberately seek out alternatives to do what I can, as a consumer, not to help them monopolize the market.
But the experiment went beyond that for me; it made me reexamine the role of tech in my life more widely. It broke me of that modern bad habit of swiping through my phone looking for a distraction rather than engaging with the people around me or seeking stimulation in my real world environment.
I deleted time-wasting apps like Words With Friends and a Hearts app. I look at Instagram less often, such that I see friends have tagged me in their stories, but don’t see the stories because they’ve already reached their 24-hour expiration mark.
I turn my phone off around 9pm each night and don’t turn it back on until I really need it the next day. It took two weeks of using my “nicotine patch” dumb phone, but I eventually lost the urge to start my day by reaching for my smartphone on the bedside table.
My iPhone tells me in my weekly “Screentime” reports that my usage is down significantly, to under 2 hours per day. My phone feels less like an appendage and more like a tool I use when necessary. I still love using Google Maps or Waze when I’m driving to an unfamiliar place, texting far-away friends and family members, and sharing a beautiful photo on Instagram—but I have regained the ability to put my phone away.
I went through the digital equivalent of a juice cleanse. I hope I’m better than most dieters at staying healthy afterward, but I don’t want to be a digital vegan. I want to embrace a lifestyle of “slow Internet,” to be more discriminating about the technology I let into my life and think about the motives of the companies behind it. The tech giants are reshaping the world in good and bad ways; we can take the good and reject the bad.
I ask Trevor if he notices anything different about me since the experiment.
“You never know what time it is anymore,” he jokes, but it’s true. I look at my phone infrequently and there are rarely clocks around, personal devices apparently having made them obsolete. I am more in the moment, but less aware of the actual hour and minute.
This is easily solvable: I’ll get a watch. It definitely won’t be a smart one.
Goodbye Big FiveReporter Kashmir Hill spent six weeks blocking Amazon, Facebook, Google, Microsoft, and Apple from getting her money, data, and attention, using a custom-built VPN. Here’s what happened.
Week 2: Facebook
After Facebook’s hell-year of scandal, and its unabating erosion of our privacy—a topic I’ve been covering for over 10 years—I never thought I’d miss the social network. But here I am, staring at my screen, feeling strangely alone.
In the second stage of my epic quest to thwart the world’s most powerful tech giants from getting my data, my money, and my attention, I’m taking on Big Blue. No Facebook. No Instagram. No WhatsApp, Facebook Messenger, Onavo, nor Oculus Rift. For one week, I’m cutting myself off from everything Facebook-related—not simply deleting apps from my phone, but using a custom tool that completely stops all my devices from communicating with Mark Zuckerberg’s enormous, needy baby.
Originally, I just planned to block myself from using Facebook the same way I’d blocked myself from using Amazon, by routing all my internet traffic through a virtual private network (VPN) controlled by the technologist Dhruv Mehrotra, who is prohibiting my devices from communicating with IP addresses controlled by Facebook. But I decide this experiment is an opportunity to do something additional, something more drastic.
Facebook’s misdeeds with our data have been news cycle fodder for at least a decade, but the past year has been particularly bad. The only explanation for why most of us are still members is Stockholm Syndrome. Like many people, I feel invested in Facebook: I’ve been building my profile since 2007. I have party and vacation photos galore there and over 1,000 connections, including dear friends, acquaintances, colleagues, loved ones, and quite a few randos whom I added for reasons that I no longer remember. I’ve written that people who aren’t on Facebook “may not actually exist” and are “suspicious.” I use Facebook to log in to other services that I use a ton such as Airbnb, Words with Friends, and Spotify.
I couldn’t quit Facebook, could I? And if I did, would I miss it? Would the world I’ve built there miss me?
Facebook has steamrolled almost the entire planet into joining its platform, so it’s amazing how damn thirsty it seems much of the time. To prepare for the Faceblock week, I sign into Facebook one last time and discover 36 notifications waiting for me.
“Damn! Must be some big things happening,” I think, but when I click on the white bell, I discover 35 notifications about one friend’s comment on a link I had shared earlier in the week. Facebook had been adding a new notification every few hours since the last time I had signed in, in what must have been a desperate attempt to get me to open its app. I’m not alone in getting countless irrelevant notifications on Facebook.
I feel about quitting Facebook the same way I feel about deleting my tweets, something I also don’t do that I probably should: I’m concerned there could be unanticipated downsides. But this is as good a time as any to find out, so I click the “delete” button.
To my great surprise, my account is instantly gone. I thought Facebook would tempt me to stay with profile photos of friends who would be “sad” without me, but my account just winks out of existence immediately with a message that I can have it back if I sign into Facebook within 30 days. (I put a reminder in my Google Calendar to reconsider this decision in 29 days, and hope that Google Calendar is not blocked when the time comes.)
Of course, while I can “delete” my Facebook, that doesn’t delete all my information from its servers, even after 30 days. It still knows what other people share about me, from photos of me and my family, to my contact information if others upload it.
The first thing I do after the big deletion is visit Airbnb. My biggest concern is that I’ll be locked out and lose years of building up a good reputation as a renter, but I soon discover to my vast relief that I can regain access by saying I forgot my password and supplying my email address. I still have my Airbnb account; it is just untethered from Facebook. Spotify too lets me back in, though my profile photo is gone and my name is replaced with an eight-digit string of numbers. I can also get into Words With Friends, my favorite time-wasting app. It looks like all these companies are planning for the eventual obsolescence of Facebook, thank god for me.
The Amazon block took out whole websites and services for me, but that’s not the case with Facebook, because it doesn’t control the building blocks of the internet. That’s not for want of trying: Facebook has attempted to bring “universal internet” to India and other countries with internet.org, but it has faced resistance.
Dhruv built a counter that tells me in real time how many data packets are trying to get a tech giant; it was spinning like crazy when I was blocking Amazon, but advances far more slowly with Facebook. (Over the course of the week, my devices try to communicate with Facebook over 15,000 times compared to nearly 300,000 times for Amazon the week before.)
The vast majority of Facebook’s requests are likely its attempts to track my movements around the web, via Like and Share buttons, Facebook Analytics, Facebook Ads, and Facebook Pixel. Facebook Pixel, if you haven’t heard of it, is a little piece of code that a company can put on its website—say, on a particular sneaker page that you look at while signed into Facebook on your work computer. Once the pixel captures you looking at the sneaker page, the shoe company can retarget you through Facebook, so you later see an ad for the same shoe when you’re scrolling through Instagram on your personal phone.
In an email, a Facebook spokesperson just “wanted to point out” that “your experience seeing advertising across devices is common and not new to online advertising.” True, but unlike Pixel, not every web tracker is on over 2 million websites.
Cutting Facebook out of my life is easy technically; Dhruv’s IP address block works well. His only challenge is WhatsApp, which has been designed to circumvent blocks in repressive countries, and so rapidly tries to reach different servers when it detects an inability to connect. (Dhruv compares blocking that one to playing whack-a-mole.)
But psychologically, it’s hard: I miss Instagram as the thing I do to waste time on my phone and to keep up with friends. I also miss, to my surprise, Facebook itself.
The first day of the Facebook block is Halloween, which is particularly hard because I can’t post cute photos of my 1-year-old, Ellev, dressed up as Boo from Monsters Inc. (I ordered the costume on Amazon, of course, pre-block.) And I can’t find out what my friends are dressed as unless I individually text or email them, which is weird. The only people who get to see my family as Boo, James P. Sullivan (me), and Mike Wazowski (my husband) are the members of my extended family with whom we trick-or-treat, the strangers we pass IRL, my in-laws due to a photo sent on a group text thread, and a couple of friends to whom I text photos apologizing for the “bespoke sharing.” I have to admit that the enjoyment of a holiday dedicated to dressing up is somewhat degraded when not using Facebook’s apps.
The week of the block also includes the runup to Election Day. One morning, as I talk to my husband, Trevor, about filling in our mail-in ballots, I ask how he is going to vote on the proposition to end daylight saving time in California. He says his cousin wrote a convincing post about it on Facebook (we talk in links even IRL!) and I say I’ll check it out before I remember I can’t. Trevor summarizes it for me: The time change sucks for parents who have to force their kids to wake up an hour earlier. This is a point I wouldn’t have thought of and a conversation we might not have had without Facebook, and it helps swing my vote.
I know. It’s crazy, right? Even with all the news about how terrible information is around elections on Facebook, I still want it as a resource! This is a shocking discovery for me. Did I turn off Facebook during the one week it actually matters to me, or do I use Facebook more than I realize?
I try to fill the social media hole in my life by joining Mastodon, an open-source, decentralized Twitter-like social network. (You “toot” instead of “tweet,” a term chosen by someone who either doesn’t know the standard definition or who believes most of what people write online is noxious hot air.) I try a toot or two, but honestly, I find the idea of building yet another online social network exhausting. So after signing in a couple of times, I abandon it. Network effects are real and powerful.
Sarah Jeong summed up the problem well in Vice soon after Mastodon’s October 2016 launch:
You aren’t on Mastodon because your friends aren’t on Mastodon. Your friends aren’t on Mastodon because you’re not on Mastodon. And I wouldn’t be on Mastodon, either, if I hadn’t promised my editor to write an article about it.
This is the hold Facebook has on us: We built our networks there, and we are loathed to leave them or to start again.
With the purchases of Instagram and WhatsApp, Facebook has a stranglehold on social news and photo-sharing. By blocking them, I lose the ability to mass communicate with my social circle; I can’t brag that I won a journalism award on Facebook or post a video of Ellev feeding a giraffe at the zoo on Instagram.
I also lose my ability to receive news from my social circle. Spoiler: When I give in and re-enable my Facebook account weeks later, I see at the top of my Newsfeed that one of my closest friends recently gave birth. I call her to congratulate her and tell her I wouldn’t have found out if I hadn’t re-joined the social network. “I just assume that if I post something on Facebook, everyone will know about it,” she tells me.
If you give up Facebook and all the companies it owns, you’re cut off from participating in your community, whatever your community may be.
“Facebook has too much market power,” Sarah Miller tells me. “It should never have been allowed to acquire Instagram in the first place.”
Miller is the deputy director of the Open Markets Institute, which has spent the last year loudly calling for the tech giants to be heavily regulated if not broken up. Miller is also the spokesperson for Freedom From Facebook, an advocacy group composed of members of other advocacy groups, like an activist turducken, that has done cute stunts like fly a plane over Facebook’s shareholder meeting with the sign, “You broke democracy.”
Miller thinks the Cambridge Analytica scandal and Facebook’s notable missteps around disinformation and genocide, are symptomatic of a company run amok without serious competitors to force it to be a better gatekeeper of people’s information.
Freedom From Facebook has been pushing the Federal Trade Commission to treat Facebook like a monopoly and break it up. On that count, they scored a meeting with an FTC commissioner, Joe Simons, and have filed a complaint with the agency, though it’s unclear how serious the FTC is about investigating Facebook. A top official there who would otherwise be in charge of such an investigation is conflicted out, but the Washington Post reports that the agency is currently considering hitting the company with a “record-setting fine,” that is, if the government shutdown ever ends.
Though Miller doesn’t think a fine is enough, even a historic one; she argues that the FTC should force Facebook to spin off WhatsApp, Instagram, and Messenger into their own companies, because together Facebook’s companies account for “77 percent of mobile social networking traffic in America.”
“If a company doesn’t have competitors, it’s not incentivized to protect consumers,” Miller tells me during a phone call. “It’s more than just privacy violations. We’re trying to tie everything together. Will our democratic institutions stand up to these companies or let themselves be corrupted?”
Facebook, of course, disputes any notion that it’s a monopoly. “We operate in a fiercely competitive market for services which help people connect, discover, communicate and share,” a Facebook spokesperson told me. “For every service offered on Facebook and our family of apps, you can find at least three or four competing services with hundreds of millions, if not billions, of users.”
Late in the week, Instagram notices I haven’t opened the app in a while and sends me an email prompting me to see what my friends are up to. And I realize I don’t really know what people are up to. My friends now largely expect that I’ll see their broadcasts on various social networks, which means they don’t tell me things individually anymore, unless I see them in person.
Or the alternative happens: I assume I know everything that’s going on with someone because I’ve been following their feed. I recently went to visit a college friend who lives across the country. We text each other every weekend with our favorite photos from the week, and I felt like we were in relatively good touch, but once I’d spent a few days with her, I discovered there was ground-shaking stuff happening in her life about which I’d had no clue. It made me realize just how limited many of my digital communication channels are.
It’s the proverbial double-edged sword: I feel both out of touch when not on these channels, but like I’m worse at being in touch because they exist.
Funnily enough, reading a draft of this story convinces one of my editors, who has never had Facebook or Instagram, to join the latter because he realizes he doesn’t have a way to show cool things “to a bunch of people I know at the same time without texting them [when] they’re not really worth texting over.”
So I don’t know if this series will convince anyone to quit these tech giants, but it has convinced at least one person to join them.