Sophos Cloud Optix
Facebook user Paavo Siljamäki recently posted a story about popping in to Facebook offices in Los Angeles to get some input as to how to better use the site.
A Facebook engineer asked if it would be OK to take a look at his profile.
“Sure”, Siljamäki said, and without even asking for a password, the engineer logged in directly as Siljamäki, viewing all of his private content.
It made him wonder: how many Facebook employees can do this?
Just made me wonder how many of Facebook's staff have this kind of 'master' access to anyone's account? What are the rules on who and when they can access our private content and how would we know if someone did? (My facebook did not notify me that someone else accessed my private profile).
He wasn’t the only one left wondering.
Venture Beat, who spotted Siljamäki’s post, reached out to Facebook to find out when, exactly, employees can access a user’s account without entering their login credentials.
A Facebook spokesperson sent this answer:
We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner's Office as part of their audit of our practices.
Access is tiered and limited by job function, and designated employees may only access the amount of information that's necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries. Two separate systems are in place to detect suspicious patterns of behavior, and these systems produce reports once per week which are reviewed by two independent security teams.
We have a zero tolerance approach to abuse, and improper behavior results in termination.
Regarding Facebook’s “zero tolerance approach to abuse”, it’s understandable that there might be skepticism about that.
In light of the recent trouble that Uber’s gotten into over its “God View” – a privacy-invading display of passengers’ real-time movements that it projected onto a screen for entertainment at a company party – it’s valid to question how well companies actually enforce policies against abusing access to user accounts.
Tales of trampling on privacy in the early years of Facebook are rife, including allegations that Mark Zuckerberg broke into a user’s private email account.
Zuckerberg pulled the alleged email hack in the very earliest days of Facebook, before it even had a privacy policy.
Fast-forward to today, and Facebook is a far more mature company.
It has the tools to grant select employees access to a user’s account, but according to Facebook’s statement, that access is heavily monitored and controlled and can only be executed under specific circumstances, including when users themselves initiate support or in the case of bug reports.
Siljamäki’s request is an example of a user coming to Facebook with a specific issue.
The engineer requested and received permission to resolve that issue by accessing his account.
Does that mean we shouldn’t worry about what we post on Facebook or other social media networks?
No. We should worry.
But when it comes to Facebook employees running amok in our private data, it doesn’t sound worth worrying about.
After all, that’s what the company has big data-crunching analytics for.
To paraphrase the Big Bad Wolf when Little Red Riding Hood asked about those humongous chompers: the better to market at you, my dear!
Image of girl on laptop courtesy of Shutterstock.
I have an issue with the statement that says “private profile” if everyone just accepted the fact that NOTHING online is “Private” and not to share anything that should be private then there wouldn’t be as big an issue.
Again, nothing posted to the Internet in any way should be considered absolutely private, with the possible exception of something that you’ve securely encrypted yourself.
Even than, encrypted stuff can at best be considered probably private-ish.
If someone *really really* wanted to get at it, there is a chance they can.
(Which I am sure you know, but it’s worth pointing out!)
It’s the rare person that asks the question Siljamäki asks, and more people need to ask it of more things, whether they’re concerned about their own personal information or the information they manage in their daily job. (Of course, security people tend to ask these questions, but amongst others it seems to be rare…)
I get constant incredulous looks whenever my employees want to use Dropbox, and I say sure, as long as the powers that be in this company accept the risk of disclosed data due to unknown admin access (and several other key reasons). The tactic trust for these services is annoying, at best, when consumers try to manage corporate IT.
I have the same issue. I had a user install DropBox on a non-company owned iPad so they could work on their documents from it. They didn’t realize I had DropBox blocked on the computers. 🙂
fwiw, one of the pitches copy.com gives is that they pledge not to invade your files, for any reason. this is probably said to distinguish them from the known copyright-violation-bans Dropbox has levied.
If you want something to be private don’t put it on the internet!
How could an employer protect private user data from admins who have access to the database?
There is some level of trust you have to give developers so they do their job. Extern monitoring systems seems to me the only feasible way to check that this trust doesn’t get abused by individuals.
That said, I am worried about these cases because they are not untrustworthy individuals but untrustworthy companies. Especially Uber’s philosophy is totally broken in case of privacy and respect.
Mr Yeah asked “How could an employer protect private user data from admins who have access to the database?”
Simple. You encrypt the data before you put it into the database. Ever hear of Mega, successor to Megaupload? That’s how it works.
Where’s Kim Dotcom when you need him?
How should that be possible for a social network where you easily want to share stuff with others?
Let’s say your stuff on Facebook is encrypted. Your Facebook friends need the key to decrypt it. How could they get the key automatically without a way for Facebook getting that key, too?
Mega works because you share the encryption key to your data outside of Mega.
which, according to Mr Snowden, is still only private-ish.
The more complex our security becomes, the more complex our enemy’s efforts must be. The more we seek to shut him out, the better he must learn to become at breaking in. Each new level of security that we manage becomes no more than a stepping stone for him who would surpass us, for he bases his next assault upon our best defences.