April 04, 2019
Still not over the jet lag, but here goes.
1 big thing: The data trash-pile blame game
The tale of the latest Facebook data spill, announced Wednesday by security outfit Upguard, has a unique new twist: No one is shouldering responsibility for the half a billion user records that were exposed on a public server, Axios' Scott Rosenberg writes.
Driving the news: The story broke yesterday when Upguard reported it had found two troves of Facebook user data sitting on publicly accessible Amazon Web Services S3 "buckets" — cloud storage containers used mostly by backend programmers.
- The first belonged to a Mexico-based media company, Cultura Colectiva, and contained 540 million user records.
- The second contained a backup by Facebook app "At the Pool," which, though much smaller, included more sensitive information, including plain text passwords for 22,000 users.
The data originated with Facebook. But Facebook maintains that fault lies not with its own practices but rather with the developers of the apps that carelessly stored their data.
- "Facebook's policies prohibit storing Facebook information in a public database," the company told Axios. "Once alerted to the issue, we worked with Amazon to take down the databases."
The data lived on Amazon's cloud servers. But Amazon says that responsibility for securing data stored with it lies with the companies that put it there.
- AWS's S3 is one of the internet's largest data warehouses. The programmers for tons of widely used apps and services use it as a cheap, flexible, on-demand source of storage. S3 buckets are set private by default but some are made publicly accessible so users can download data directly.
- "AWS customers own and fully control their data," Amazon said. "When we receive an abuse report concerning content that is not clearly illegal or otherwise prohibited, we notify the customer in question and ask that they take appropriate action, which is what happened here."
The data was held by the app makers.
- But one of them, "At the Pool," seems to be out of business.
- The other, Cultura Colectiva, offered no apology in a statement that circulated among journalists on Twitter, but said that the data it was storing came from "the fanpages we manage" and was "public, not sensitive," information.
Our thought bubble: Everything these companies say may be correct, but none of it is satisfying.
- App makers who are aggregating hundreds of millions of data points about their users owe it to them to protect the resulting databases from random downloaders, not leave them out like a stagnant data dump.
- Amazon may reasonably let its customers decide whether data should be public or private. But it could also take more proactive measures to alert storage users about what information they've exposed to the whole internet. The world's biggest digital landlord has a role in cleaning up the dumps on its property.
- Facebook rightly points out that it has tightened up its policies on sharing user data with app makers since last year's Cambridge Analytica debacle. But its lax privacy practices leaked user information to other companies for years. Incidents like this one will continue to erode public trust in Facebook until the company creates something like a digital Superfund to help clean up the messes it has made.
The bottom line: Facebook and Google have turned user data into advertising gold. But that data can also end up as garbage left out on the net in abandoned "buckets" for mischief-makers and criminals to pilfer. When that happens, "not our fault" won't reassure anyone.
2. Google diversity report shows small gains in retention
Amid a backdrop of employee activism, Google has released its annual diversity report. As Axios' Kia Kokalitcheva notes, the report shows small improvements in both overall numbers as well as in attrition among certain underrepresented groups.
This is the second year that Google has included the attrition figures as part of its annual diversity report.
- Google saw a significant improvement in retention of African-American and Latinx women, though overall African-American and Latinx attrition is higher than among other ethnic groups. Native American employees are also seeing high attrition and little to no progress in overall numbers.
- Representation of women globally increased by 0.7 percentage points year over year.
- In the U.S., African-American representation increased by 0.3 percentage points, Latinx by 0.4 percentage points and Asian representation was up 1.7 percentage points.
Yes, but: Google's report comes in the midst of growing complaints from employees over issues ranging from contract worker policies to the company's involvement with military projects and approach to AI ethics. Google also recently faced criticism over its refusal to remove an app that LGBT activists say amounts to conversion therapy (though it eventually did).
The bigger picture: Tech companies have boosted their efforts to diversify their workforces, but advocates have emphasized that the true measure of those efforts is whether employees from underrepresented groups stay after they've been hired.
3. The snap decision society
Pervasive partisanship and rapid-fire social media echo chambers have exacerbated our tendency to jump to conclusions, Axios' Kim Hart reports.
Research shows the social media ecosystem can lead to snap judgments, even based on incomplete information, to reinforce emotional identities and ideological positions.
Why it matters: Making assumptions is an age-old human flaw, but it is being worsened by the challenges of responding to an increasingly complex world at warp speed.
One of the latest examples played out this week when Stephanie Carter, wife of former Defense Secretary Ash Carter, explained a 2015 photo showing former Vice President Joe Biden standing behind her with his hands on her shoulders, appearing to speak into her ear.
- The photo made the media rounds after separate allegations of unwelcome behavior from Biden.
- Assumptions about the circumstances behind the photo went so viral that Carter wrote a Medium post to set the record straight and "reclaim" her story "from strangers, Twitter, the pundits and the late-night hosts."
- The real story, she said, is that while her husband was giving remarks after his swearing in, Biden "leaned in to tell me 'thank you for letting him do this' and kept his hands on my shoulders as a means of offering his support," she wrote.
Other examples show how easily narratives catch fire online based on incidents that most of us didn't see firsthand:
- Covington Catholic students: Media outlets, celebrities and social media jumped on a viral videotaped encounter between a Native American man and high school boys that suggested a clash of racial and ideological differences. But that narrative was thrown into question when more complete video footage emerged.
- Feinstein on Green New Deal: A video showed a conversation between Sen. Dianne Feinstein and young activists encouraging her to support the Green New Deal. In a shortened clip, she appeared dismissive of their concerns. A longer video that later surfaced shows the fuller dialogue that includes her offering an internship to one of them.
- The Mueller report: Big victory for President Trump, if you're a Republican. Or a colossal letdown, if you're a Democrat. The one thing both sides have in common: Neither has seen the report.
Kim has more here.
4. Bill to restore net neutrality rules clears House committee
A bill to restore net neutrality rules, rolled back by the Federal Communications Commission in 2017, was passed by the House Energy and Commerce Committee along party lines on Wednesday, Axios' David McCabe reports.
Why it matters: A vote on the floor of the Democrat-controlled House would raise the profile of this round in the net neutrality fight.
Go deeper: Read the bill.
5. Take Note
- Snapchat's Partner Summit takes place in Los Angeles.
- Common Sense hosts its Truth About Tech conference in D.C. Sen. Ed Markey (D-Mass.) is expected to discuss a planned bill to stop "manipulative and damaging design features that keep kids glued to the screen or dupe kids into sharing data or making online purchases."
- eBay's StubHub unit hired Arnie Katz, previously VP of international commerce for Walmart, as its chief product and technology officer. The eBay unit also named former Amazon associate general counsel Stephanie Burns as its general counsel.
- Amazon plans to relocate its worldwide operations unit, encompassing thousands of people, from Seattle to nearby Bellevue, Washington, by 2023. (GeekWire)
- WeWork acquired Managed by Q. (TechCrunch)
- Apple's Beats unit released a fully wireless version of its PowerBeats line, the $250 PowerBeats Pro, offering many of the features found on AirPods. (The Verge)
6. After you Login
A man biking around the world found a stray kitten — and brought the little furball with him for the journey.