Monday, 1 February 2021

Facebook Messenger's metadata harvest

I am a dark user on Facebook: I don't use any public groups, I make no posts on my own profile page, and if anyone tags me, I ask them to un-tag me. I delete my old data. I assumed that the Messenger data was private.

Oops. It is not. Facebook Messenger is unencrypted, my data and metadata - data about my data - on all my conversations is wide-open and is collected... and  is matched. I must have been living in Mrs Thicky-Land not to have known this, but I was ignorant.

According to recent pieces by Ben Lovejoy (4 January 2021) and Zack Dorfman (3 January 2021), all information in all conversations is harvested. Facebook can track "Who you know, who you message, when and how often. Who they know and message. What other activity can be tracked to your user ID. It is this metadata that drives Facebook’s information mining machine" (Dorfman, 3 January 2021). Regardless of your FB privacy settings (and I activate all I can), FB takes your messenger conversation data and harvests it. You can see by the image accompanying this post that there are a vast array of messenger fields which report 'back to base' (Lovejoy, 4 January 2021). The small box on the left is the data collected by Apple's iMessage service (four fields). The middle block is the significantly increased amount of data collected by FB's attempt at encryption, WhatsApp (apparently 25 fields, 525% larger than Apple). The right-most block is the data collected by FB Messenger (apparently 140 fields, or 3400% larger that Apple).

Why do I say 'apparently" about the fields? Because this image is overly alarmist. Of the middle block of WhatsApp data, there are actually only 17 fields, as eight fields are repeated under different headings. This is a growth of 325%. Of the righthand block of Messenger data, there are actually only 30 fields, as 110 are fields are repeated under different headings, or a growth of 65%. Yes, I popped the info into Excel, sorted, checked for duplicates and ran the percentages using Apple as the base. 

However, while the Lovejoy image is overblown, and we must check our facts before going NATO, this is still an alarming harvest of private data by Facebook. Messenger harvests double the amount of metadata stored by WhatsApp. I get FB needs to monetise the platform: it is a commercial enterprise after all. I get that we consumers need to pay for what we use. But we are paying with the gift of our marketing profile data as it is being taken by stealth, without our express consent or knowledge of JUST HOW MUCH we are giving away.

It now no longer surprises me that Facebook wants to combine Instagram and WhatsApp with Messenger and Facebook. The company would get their hands on so much more of our data that way. What I would like to see is that they ASK us. Let us opt in to metadata mining and not pay; or let us opt out of the harvest and so pay for COMPLETE privacy.

The theft of our data has to stop. And - I guess - that means that if we are to use the platform, then we will have to pay. And I am OK with that.


Sam

References:

No comments :

Post a comment

Thanks for your feedback. The elves will post it shortly.