Mark Zuckerberg’s abrupt Wednesday declaration of a new “privacy vision” for social networking was for many people a sort of Rorschach test.
Looked at one way, the manifesto read as an apology of sorts for Facebook’s history of privacy transgressions, and it suggested that the social network would de-emphasize its huge public social network in favor of private messaging between individuals and among small groups.
Looked at another way, it turned Facebook into a kind of privacy champion by embracing encrypted messaging that’s shielded from prying eyes — including those of Facebook itself.
Yet another reading suggested the whole thing was a public relations exercise designed to lull its users while Facebook entrenches its competitive position in messaging and uses it to develop new sources of user data to feed its voracious advertising machine.
As with many things Facebook, the truth lies somewhere in between. Facebook so far isn’t elaborating much on Zuckerberg’s manifesto. Here’s a guide to what we know at the moment about its plans.
What’s happening to Facebook?
In one sense, nothing. Its existing social network, with its news feeds and pages and 2.3 billion global users and $22 billion in 2018 profit, won’t change and will likely continue to grow. Although user growth has been stagnant in North America, Facebook’s global user base expanded 9 percent in the last quarter of 2018.
But Zuckerberg suggested that Facebook’s future growth will depend more on private messaging such as what it offers with its WhatsApp, Messenger and Instagram Direct services. The Facebook CEO said private messaging between individuals and small groups is “by far” the fastest growing part of online communications.
Naturally, Facebook wants to be there in a big way.
What’s changing in messaging?
Its first step will be to make its three messaging services communicate better with each other. That would let you message a friend on WhatsApp from Facebook Messenger, which isn’t currently possible. It would also link your messaging accounts to your Facebook ID, so people can find you more easily.
Zuckerberg also promised to greatly increase the security of these messages. It will implement so-called end-to-end encryption for messaging, which would scramble them so that no one but the sender and recipients could read them. That would bar access by governments and Facebook. WhatsApp is already encrypted this way, but Messenger and Instagram Direct are not.
The first change users might notice is their address book, said Siva Vaidhyanathan, director of the Center for Media and Citizenship at the University of Virginia. While your Facebook, Instagram and WhatsApp contacts might be quite different now, if the services combine to some degree, your contact lists will, too.
“As these services merge, we might end up basically having these huge combined address books from three messaging services,” he said.
When will this happen?
You’re not likely to see any of these changes soon. In his blog post, Zuckerberg said the plan will be rolled out “over the next few years. … A lot of this work is in the early stages.”
And it’s subject to change. EMarketer analyst Debra Aho Williamson points out that previous Facebook visions of the future haven’t quite panned out. A few years ago, for instance, Zuckerberg predicted that video and augmented and virtual reality would be a much bigger part of Facebook than what materialized.
But it shows that Facebook is trying to adapt as people shift toward services like Instagram and WhatsApp over Facebook, which today has 15 million fewer U.S. users than in 2017, according to Edison Research. In his post, Zuckerberg said he expects Messenger and WhatsApp will eventually become the main ways people communicate on Facebook’s network.
“There’s not a sense that things will fundamentally change overnight, or even probably this year,” Williamson said, “But it signals Facebook is thinking more seriously about embracing the way people communicate today.”
What will it mean for privacy?
Encrypted messaging is in many ways a big plus for privacy. But the way Facebook collects information about you on its main service site isn’t changing, said Jen King, director of consumer privacy at Stanford Law School’s Center for Internet and Society
“This is limited to a very specific part of the platform and it doesn’t really address all the ways Facebook is still collecting data about you,” she said. So users should still be alert about privacy settings and careful about what they choose to share on Facebook.
Facebook is likely to collect data about your messaging — so-called metadata that, according to security experts, will let it know whom you communicate with, when and how often you text them, where you are when you do it and for how long. That can tell Facebook a lot about you even if it can’t read the contents of your messages.
What about vanishing posts?
Though the timeline is hazy, Zuckerberg did outline other changes users will eventually see. He said the company is looking at ways to make messages less permanent, a la Snapchat or Instagram “Stories,” which disappear after 24 hours.
“Messages could be deleted after a month or a year by default,” Zuckerberg wrote. “This would reduce the risk of your messages resurfacing and embarrassing you later.” Zuckerberg said users will have the ability to change the time frame or turn off auto-deletion. “And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.”
What about payment procedures?
Facebook will likely also expand the way users can use its platform to pay for things, said Justin Brookman, director of consumer privacy and technology policy for Consumer Reports. Zuckerberg didn’t mention any new payment plans specifically but did bring up payments four times in his post.
Currently, Facebook lets its users pay friends or businesses digitally by linking a credit card or PayPal account, and that method is not likely to change soon. But as Facebook looks to emulate Chinese behemoth WeChat, it could let you reserve a table through Facebook instead of going through an outside app, or order an Uber.
“Ideally, Facebook will try to get a cut of all transactions,” Brookman said. A digital currency of Facebook’s own is also rumored to be in the works.
“Like many other companies, Facebook is exploring ways to leverage the power of blockchain technology,” Facebook said in a statement. “This new small team is exploring many different applications. We don’t have anything further to share.” (VOA)
After a report revealed around 200-600 million Facebook users may have had their account passwords stored in plain text and searchable by over 20,000 Facebook employees, cybersecurity experts are urging users to change their passwords and turn on the two-factor authentication (2FA).
So far the inquiry has uncovered archives with plain text user passwords dating back to 2012, according to the report published this week by KrebsOnSecurity, a blog run by journalist Brian Krebs.
Facebook in a blog post on Thursday said that it had fixed the issue and will be notifying everyone whose passwords it found stored this way.
“It’s perfectly possible that no passwords at all fell into the hands of any crooks as a result of this. But if any passwords did get into the wrong hands then you can expect them to be abused,” said Paul Ducklin, Senior Technologist at global cybersecurity firm Sophos.
“Hashed passwords still need to be cracked before they can be used; plaintext passwords are the real deal without any further hacking or cracking needed,” Ducklin added.
Facebook said it had found no evidence to date that anyone internally abused or improperly accessed the passwords.
“While the details of the incident are still emerging, this is likely an accidental programming error that led to the logging of plain text credentials. That said, this should never have happened and Facebook needs to ensure that no user credentials or data were compromised as a result of this error,” said John Shier, Senior Security Advisor at Sophos.
“This is also another reminder for people who are still reusing passwords or using weak passwords to change their Facebook password to something strong and unique and to turn on two-factor authentication (2FA),” Shier said. Turning on 2FA would mean that a password alone is not enough for crooks to raid your account, Ducklin added.
Facebook also asked people to change their passwords “out of an abundance of caution”.
Earlier this month, Facebook came under scrutiny for using phone numbers provided for security reasons — like two-factor authentication (2FA) — for things like advertising and making users searchable by their phone numbers across its different platforms.
“Another security measure users can implement to strengthen their digital security postures is to use different passwords for different online accounts. Don’t use your Facebook password for any other login, particularly for personal/professional email accounts or online banking,” said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited.
“It is also a good practice to log out whenever not using Facebook, even on mobile devices,” Katkar added. (IANS)