Intelligence Officials Have Named One More Enemy in the Paris Attacks: Encryption
As officials investigate Friday's attacks in Paris and extract lessons about new terrorism prevention techniques, a theme is emerging: Encryption is bad for anti-terrorism efforts. We already know that law enforcement officials oppose strong encryption because it makes intelligence-gathering more difficult, and the Paris attacks are renewing calls for reexamination of digital privacy measures.
In an interview with ABC News on Sunday, New York City Police Commissioner William Bratton said that “ISIS, taking advantage of the technology ... the ability to go dark, I think you’re going to see that's going to play a significant factor in this event.” He added that the law enforcement community is waiting to get more information about what devices and software the attackers were using. “[I'm] very interested to see what types of phones they were equipped with, what types of apps they had on those phones. Were they, in fact, even in communication with each other at all?” he said.
On Sunday, Michael Morell, a former deputy director of the CIA, told CBS's Face the Nation what he thinks investigators are going to discover. “We don’t know for sure yet, but I think what we’re going to learn is that these guys are communicating via these encrypted apps. The commercial encryption which is very difficult if not impossible for governments to break,” he said.
Politico points out that at its WhatWorks event on Tuesday (before the Paris attacks), Belgium’s interior minister, Jan Jambon, noted that terrorists are known to communicate through platforms that are hard for law enforcement officials to infiltrate. “The most difficult communication between these terrorists is via PlayStation 4. It’s very, very difficult for our services—not only Belgian services but international services—to decrypt the communication that is done via PlayStation 4.”
Sony said in a statement to CNBC that “PlayStation 4 allows for communication amongst friends and fellow gamers, in common with all modern connected devices. We take our responsibilities to protect our users extremely seriously, and we urge our users and partners to report activities that may be offensive, suspicious or illegal.”
Morell called for additional discourse about encryption and privacy on Face the Nation. “We need to have a public debate about this. We have, in a sense, had a public debate. That debate was defined by Edward Snowden and the concern about privacy. I think we're now going to have another debate about that. It's going to be defined by what happened in Paris.”
CIA Director John Brennan also called for renewed debate and reconsideration of government surveillance programs on Monday. Privacy advocates were quick to respond, though. American Civil Liberties Union deputy legal director Jameel Jaffer told the New York Times that, “When we’ve invested new powers in the government in response to events like the Paris attacks, they have often been abused.”
Facebook Is the Best Place to Say You’re OK During a Crisis. Is It the Right Place?
With Paris in crisis on Friday evening, people were scrambling for news, not just about what was going on, but to find out if their friends and family were safe. And Facebook’s Safety Check feature, which it first introduced in 2014, quickly emerged as a practical and valuable tool. All Facebook users in Paris had to do was answer the question “Are you safe?”
It’s a simple question, and responding to it can help to reassure our personal networks and communities during times of uncertainty. But it’s also a deeply personal question. Usually we’re asked something like that verbally—by a person who cares about us, or by a person whose profession embodies societal care, like a first responder or a social worker.
Facebook already asks users, “What’s on your mind?” every day through its status field, and the service collects tons of personal data about each of its users. But to have a multibillion-dollar corporation ask indivuiduals one of the most fundamental questions of life adds a new degree of intimacy to the relationship between social networks and their users. Facebook, with its more than 1.5 billion users, is well-suited for the task of collecting individual safety information. It has the right infrastructure in place. But the more we rely on it, and allow it to reassure us in moments of chaos, the more we need to scrutinize the power we are giving it.
We all know how upsetting uncertainty and a loss of control can be. Even when people are waiting for trains and buses, there is a noticeable psychological difference if a countdown clock is available to tell them how long it will be, so they don’t have to wait anxiously without a time estimate. Safety-check features tap into the same emotions. You may know people who don’t use social media or who probably aren’t going to bother marking themselves as safe during a crisis, but just getting confirmation from anyone you know feels good. These updates—that someone you know is simply OK—read as individually tailored good news amid the stream of impersonal and unpredictable dispatches that emerge out of an emergency situation.
When Facebook first released Safety Check, my Slate colleague Will Oremus wrote, “I can’t imagine it will be so widely used that your loved ones will panic if they don’t see your name on there in the event of a disaster.” But the profound reassurance people get from the service is, to my mind, exactly what will push Safety Check toward ubiquity. And that means Facebook will take on a profound responsibility.
facebook safety check is a phenomenal feature. use it: https://t.co/FlmB5stC17— Chris Ziegler (@zpower) November 14, 2015
Encourage your friends in Paris to go on @facebook and complete a simple 'safety check' to mark that you are okay.— Daniel Bach (@danielblether) November 14, 2015
Facebook’s service isn’t the only one out there, of course. Other check-in features like Google Person Finder offer alternatives for non-Facebook users. But you can see how things could start to get complicated. What if a person registers that they are OK on one service but not another? What if someone marks someone else as safe (a useful option that Facebook provides) based on inaccurate information? And how will tech companies decide when a crisis is big enough to merit activating these features?
When personal-safety information is something that social networks are hosting, people feel obligated to participate far beyond the social demands they usually feel compelled to participate in. And although savvy Internet users value a diversity of choice and are suspicious of any network that becomes too monopolistic, it’s obvious why safety check-ins are more effective when information is centralized. Facebook and services like the French government’s missing person report forum are offered by two very different types of organizations. But as our reliance on these check-in services grows, it may simply make the most sense to rely on a company like Facebook—with its massive reach and sometimes profit-driven priorities—to be the venue for our safety check-ins.
The more we feel ourselves turning to these features, the more realistic it seems to imagine that one day they’ll just be on all the time—so if there’s a traffic accident or building fire in a community, people can proactively indicate that they are safe.
Depending on the disaster, will people start getting targeted advertising on their social networks for fire insurance or PTSD treatment after a couple of days? And what if you don't want to answer the question “are you safe?” when you’re lying in a hospital bed after a trauma? The question of how these services will evolve shouldn’t imply that they’re not worthwhile. In fact, it is their value that makes exploring their implications so important. Our status updates may feel like tiny, ephemeral acts, but when it comes to these particular notifications, we should be aware of their gravity: They're literally updates on life and death.
Facebook Has Enabled Its “Safety Check” Feature So People in Paris Can Tell Loved Ones They’re OK
As attacks unfolded around Paris on Friday evening, Facebook users located in the city used the network to notify friends and family that they were all right. In addition to posting statuses, users were able to mark themselves as “safe” through Facebook’s Safety Check service.
Facebook launched the feature in 2014 and offered it during the 7.8-magnitude earthquake that hit Nepal in April. Though the situation in Paris involves a violent attack, not a natural disaster, Safety Check operated somewhat similarly Friday. As with the earthquake, there are multiple incident sites and from the beginning the people who were potentially affected were dispersed over a large area.
When my team and I designed Safety Check, we hoped it would never have to be used. Today is a sad day. https://t.co/r8ALu76RaV— J Carla Echevarria (@heravarice) November 14, 2015
Facebook users can navigate to Facebook's Safety Check on their own, but the social network is also sending push notifications to proactively let users know that friends have marked themselves as safe. Facebook can deduce that certain users are in Paris (because they have marked themselves as living there, checked in there recently, and so on) and prompt them to mark themselves as safe, but anyone can navigate to Safety Check and proactively indicate that they are OK.
Grateful for Facebook's safety check feature for Paris tonight. pic.twitter.com/iDJ7dRCroy— Jeff Jarvis (@jeffjarvis) November 14, 2015
If you are in Paris and use Facebook's safety check to say you're okay. I personally can't think of a better notify. https://t.co/YO0bWhmhUc— Zeynep Tufekci (@zeynep) November 14, 2015
Google also offers an emergency service called Person Finder, but it hasn’t yet been activated for the Paris attacks.
Paris attacks remind me of need for tools like Google Person Finder. Wish it were useful now. Not everyone is on FB https://t.co/udrWoSBlUk— NathanOlivarez-Giles (@nateog) November 14, 2015
How Parisians Are Using Twitter Hashtags to Keep Each Other Safe
As a spate of terror attacks rocked Paris on Friday night, people took to Twitter to express solidarity and offer safe haven to those in need. Here’s some brief context on that from our French sister site, Slate.fr:
Internet users are mobilizing on Twitter via the hashtag #porteouverte (open door) to welcome those who are still outside and potentially in danger. In the 10th and 11th arrondissements, where three different shooting attacks took place, residents are tweeting their addresses, saying that people are welcome there, given that gunshots are still being heard in the streets and police have not yet confirmed that the attackers have been arrested.
#PorteOuverte was among the top trending hashtags on Twitter late Friday, and fast gaining momentum, with hundreds of new tweets appearing every few minutes. But as #PorteOuverte also morphed into a rallying cry, Twitter users expressed concern that its proliferation might be making it less useful to those who actually needed help. “Please stop tweeting under this hashtag telling them to look at it,” one person wrote. “It’s harder to find somewhere safe when you’re clogging it.”
#PorteOuverte please stop tweeting under this hashtag telling them to look at it. It's hard to find somewhere safe when you're clogging it.— a. (@almightypal) November 13, 2015
STOP USING #PorteOuverte - ITS CLOGGING THE FEED FOR PEOPLE TRYING FIND SAFETY.— Mack (@HOCMack) November 13, 2015
Others worried that people broadcasting their home addresses publicly might unwittingly be putting themselves at risk.
Most Twitter users currently opening their residences up as shelters appear to be using a combination of #PorteOuverte and “DM”—Twitter shorthand for “direct message”—in their tweets. For example: “#PorteOuverte with hot food and tea in 15th arrondissement if you need safety please DM.” Those seeking assistance can sift through the noise by searching both the hashtag and “DM” on Twitter’s site.
Maybe You Should Be More Suspicious of Your Smartphone Apps
The more we live through our smartphones, the more personal information our devices and the apps we’ve installed on them acquire. Where we’ve been, what we’ve watched, and more is all potentially up for scrutiny. What exactly are we revealing? That’s the subject of a recent study by the Pew Research Center.
Though the researchers focused exclusively on Android phones, their study was massive, examining over 1 million apps from the Google Play store. To conduct an investigation on this scale they used a custom Chrome extension that trawled through the store and pulled information about each app. It took months and ultimately yielded an enormous trove of data about the apps in the store and what permissions they request when downloaded.
Not all of these permissions directly convey information about users. As the study explains, “Permissions range from allowing the app to interact with specific hardware on the device (such as the camera flash) to allowing the app to access a user’s contact list.” The Pew researchers cataloged 235 distinct permissions requests, finding that roughly 70 percent fit into the former category. Of these, the two most common allow apps to connect to the Internet, operations that “do not, by themselves, allow their associated apps to access any user information directly.”
When apps do request more explicitly personal access, they’re not necessarily violating users’ privacy. Common functions of this type include reading a phone’s call logs, accessing contact lists, and discovering a list of accounts from other applications. Information like this is typically necessary for the basic functioning of the app, and there’s no reason to necessarily worry that it’ll be put to problematic use.
How do users feel about these data requests? Skeptical! According to the study, 60 percent of American adults who own smartphones and download apps report choosing “not to install an app when they discovered how much personal information [was] required in order to use it.” A slightly smaller, but still significant, 48 percent said they uninstalled an app they had previously downloaded after learning what information it requested.
If Android owners are representative of smartphone users more generally, we’re a hearteningly cautious bunch. Though we’re apparently willing to release some info about ourselves, the study suggests not all of us are comfortable blindly letting it circulate. And for good reason: As the study notes, “If used incorrectly (or maliciously),” apps with functions seemingly as innocuous controlling a phone’s flashlight or vibration “could potentially damage a user’s device.”
Will Libraries Outlive Books?: A Future Tense Event Recap
A prophecy: By the year 2100, libraries will be both highly distributed and deeply connected, sharing a single collection as they work to meet the emerging demands of their individual communities.
This was the story that James O’Donnell, university librarian at Arizona State University, told at “Will Libraries Outlive Books?”, a Future Tense event held in Washington, D.C., on Nov. 12. It was also a story that O’Donnell and his fellow panelists would complicate and challenge over the course of a far-ranging dialog.
As the lexicographer Jesse Sheidlower, who kicked off the evening, observed, we tend to associate the term library with books. This connection makes it difficult to imagine an affirmative answer to the event’s titular question. But library isn’t etymologically related to books at all, deriving instead from a Latin word for the smooth inner bark of a tree. It was, in this sense, a thing on which one might write rather than a storehouse of what had already been written. Whatever they become, he proposed, libraries will retain that original implication, always “spaces for creation or curiosity,” even if they leave the books behind.
Provocative as this proposal sounds, most of the participants in the event agreed. During the first of the evening’s two panels, Deborah Jacobs, director of the Global Libraries Initiative at the Bill and Melinda Gates Foundation, remarked that it’s important not to lose ourselves in nostalgic ideas of what a library is or should be. (Disclosure: Deborah Jacobs is my mother.) Gesturing to the Aspen Institute’s recent report on public libraries, she insisted that we need to hold ourselves accountable for the institutions we fund by more actively engaging with them.
To Jacobs’ mind, this means spending time in libraries and learning more about the ways people actually take advantage of them. When we demand that libraries maintain print collections no one actually uses, we limit their ability to adapt and grow, potentially denying them a meaningful future in the process. Jacobs and her fellow panelists went on to argue that libraries should be in the business of meeting community needs, whatever those needs might entail.
Stressing the deep historical roots of this obligation, Richard Reyes-Gavilan, executive director of the D.C. Public Library, reminded the audience that the Carnegie libraries, thousands of which were built throughout the world starting in the late 19th century, were originally intended to give their patrons “a leg up,” not just to offer them something to read. But those long-standing commitments don’t mean that libraries can’t change with the times: As Miguel Figueroa, director of the Center for the Future of Libraries, noted, librarians are no longer in the business of prescribing the values of the communities they serve. Where they once furnished resources, their task today may have more to do with helping library users make sense of the plentiful materials already available to them.
Building on this line of thinking, Google’s Daniel M. Russell insisted that helping communities cultivate information literacy today will be key to the library of tomorrow. The more knowledge we have access to, the harder it becomes to sort through it. Helping people overcome this difficulty will count among the key tasks of librarians. This will be the case even if, as Elizabeth Merritt, director of the Center for the Future of Museums, warned, we lack the resources to sustain truly comprehensive collections in 100 years. If so—and perhaps even if not—it will be all the more urgent for librarians to become, as O’Donnell put it, something like Jedi knights, a combination of “wizards and coaches.”
Regardless, the spaces that librarians work out of will continue to shape the work they do, though they also need not limit themselves to traditional facilities. “There needs to be a boundless library that isn’t about the building at all,” Jacobs said. This captured a general sentiment that we must think broadly about what a library is or can be. Still, as Merritt suggested, there may be something seductive on a fundamentally human level about the grand spaces libraries sometimes occupy. More important, though, Russell proposed, may be their status as “a third place.” Neither home nor work, they serve as meeting grounds, venues for, in O’Donnell’s phrase, “collaboration, community, and even conspiracy.”
Predicting what libraries will be like in a century is difficult in part because it inevitably devolves into speculation about what people will be like in a century. Indeed, the panelists jointly hinted that the real task of libraries—now and later—is to help us forge our own futures. There is, in any case, no single future for libraries. They are, Figueroa observed, adaptive institutions, powerful precisely because they are never tied to a single trajectory.
There’s Actually Some Good News About Email Security for Once
When it comes to email security, there's always something to be concerned about, whether it's the Sony Pictures breach, Russian hackers infiltrating White House communications, the Hillary Clinton email scandal, or the data dump from CIA Director John Brennan’s private AOL address. The situation is nonstop. But! On Thursday, Google published new research on its security blog indicating that minimum security precautions may actually be improving among email providers.
Google worked with researchers at the University of Michigan and the University of Illinois to evaluate data from Gmail both in terms of what it could reveal about the email industry in general and the current security status of Gmail itself. The good news is that more email providers are offering email encryption across the board, and the vast majority are using some type of authentication to reduce phishing and impersonation. The researchers compared data from December 2013 and October 2015, and in less than two years they saw significant improvements.
Of course, if these measures had already been in place in 2013, some major individual, corporate, and government hacks could probably have been avoided, but here we are. The researchers also explored some emerging security threats. They noted types of attacks that tamper with the initial encryption of emails and also talked about situations where bad actors spoof directories and routing information so emails can be altered before they ultimately get delivered.
The researchers wrote, "Our measurements show that the use of these secure mail technologies has surged over the past year. However, much of this growth can be attributed to a handful of large providers, and many smaller organizations continue to lag in both deployment and proper configuration."
As a result, users often get better protection when they are emailing other users of the same service, like Gmail to Gmail, as opposed to contacting someone using an unfamiliar provider. Though strong security is obviously crucial, this disparity could eventually have implications for consumers' diversity of choice in the email industry, pushing everyone to put their trust in only a few large services. In the meantime, at least Gmail has shown a strong commitment to security.
Researchers Hacked a Vizio Smart TV to Access Home Networks and Monitor Viewing Habits
Samsung Smart TVs may be listening to everything you say, but new research published Wednesday brings a reminder that there are always new ways to compromise Internet-connected televisions—and the Internet of Things in general.
Researchers at security software company Avast noticed that a Vizio smart TV they were evaluating communicated with a particular site, tvinteractive.tv, about once a second. They were curious about what data the TV was sending to the server, so they devised a man-in-the-middle attack that allowed them to intercept the data the TV sent out and also trick the TV into thinking commands they sent to it were from the server.
They found that the TV was transmitting user viewing records (proof of how many times you've rewatched Blue Planet). A Pro Publica report from Monday also investigated this feature, which Vizio calles “Smart Interactivity.” Julia Angwin explained, “The tracking ... is turned on by default for the more than 10 million Smart TVs that the company has sold. Customers who want to escape it have to opt-out.”
Once they had done the reverse engineering and general trickery to be able to impersonate the TV's trusted server, the researchers realized that if malicious attackers used the same technique they might also be able to infiltrate the home Internet network that the TV was on. Aaron McSorley, a developer at Avast, wrote in a blog post:
McSorley emphasizes that when Avast contacted Vizio about the vulnerability, the company was cooperative and released a patch for its affected smart TVs to protect against this man-in-the-middle approach. Vizio claims that the patch downloads automatically, though Ars Technica notes that a truly autodownloading update would be unusual.
Internet-enabled devices can be compromised by an attacker and used against us. We know this. But when you have to go home and face your TV, it feels unnerving all over again.
The Department of Education’s Plan to Go Open—Open Educational Resources, That Is
In the early 1800s, Thomas Davenport, a poor, young, self-taught blacksmith in Vermont tinkered with magnets to create, and eventually receive a patent for, the first electric motor. Nearly 200 years later, middle-schoolers in Albemarle, Virginia, are tinkering with modern 3-D–printing technology to reconstruct and model his historic invention.
This isn’t the sort of lesson that you would find in a standard middle-school science class. Albemarle County Public School District—in collaboration with the Smithsonian Institution and the University of Virginia—is creating this project-based curriculum with nearly $3 million in support from the Department of Education's Investing in Innovation, or i3, grants. With these competitive grant dollars, the district is developing all of the necessary materials: instructional materials and assessments; detailed directions with figures, photographs, animations, and 3-D–printer files; and even professional development materials for teachers.
According to Chad Ratliff, assistant director of instruction in Albemarle, students today can’t learn about the inner workings of objects they interact with daily, like their iPhones, by just opening them up—they’re too complex. Teaching engineering through historical inventions allows students to break down and understand the basic concepts, while integrating STEM learning with history.
This investment is great for the students of Albemarle, but what about those enrolled in other school districts across the country? Will students, in say, Davenport’s hometown of Williamstown, Vermont, benefit from these kinds of learning experiences?
With little more than a year left in the Obama administration, the Department of Education is taking steps to make sure these kinds of educational materials, developed through public investment, don’t only benefit their grant recipients. The department has proposed that, for its competitive grant programs at least, all grantees would be required to openly license the educational materials they develop. By changing the default to open, the department is betting that it can increase the supply of high-quality open educational resources so that other educators can use and improve upon them.
Open educational resources, commonly defined as “resources that reside in the public domain or have been released under an intellectual property license that permits their free use and re-purposing by others,” have gained traction over the past decade in the field of education, with federal agencies, states, and colleges already exploring the possibilities of open licensing.
It makes sense that resources created with public money should be free for the public to use. And the department sees the potential impact as threefold. First, an open-licensing requirement would allow for more strategic investment, potentially reducing the need to fund duplicative projects. Second, experts in the field would have the ability to improve upon the resources created through its initial investment. Most importantly, the department emphasized that this move could help level the playing field for low-income districts, “promoting equity and especially benefiting resource-poor stakeholders.”
The announcement comes with a few caveats, however. While the Department of Education doles out about $67 billion annually, the vast majority of those dollars are dedicated to formula grants to states and direct grants to individuals—two types of funding that are not covered by the newly proposed rule. Competitive grant funding accounts for just a fraction of that spending—a bit less than $3 billion annually. (The department does not maintain a comprehensive list of annual competitive funding; this estimate was calculated by New America, where I work, based on the latest Department of Education budget information. New America is a partner with Slate and Arizona State in Future Tense.)
That nearly $3 billion, however, supports the development of lessons and instructional plans, professional development resources, and other teaching and learning materials that benefit learners from early childhood through graduate school. Funds go toward supporting the instruction of students from diverse backgrounds, including indigenous groups, migrant students, and students with special needs. Additional programs support literacy, STEM, physical education, arts, and early learning programs. Others target drug prevention programs, student counseling efforts, and efforts to help students navigate the transition from high school to higher education.
The department has already bet big on the promise of open. In partnership with the Department of Labor, it tried out the open licensing requirement on the $2 billion Trade Adjustment Assistance Community College and Career Training program, which provided funding for the development of career training programs. Further, the department’s First in the World grants—which support innovative solutions to increase students’ persistence and completion of college—requires all content produced to carry an open license.
Albemarle’s i3 grant won’t be affected by this potential new rule, but the district is nevertheless eager to share their hard work. According to Ratliff, these curricular materials will be made available on the Smithsonian Institute’s website in full, for any and all to download; the district has already heard from interested educators in Pennsylvania, Texas, and California, as well as several internationally. Once the materials are made available, “any teacher from anywhere in the world can download them and implement them in their classrooms.”
And perhaps these sorts of innovative approaches to learning will inspire the next generation of tinkerers and inventors to follow in Davenport’s footsteps—and into the patent office.
Facebook Is Blocking an Upstart Social Network Should We Be Worried?
Tsu is a new social network that promises to pay its users for posting content to its site. But if want to share your Tsu profile with your Facebook friends, too bad. Facebook is blocking all mentions of “Tsu.co,” the company’s web address. You can’t share a post to a Facebook feed, leave an Instagram comment or send a Facebook Messenger message containing the URL. Tsu’s CEO claims Facebook went so far as to retroactively remove any mention of the site from its archives.
You can’t even share news stories about Tsu, something Xeni Jardin, who wrote about the situation for Boing Boing, discovered Friday when she couldn’t share the story to her own Facebook feed. On Monday, Tech News Today covered Facebook’s ban on all things Tsu.co, and just like the Boing Boing story, readers soon found themselves unable to share it on Facebook.
On first glance it looks like a conspiracy to keep an upstart social network down. But the situation is far more complicated.
Tsu promises to pay users a percentage of its advertising revenue. But it doesn’t base those payouts merely on the number of times someone views your content. It also offers you a cut of the revenue generated by content posted by people you refer to the site. CEO Sebastian Sobczak says the idea is to pay users for the content they post and reward them for helping build the network.
But this model also means users are incentivized to share links to the site not just to increase page views, but to attract new users. That sounds a lot like multi-level marketing, and it’s not hard to imagine people taking advantage of the system. It’s not surprising then that Facebook might flag the site for spam, especially if the number of people posting spam far outnumbered the legitimate posts.
As of Tuesday evening we still couldn’t share the Boing Boing and Tech News Today stories on Facebook without getting an error, but several other stories about Facebook blocking links to Tsu were allowed, so it’s clear that Facebook isn’t blocking all news coverage of the site. As of Wednesday morning, it was possible to share the two stories on Facebook again.
Facebook is within its rights to prevent spam, but its scorched-earth policy of retroactively removing posts seems overkill. Either way, the company’s decision underscores the power Facebook, which is for many people synonymous with the Internet, has over what users can or can’t see. Run afoul of Facebook’s spam algorithms, even accidentally, and you can be practically disappeared from the web.
For its part, Facebook says it blocked Tsu because it violated the company’s policies. “We require all websites and apps that integrate with Facebook to follow our Platform Policy,” Facebook spokeswoman Melanie Ensign told Wired. “We do not allow developers to incentivize content sharing on our platform because it encourages spammy sharing and creates a bad experience for people on Facebook.”
She said she wasn’t aware of errors when sharing Boing Boing andTech News Daily stories, but said someone probably flagged those links as spam separately from Tsu and the engineering team will look into it.
Facebook, however, has offered to unblock Tsu if the company disables the ability to automatically share posts from Tsu to Facebook. “Our automated systems flagged your app for producing spam on our Platform,” a Facebook engineer wrote in an email to Tsu, which provided it to Wired. “Our investigation found your app is incentivizing people to share content to both tsu and Facebook concurrently.”
“In order to come into compliance with this policy, we ask that you remove your app’s ability to share to Facebook,” the email read. “Let us know when you remove this functionality and we will lift the restriction.”
Sobczak says the company has no plans to remove the app’s ability to post to Facebook. “We would just like to be treated equally and fairly,” he says. “We maintain we do not violate any of their terms and conditions.”
Sobczak argues that the analytics dashboard Facebook offers to developers suggested that Tsu had a lower-than-average spam rate compared to other apps. He also doesn’t understand why getting flagged for spam would prompt the removal of old posts containing links to Tsu. And he argues that Tsu doesn’t actively incentivize users to post to Facebook, because Tsu users are paid only if someone visits their Tsu page. They aren’t paid simply for posting content to Facebook. In that sense, he argues, the service is similar to sites like YouTube, which offer revenue sharing to content creators.
Facebook declined to clarify just how it flagged Tsu for spam; why it blocked all links to Tsu.co instead of simply blocking the app; or why it aruges that Tsu is “incentivizing” sharing but YouTube isn’t. Note, however, that YouTube removed the option to automatically post newly uploaded videos to Facebook in April.
Sobczak says he believes Facebook is blocking links to Tsu because it sees Tsu as a threat to its business model. “Their model is based on taking other people’s content, wrapping ads around it,” he says. “What’s making Facebook worry, it’s not that we’re so big, it’s the growth rate, and the philosophy that there’s a better way to do things, a model where the content owners have complete ownership.”
But the idea that Facebook feels threatened by Tsu seems unlikely. Facebook allows links from many other competitors, including Twitter, Tumblr, Pinterest, and Ello. It also allows users to post links to social networks that promise to pay users to post, such as Bubblews. And the idea of sharing revenue with users is hardly a revolutionary. The model has been tried as far back as the mid-1990s by companies like the defunct Suite101, but it didn’t stop the rise of sites like Wikipedia, LiveJournal and, eventually, Facebook, which invited users to post content for free. The idea of sharing wealth with users, however great it may be, is probably not keeping Mark Zuckerberg up at night.
In all likelihood, Tsu, Boing Boing, and Tech News Today fell victim to an overzealous and under-supervised spam algorithm provoked by pyramid schemers. But the fact Facebook might not have knowingly acted to suppress a rival and unfavorable press coverage is of little comfort. Regardless of its reasons, the fact remains that Facebook did prevent people from sharing content that didn’t violate its terms of service, including news stories and non-spam Tsu links posted manually.
Much has been made in recent month’s of Facebook’s increasing control over what we see online. The rise of social movements like Black Lives Matter are heavily dependent on social media, but Facebook’s algorithms didn’t initially surface many posts about the early days of the Ferguson, Missouri, protests last year. Publishers, meanwhile, depend upon Facebook to get their articles seen by their readers, and questions abound about what that’s going to mean for the future of journalism. For example, what will happen if journalists use the company’s Instant Articles program to publish pieces critical of Internet.org or the company’s political lobbying or the Instant Articles program itself? Will publishers that aren’t part of the Instant Articles program still be able to find an audience at all?
This power affects more than just journalists and activists. Facebook also is one of the primary platforms for getting word out about new apps, startups, and businesses of all types. To be banned from the platform could mean doom. That’s an even bigger concern in developing countries where Facebook’s Internet.org acts a sort of gatekeeper for the mobile internet. Although some have proposed regulating Google like a public utility, the Federal Communications Commission’s new network neutrality regulations, which require Internet service providers to treat all traffic equally, will have no bearing on the likes of Google and Facebook, even as they amass more power to control what we see and do on the web.
Of course, all is not lost. Ferguson became an international news story despite Facebook’s algorithmic apathy, largely in part through competitors like Twitter and Tumblr. Tsu will likely get more attention thanks to this snafu than it would have otherwise. If you can read this article, it means something is going right. But it could all go wrong in a hurry if we’re not vigilant.
Also in Wired: