A place to cache linked articles (think custom and personal wayback machine)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
  1. <!doctype html><!-- This is a valid HTML5 document. -->
  2. <!-- Screen readers, SEO, extensions and so on. -->
  3. <html lang="fr">
  4. <!-- Has to be within the first 1024 bytes, hence before the `title` element
  5. See: https://www.w3.org/TR/2012/CR-html5-20121217/document-metadata.html#charset -->
  6. <meta charset="utf-8">
  7. <!-- Why no `X-UA-Compatible` meta: https://stackoverflow.com/a/6771584 -->
  8. <!-- The viewport meta is quite crowded and we are responsible for that.
  9. See: https://codepen.io/tigt/post/meta-viewport-for-2015 -->
  10. <meta name="viewport" content="width=device-width,initial-scale=1">
  11. <!-- Required to make a valid HTML5 document. -->
  12. <title>Facebook Fired Dozens Over Abusing Access to User Data, New Book Says (archive) — David Larlet</title>
  13. <meta name="description" content="Publication mise en cache pour en conserver une trace.">
  14. <!-- That good ol' feed, subscribe :). -->
  15. <link rel="alternate" type="application/atom+xml" title="Feed" href="/david/log/">
  16. <!-- Generated from https://realfavicongenerator.net/ such a mess. -->
  17. <link rel="apple-touch-icon" sizes="180x180" href="/static/david/icons2/apple-touch-icon.png">
  18. <link rel="icon" type="image/png" sizes="32x32" href="/static/david/icons2/favicon-32x32.png">
  19. <link rel="icon" type="image/png" sizes="16x16" href="/static/david/icons2/favicon-16x16.png">
  20. <link rel="manifest" href="/static/david/icons2/site.webmanifest">
  21. <link rel="mask-icon" href="/static/david/icons2/safari-pinned-tab.svg" color="#07486c">
  22. <link rel="shortcut icon" href="/static/david/icons2/favicon.ico">
  23. <meta name="msapplication-TileColor" content="#f7f7f7">
  24. <meta name="msapplication-config" content="/static/david/icons2/browserconfig.xml">
  25. <meta name="theme-color" content="#f7f7f7" media="(prefers-color-scheme: light)">
  26. <meta name="theme-color" content="#272727" media="(prefers-color-scheme: dark)">
  27. <!-- Documented, feel free to shoot an email. -->
  28. <link rel="stylesheet" href="/static/david/css/style_2021-01-20.css">
  29. <!-- See https://www.zachleat.com/web/comprehensive-webfonts/ for the trade-off. -->
  30. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_regular.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)" crossorigin>
  31. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_bold.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)" crossorigin>
  32. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_italic.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)" crossorigin>
  33. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_regular.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  34. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_bold.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  35. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_italic.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  36. <script>
  37. function toggleTheme(themeName) {
  38. document.documentElement.classList.toggle(
  39. 'forced-dark',
  40. themeName === 'dark'
  41. )
  42. document.documentElement.classList.toggle(
  43. 'forced-light',
  44. themeName === 'light'
  45. )
  46. }
  47. const selectedTheme = localStorage.getItem('theme')
  48. if (selectedTheme !== 'undefined') {
  49. toggleTheme(selectedTheme)
  50. }
  51. </script>
  52. <meta name="robots" content="noindex, nofollow">
  53. <meta content="origin-when-cross-origin" name="referrer">
  54. <!-- Canonical URL for SEO purposes -->
  55. <link rel="canonical" href="https://www.businessinsider.com/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7">
  56. <body class="remarkdown h1-underline h2-underline h3-underline em-underscore hr-center ul-star pre-tick" data-instant-intensity="viewport-all">
  57. <article>
  58. <header>
  59. <h1>Facebook Fired Dozens Over Abusing Access to User Data, New Book Says</h1>
  60. </header>
  61. <nav>
  62. <p class="center">
  63. <a href="/david/" title="Aller à l’accueil"><svg class="icon icon-home">
  64. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-home"></use>
  65. </svg> Accueil</a> •
  66. <a href="https://www.businessinsider.com/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" title="Lien vers le contenu original">Source originale</a>
  67. </p>
  68. </nav>
  69. <hr>
  70. <ul class="summary-list">
  71. <li>Facebook fired 52 people from 2014 to August 2015 over abusing access to user data, a new book says.</li>
  72. <li>One person used data to find a woman he was traveling with who had left him after a fight, the book says.</li>
  73. <li>Changes to retention of such data were "antithetical to Mark's DNA," one employee told the authors.</li>
  74. <li id="recirc"><a href="https://www.businessinsider.com/?hprecirc-bullet" data-analytics-module="summary_bullets">See more stories on Insider's business page</a>.</li>
  75. </ul>
  76. <p data-bi-ad="" id="gpt-post-sai-mobile_in_post_ad-fluid-1" class="ad ad-wrapper fluid in-post only-mobile" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Mobile In Post Ad" data-responsive='[{"browserLimit":[0,0],"slotSize":[[300,600],[300,150],[300,100],[300,50],[300,250],[320,150],[320,100],[320,50],"fluid"]}]' data-tile-order="tile-1" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[300,600],[300,100],[300,50],[300,250],[320,100],[320,50]]"></p>
  77. <p data-bi-ad="" id="gpt-post-sai-desktop_in_post_ad-fluid-1" class="ad ad-wrapper fluid in-post only-desktop" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Desktop In Post Ad" data-responsive='[{"browserLimit":[728,0],"slotSize":[[300,250],"fluid"]},{"browserLimit":[1260,0],"slotSize":[[728,90],[300,250],[800,480],[600,480],"fluid"]}]' data-tile-order="tile-1" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[728,90],[300,250]]" data-not-lazy=""></p>
  78. <p>A Facebook engineer abused employee access to user data to track down a woman who had left him after they fought, a new book said.</p>
  79. <p>Between January 2014 and August 2015, the company fired 52 employees over exploiting user data for personal means, said an advance copy of "<a href="https://www.harpercollins.com/products/an-ugly-truth-sheera-frenkelcecilia-kang?variant=32999376551970" data-analytics-module="body_link">An Ugly Truth: Inside Facebook's Battle for Domination</a>" that Insider obtained.</p>
  80. <p>The engineer, who is unnamed, tapped into the data to "confront" a woman with whom he had been vacationing in Europe after she left the hotel room they had been sharing, the book said. He was able to figure out her location at a different hotel.</p>
  81. <p>Another Facebook engineer used his employee access to dig up information on a woman with whom he had gone on a date after she stopped responding to his messages. In the company's systems, he had access to "years of private conversations with friends over Facebook messenger, events attended, photographs uploaded (including those she had deleted), and posts she had commented or clicked on," the book said. Through the Facebook app the woman had installed on her phone, the book said, the engineer was also able to see her location in real time.</p>
  82. <p data-bi-ad="" id="gpt-post-sai-mobile_in_post_ad-fluid-2" class="ad ad-wrapper fluid in-post only-mobile" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Mobile In Post Ad" data-responsive='[{"browserLimit":[0,0],"slotSize":[[300,600],[300,150],[300,100],[300,50],[300,250],[320,150],[320,100],[320,50],"fluid"]}]' data-tile-order="tile-2" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[300,600],[300,100],[300,50],[300,250],[320,100],[320,50]]"></p>
  83. <p data-bi-ad="" id="gpt-post-sai-desktop_in_post_ad-fluid-2" class="ad ad-wrapper fluid in-post only-desktop" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Desktop In Post Ad" data-responsive='[{"browserLimit":[728,0],"slotSize":[[300,250],"fluid"]},{"browserLimit":[1260,0],"slotSize":[[728,90],[300,250],[800,480],[600,480],"fluid"]}]' data-tile-order="tile-2" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[728,90],[300,250]]"></p>
  84. <p>Facebook employees were granted user data access in order to "cut away the red tape that slowed down engineers," the book said.</p>
  85. <p>"There was nothing but the goodwill of the employees themselves to stop them from abusing their access to users' private information," wrote Sheera Frenkel and Cecilia Kang, the book's authors. They added that most of the employees who abused their employee privileges to access user data only looked up information, although a few didn't stop there.</p>
  86. <p><em><strong>Read more: </strong><a href="https://www.businessinsider.com/ypo-young-presidents-organization-secret-club-for-ceos-2021-4?inline-read-more" data-e2e-name="inline-read-more-link" data-analytics-module="body_link">Inside the secret club that helps prepare young CEOs to take over the world</a></em></p>
  87. <p>Most of the engineers who <a href="https://markets.businessinsider.com/news/stocks/facebook-fires-employee-accused-of-stalking-women-on-tinder-2018-5-1023113775" data-analytics-module="body_link">took advantage</a> of access to user data were "men who looked up the Facebook profiles of women they were interested in," the book said.</p>
  88. <p data-bi-ad="" id="gpt-post-sai-mobile_in_post_ad-fluid-3" class="ad ad-wrapper fluid in-post only-mobile" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Mobile In Post Ad" data-responsive='[{"browserLimit":[0,0],"slotSize":[[300,600],[300,150],[300,100],[300,50],[300,250],[320,150],[320,100],[320,50],"fluid"]}]' data-tile-order="tile-3" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[300,600],[300,100],[300,50],[300,250],[320,100],[320,50]]"></p>
  89. <p data-bi-ad="" id="gpt-post-sai-desktop_in_post_ad-fluid-3" class="ad ad-wrapper fluid in-post only-desktop" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Desktop In Post Ad" data-responsive='[{"browserLimit":[728,0],"slotSize":[[300,250],"fluid"]},{"browserLimit":[1260,0],"slotSize":[[728,90],[300,250],[800,480],[600,480],"fluid"]}]' data-tile-order="tile-3" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[728,90],[300,250]]"></p>
  90. <p>Facebook told Insider it fired employees found to have accessed user data for nonbusiness purposes.<u></u></p>
  91. <p>"We've always had zero tolerance for abuse and have fired every single employee ever found to be improperly accessing data," a spokesperson told Insider in a statement. "Since 2015, we've continued to strengthen our employee training, abuse detection, and prevention protocols. We're also continuing to reduce the need for engineers to access some types of data as they work to build and support our services." <u></u></p>
  92. <h2>A problem that cropped up 'nearly every month'</h2>
  93. <p>Mark Zuckerberg, Facebook's CEO, was first made aware of the problem in September 2015, when Alex Stamos, Facebook's chief security officer at the time, raised the issue with him. In a presentation to Zuckerberg and the company's top executives, Stamos said engineers had abused the access "nearly every month," the book said.</p>
  94. <p>At the time, more than 16,000 employees had <a href="https://www.businessinsider.com/google-engineer-stalked-teens-spied-on-chats-2010-9" data-analytics-module="body_link">access to users' private data</a>, the book said. Stamos suggested tightening access to fewer than 5,000 employees and fewer than 100 for particularly sensitive information such as passwords. He proposed requiring employees to submit formal requests for access to private data but received pushback from executives. Zuckerberg said changes on the matter were "a top priority" and tasked Stamos with finding a solution and giving an update in a year, the book said.</p>
  95. <p data-bi-ad="" id="gpt-post-sai-mobile_in_post_ad-fluid-4" class="ad ad-wrapper fluid in-post only-mobile" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Mobile In Post Ad" data-responsive='[{"browserLimit":[0,0],"slotSize":[[300,600],[300,150],[300,100],[300,50],[300,250],[320,150],[320,100],[320,50],"fluid"]}]' data-tile-order="tile-4" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[300,600],[300,100],[300,50],[300,250],[320,100],[320,50]]"></p>
  96. <p data-bi-ad="" id="gpt-post-sai-desktop_in_post_ad-fluid-4" class="ad ad-wrapper fluid in-post only-desktop" data-force="" data-type="ad" data-adunit="business/tech/post" data-secvert="" data-pagetype="post" data-tag="facebook,personal-data" data-authors="sarah-jackson" data-region="Desktop In Post Ad" data-responsive='[{"browserLimit":[728,0],"slotSize":[[300,250],"fluid"]},{"browserLimit":[1260,0],"slotSize":[[728,90],[300,250],[800,480],[600,480],"fluid"]}]' data-tile-order="tile-4" data-url="/facebook-fired-dozens-abusing-access-user-data-an-ugly-truth-2021-7" data-amazontamsizes="[[728,90],[300,250]]"></p>
  97. <p>But changes that would limit data retention were "antithetical to Mark's DNA," one employee told the book's authors.</p>
  98. <p>The employee added, "At various times in Facebook's history there were paths we could have taken, decisions we could have made, which would have limited, or even cut back on, the user data we were collecting," Frenkel and Kang wrote. "Even before we took those options to him, we knew it wasn't a path he would choose."</p>
  99. </article>
  100. <hr>
  101. <footer>
  102. <p>
  103. <a href="/david/" title="Aller à l’accueil"><svg class="icon icon-home">
  104. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-home"></use>
  105. </svg> Accueil</a> •
  106. <a href="/david/log/" title="Accès au flux RSS"><svg class="icon icon-rss2">
  107. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-rss2"></use>
  108. </svg> Suivre</a> •
  109. <a href="http://larlet.com" title="Go to my English profile" data-instant><svg class="icon icon-user-tie">
  110. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-user-tie"></use>
  111. </svg> Pro</a> •
  112. <a href="mailto:david%40larlet.fr" title="Envoyer un courriel"><svg class="icon icon-mail">
  113. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-mail"></use>
  114. </svg> Email</a> •
  115. <abbr class="nowrap" title="Hébergeur : Alwaysdata, 62 rue Tiquetonne 75002 Paris, +33184162340"><svg class="icon icon-hammer2">
  116. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-hammer2"></use>
  117. </svg> Légal</abbr>
  118. </p>
  119. <template id="theme-selector">
  120. <form>
  121. <fieldset>
  122. <legend><svg class="icon icon-brightness-contrast">
  123. <use xlink:href="/static/david/icons2/symbol-defs.svg#icon-brightness-contrast"></use>
  124. </svg> Thème</legend>
  125. <label>
  126. <input type="radio" value="auto" name="chosen-color-scheme" checked> Auto
  127. </label>
  128. <label>
  129. <input type="radio" value="dark" name="chosen-color-scheme"> Foncé
  130. </label>
  131. <label>
  132. <input type="radio" value="light" name="chosen-color-scheme"> Clair
  133. </label>
  134. </fieldset>
  135. </form>
  136. </template>
  137. </footer>
  138. <script src="/static/david/js/instantpage-5.1.0.min.js" type="module"></script>
  139. <script>
  140. function loadThemeForm(templateName) {
  141. const themeSelectorTemplate = document.querySelector(templateName)
  142. const form = themeSelectorTemplate.content.firstElementChild
  143. themeSelectorTemplate.replaceWith(form)
  144. form.addEventListener('change', (e) => {
  145. const chosenColorScheme = e.target.value
  146. localStorage.setItem('theme', chosenColorScheme)
  147. toggleTheme(chosenColorScheme)
  148. })
  149. const selectedTheme = localStorage.getItem('theme')
  150. if (selectedTheme && selectedTheme !== 'undefined') {
  151. form.querySelector(`[value="${selectedTheme}"]`).checked = true
  152. }
  153. }
  154. const prefersColorSchemeDark = '(prefers-color-scheme: dark)'
  155. window.addEventListener('load', () => {
  156. let hasDarkRules = false
  157. for (const styleSheet of Array.from(document.styleSheets)) {
  158. let mediaRules = []
  159. for (const cssRule of styleSheet.cssRules) {
  160. if (cssRule.type !== CSSRule.MEDIA_RULE) {
  161. continue
  162. }
  163. // WARNING: Safari does not have/supports `conditionText`.
  164. if (cssRule.conditionText) {
  165. if (cssRule.conditionText !== prefersColorSchemeDark) {
  166. continue
  167. }
  168. } else {
  169. if (cssRule.cssText.startsWith(prefersColorSchemeDark)) {
  170. continue
  171. }
  172. }
  173. mediaRules = mediaRules.concat(Array.from(cssRule.cssRules))
  174. }
  175. // WARNING: do not try to insert a Rule to a styleSheet you are
  176. // currently iterating on, otherwise the browser will be stuck
  177. // in a infinite loop…
  178. for (const mediaRule of mediaRules) {
  179. styleSheet.insertRule(mediaRule.cssText)
  180. hasDarkRules = true
  181. }
  182. }
  183. if (hasDarkRules) {
  184. loadThemeForm('#theme-selector')
  185. }
  186. })
  187. </script>
  188. </body>
  189. </html>