crazygringo
14 hours ago
> Schrems had complained that Facebook had processed personal data including information about his sexual orientation to target him with online advertising, even though he had never disclosed on his account that he was gay. The only time he had publicly revealed this fact was during a panel discussion.
But processed what personal data? Where would Facebook even get reliable data on users' sexual orientation in bulk? It's not like you can buy that the way you can get credit scores or geographic locations. (Or can you? I've never heard of it.)
I'm very curious for the actual details here. And just because you get ads for products that seem to be marketed to the gay population, what leads the court to determine FB "identified" him as gay? My YouTube regularly has random ads in Spanish probably just because of some bug. Most ads seem to mistarget me, in fact.
bastawhiz
13 hours ago
I'd guess that it's inferred from the content you interact with. If you spend a lot of time liking fireman calendar photoshoots and give no likes to women in swimsuits, there's a reasonable inference to be made.
I'd also guess that Facebook can do this pretty reliably for gender and age, martial status, parental status, and lots of other things.
justinclift
5 hours ago
> If you spend a lot of time liking fireman calendar photoshoots ...
That could be incorrect if (say) someone was researching fireman calenders for some non-sexual reason. ie boss assigned them the task of writing an article about fireman calenders through history
I'd have to wonder what other weird things such a person would be labelled with, given that they'd probably be researching a bunch of topics every week or so. ;)
gruez
3 hours ago
>That could be incorrect if (say) someone was researching fireman calenders for some non-sexual reason. ie boss assigned them the task of writing an article about fireman calenders through history
That's fine. It doesn't have to be accurate for every single individual. As long as it's vaguely accurate to bring a targeting uplift, it'll be worthwhile to use.
kgeist
13 hours ago
What if the underlying algorithm simply matches "users who like X also like Y" without having concepts like sexual orientation baked in. And it just happened that it accidentally suggested certain things gay people generally like, because Max Schrems liked that "X" once.
golergka
10 hours ago
Is inferring something from data you legally obtained illegal or immoral?
seanhunter
10 minutes ago
The short answer to your question is it is obviously unethical unless it is specifically done for a relevant and lawful purpose and it can absolutely be illegal depending on the data protection regime you are operating under. Specifically in the UK and EU, sexual orientation is a highly-protected class of personal information known as "Special Category Data". The UK ICO has actually issued guidance on the legality of inference on this category of data[1]:
If this is the case, then you are processing special category data regardless of how confident you are that the inference is correct.
If you carry out any form of profiling which infers things like ethnicity, beliefs, politics, health status (condition or risks), sexual orientation or sex life, you will be processing special category data and must identify an Article 9 condition for processing.
The only article 9 conditions that suffice to make processing of special category data legal are "explicit consent", "not for profit bodies" (under certain conditions) and "substantial public interest" [2][1] https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
[2] https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
Spivak
9 hours ago
Only in tech can you ask a question like this and have it be taken seriously. Which is ironic because we're the people who understand authz vs authn.
I'm sure from their ToS Facebook legally has claim to my firstborn but this is obviously flagrantly unethical. There's too much money to be made behaving unethically for any legal hurdles to exist. There is a reasonable expectation about what you are allowed to do with someone else's data that you're stewarding. And data-mining your users to discover information they haven't and wouldn't voluntarily disclosed you isn't one of them. Hell in most cases accessing that data at all not in service of a direct user request shouldn't be allowed.
There is no reason for Google to access files stored in my Google Drive except to serve them back to me when asked.
I say this as someone who at $dayjob is a steward of petabytes of extremely personal data about people. I/my company would be genuinely be betraying our users' trust if we pulled something like this. Because we could and it would even arguably be useful, but it would be a complete violation of their privacy.
Does end-running around privacy by saying, "well I technically didn't violate your privacy I just compared your semi-private data you gave us/we collected to millions of other people and now know a bunch of private information about you with high accuracy" feel like it would go over well with people?
bastawhiz
9 hours ago
Both, as it turns out
bastawhiz
12 hours ago
But that's not how Facebook sells ads. It would be one thing to recommend more content like what you've engaged with already. It's another thing to let advertisers check boxes that let them say "sell my product to gay men between the ages of 25 and 35" and to satisfy that without ever having the user tell you their orientation or age. Facebook deliberately crunches the numbers and produces a clear signal from them that advertisers can filter on.
valicord
9 hours ago
No, that really is how Facebook sells ads: https://www.facebook.com/business/help/164749007013531?id=40...
bastawhiz
9 hours ago
Creating a lookalike audience is literally just saying "create ad targeting that parallels the things that would target this other group of people". Just because you're not specifically choosing interests or behaviors and instead relying on automation to do the work doesn't mean that's not what's happening under the hood. "Show this ad to mothers" is effectively the same as "here's 100 mothers, show this ad to people like them".
This differs from betting shown recommendations because you're actively being targeted.
yunohn
7 hours ago
Hmm, not exactly. It’s more akin to “here’s 100 customers, show my ad to others who have similar interests/behaviors”. You don’t upload a list of 100 identical customers, nor would that be useful for lookalikes.
kgeist
9 hours ago
They do have a checkbox "Sell to gay men"?
bastawhiz
9 hours ago
Incidentally they removed the checkbox for LGBT targeting in 2022, but that doesn't mean you can't get the same results with other targeting options.
phito
8 hours ago
Facebook (and others) don't just track you on their website. They do so on every website that includes their "like button", "analytics", "ads" and such
7bit
5 hours ago
Reading your reply I just became aware that I haven't seen a single thumbs up button outside Facebook for maybe ten years. In 2011 they were everywhere and I remember that I implemented them on my personal website. I'm a hobby dev, so that was a big deal for me. How curious!
naming_the_user
7 hours ago
So, you claim that you're not interested in software development, but somehow according to this data we have here, you spend an hour a day reading Linux kernel mailing lists.
Curious.
justinclift
5 hours ago
That'd be explaining by someone trying to "fix the damn disconnection bug with this new usb $THING I bought a few weeks ago".
Stuff like that often ends up trawling through LKML posts trying to figure out wtf kernel might have a fix, potential things to try, and so on.
Probably also by people with zero interest in software development themselves.
dumbo-octopus
13 hours ago
FB trackers that phone home on various websites, for one.
nprateem
7 hours ago
They can infer it from your friends who do publicise it. Same as political views, etc