Mark Zuckerberg calls out the NSA and pushes for people to "build the internet we want"

About an hour ago, Mark said this in a public Facebook post:

As the world becomes more complex and governments everywhere struggle, trust in the internet is more important today than ever.

The internet is our shared space. It helps us connect. It spreads opportunity. It enables us to learn. It gives us a voice. It makes us stronger and safer together.

To keep the internet strong, we need to keep it secure. That's why at Facebook we spend a lot of our energy making our services and the whole internet safer and more secure. We encrypt communications, we use secure protocols for traffic, we encourage people to use multiple factors for authentication and we go out of our way to help fix issues we find in other people's services.

The internet works because most people and companies do the same. We work together to create this secure environment and make our shared space even better for the world.

This is why I've been so confused and frustrated by the repeated reports of the behavior of the US government. When our engineers work tirelessly to improve security, we imagine we're protecting you against criminals, not our own government.

The US government should be the champion for the internet, not a threat. They need to be much more transparent about what they're doing, or otherwise people will believe the worst.

I've called President Obama to express my frustration over the damage the government is creating for all of our future. Unfortunately, it seems like it will take a very long time for true full reform.

So it's up to us -- all of us -- to build the internet we want. Together, we can build a space that is greater and a more important part of the world than anything we have today, but is also safe and secure. I'm committed to seeing this happen, and you can count on Facebook to do our part.

Read more on his timeline

Speaking of a hypocrite lol...

He's just become really scared of the fines and the loss of business now that the EU parliament has voted on the digital rights...

Facebook is arguably the worst offender.

The NSA at least has the job to protect a country, he's invading on people's rights just to make a buck...

I agree with Zoltan. Facebook has been selling your data for years.

All I hear is bs. Spoken like a true politician Zuckerberg. 

  Agree'd...

 Which is why i haven't logged into Bookface in..... 4 years now....

 Still sending me goddamn email alerts about "Pokes" and "Do you know blah blah person?" every bloody day though -.-

What a load of bullshit.

Facebook makes it's money via targeted and non-targeted ads. Users of facebook who have not opted out of targeted ads are served ads based upon their history by a third party ad company. Facebook knows who you are but anonymizes that information before it's made available to the ad company preventing that third party from linking a real identity to a specific ad served. It's possible to "track" users in this way but do so effectively anonymously, to third parties.

Several important factors are at play here and once considered can lead one to the conclusion that what Facebook is doing is legitimate business strategy while the NSA's collection of information is a violation of the constitution (article 4).

1) There is an opt-out option for Facebook tracking ads

2) There is an opt-in option for using Facebook and another to close the account

3) Facebook can at most close your account for any perceived violation, not just "disapear" anyone

4) Facebook's targeted ad system prevents abuse by anonymizing data prior to distribution; the NSA's data collection strategy is inherently real identity centric.

5) Facebook has taken some real steps towards increasing user privacy, like ubiquitous https preventing user session hijacking on open wifi and a multifactor option, where as the NSA is trying to systematically undermine ssl.

What the NSA is doing violates people's constitutional right to privacy, de-legitimizing any claim they once had to be on the side of the people. In addition, their domestic surveillance programs creates a system that has been (and will continue to be) abused by those in power, allows the united states of america to be properly categorized as a "surveillance state" and represents a move to the very same totalitarian state politics that it had fought against during WWII and the cold war.

I whole heartedly agree with mark zuckerberg's comments on the issue and am glad that Facebook, at least in name, is not supporting the NSA's systematic abuse programs. It's also a travesty to try to argue that Facebook is worse than the NSA given the points I listed above.

Lolz...

Article 4 of the US Constitution regulates the relationship between the federal institutions and the states, it deals with extradition, freedom of movement, etc... I really don't see how that affects what the NSA is doing.

What you probably mean is the 4th Amendment to the US Consitution, which is part of the Bill of Rights.

Let me tell you how the 4th Amendment works: it's a fucking constitutional right! That means that it supersedes any lower rule of law, including contract law. That means that Facebook cannot hide from the 4th Amendment behind a curtain of exonerating terms of service. Right now, Facebook is an instrument in bypassing the 4th Amendment rights, and they get paid to fulfill that role.

Another consitutional right Facebooks scores really badly with, is the 1st Amendment right: Facebooks term of service work like the Sharia: it tells people that if they don't want to be cyberbullied by retards, they just have to forego on their 1st Amendment right and make their account private... it's the same as telling women to wear a burkah in public and never speak to anyone in order to prevent inciting retarded behaviour by men?

Facebook does not use end-to-end encryption, does not provide any prior information to the users on the purpose and the extent of the use of their digital data, and has some really crazy terms of service, which imply that the users tacitly waive or transfer higher rights, without being properly informed by Facebook about this.

The NSA does what the NSA was told to do by the representatives of the citizens. Citizens can vote for another job description of the NSA, but to be honest, the only thing the NSA is doing wrong at the moment, is engaging in acts of war (deploying cyber warfare weapons) in other countries, without proper mandate from the US president. The US can only take up arms against another sovereign state if the US president explicitly allows this. The US president was never even asked, and the NSA and CIA are massively deploying cyber warfare weapons in other countries. This is also a direct violation of the UN manifest. The solution is that the NSA should work together with the states in which they want to conduct specific surveillance. That's the way it was solved in NATO, that's the way it was solved in Interpol, that's the civilized way of conducting surveillance, which is necessary to ensure the safety of the state and its citizens, without denying people of their fundamental rights. The official UN standpoint of the US diplomatic corps to the UN, was that the US only has to guarantee the respect for human rights in the US itself, and that other people don't have any human rights for the US. That is of course complete bullshit, and the US will pay the price for that behaviour.

Facebook is a for-profit corporation. They have no business gathering data except in the execution of a contract with customers. A valid contract has to be clear and defined, and requires proper consideration. A valid contract also implies the right to termination. That implies the user's right to be forgotten, and the right of the user to verify and enforce the proper execution of such an order to erase all data, the right of the user to receive a copy of all the data stored about him to the fullest extent on first demand, and the right of the user to edit and correct that data. Facebook respects none of those rights. In fact, by using user data to sell to third parties, they forego control over that data, control that is actually the right of the user to hold, so Facebook de facto wastes user's rights. Since this data was confied in the framework of the execution of a contract that does not contain an explicit mandate to Facebook to dispose of the user's rights (which would not even be permissible), Facebook violates every single contract with every single user.

No new laws are needed, only logic is needed. The bullshit just needs to stop. US corporations need to grow up and start earning their money with honest contracts.

I really don't know if I believe his words or not. He may be lying out his ass in the public statement to improve facebook's image, he may be sincere. I have no idea anymore. 

For me to believe 100% either way I would require hard evidence on either side of the argument. If anyone has such evidence please bring it forward. That's all I'll say.

You should really read Facebook's explanation of their Terms of Service.

https://www.facebook.com/about/privacy and /about/privacy/your-info

Most of what you said about facebook is simply false. Facebook allows for data ex filtration, account deletion, a user can informally verify their data has been deleted by attempting to sign up again with the same email, people can edit their profiles and maintain fine-grained privacy settings. The point of end-to-end encryption is to prevent third parties from having access but facebook is about exactly that. An example would be viewing a post made by a friend to another friend and hence end-to-end encryption makes no sense on the platform beyond connectivity to it.

When considering how data is used in conjunction with third parties, I think the core issue is that you're confusing personal data with personally identifiable information. We generally think of user data, as our laws reflect, in terms of personally identifiable information but advertising on the internet is a different beast entirely. Considering that US law doesn't properly take into account the existence of the internet, it's a bit much to presuppose that existing contract law sufficiently covers the gray area of personalized advertising.

"We only provide data to our advertising partners or customers after we have removed your name and any other personally identifying information from it, or have combined it with other people's data in a way that it no longer personally identifies you."

The sharing of large quantities of non-personalized data between marketing providers is a new phenomenon and it's not clear how existing laws should apply and what would be in the public's best interest. Certainly your strict view is one end of the spectrum and another is that users should have no expectation of being able to control that data since it is no longer personally identifiable. When personally identifiable information is shared, it's done so with the user's permission which can be modified under account settings. How that data is used, including examples, are found in their terms of service, with the explanation linked above.

I find it very odd that you seem to view US laws very strictly but what you actually describe is the European system of how sharing information works. In the US, once a party has disclosed information publicly, and information on Facebook is considered public, a user no longer has any reasonable expectation of privacy to that information. Or, if you want to view it in terms of contract law, then then the data can be considered a business record and US law holds that expired business records (anything older than 90 days) are not subject to the protection of law. In addition, if facebook had to demonstrate user data deletion between itself and third parties, this could promote the creation of centralized databases for its users between them and third parties and allow greater potential for abuse both in capability and degree. Game theory man. Decentralization is what's pragmatic to prevent large scale abuse and I'm not comfortable giving multiple large companies incentives to centralize.

Instead of thinking of what is happening in terms of existing law, we should try to think about what exactly we are trying to prevent, stop or promote and act accordingly.

Large databases filled with personally identifiable information in the hands of those with tangible power, who have a history of abusing that power is what I don't want. That is exactly what the NSA has now. This makes the NSA, with it's history of squashing dissenters like William Binney, Thomas Drake and Snowden, a substantial threat to individuals, businesses, the international interests of both the US and other entities. In practice, a database with that much sensitive information will always be abused by those in power. Lively informed debate is a critical aspect of every democracy and that includes the right to be critical of or denounce actions taken by the government. The NSA has stepped beyond the law by holding itself above the constitution. Apparently, you don't think "Let me tell you how the 4th Amendment works: it's a fucking constitutional right!" applies to the NSA and they certainly agree with you. 

The director of the NSA has lied to the american people by lying to both the house and senate, and at that moment, the NSA stopped representing me or my interests as an american citizen. Abuses by facebook can be either managed or solved completely by opting out (or not "opting in") various aspects of the service including the use of the service itself. There is no "opt-out" of prism, just big-brother telling us to "trust" him, while in the panopticon of cyberspace. I don't want to live in that prison and neither should anyone else.

Assuming he is sincere (which he probably is), does it really matter ?

All Zuckerburg really said was: I'm angry and i'm not going to to anything about it.

Why not threaten to close Facebook and unleash the wrath of the users, unless Obama ends the NSA-surveillance-madness.

In the end intentions are meaningless, actions and the result of those actions is what counts.

I believe that the overall impact of facebook on society will be negative:

Facebook is farming people like data cattle. Everybody who extensively used facebook probably lost enough data, to be become victims of discrimination. Employers , Insurance-companies etc will use this data & try to weed out the "low-quality" people.

Regardless how nonsensical the idea of judging people with a computer-algorithm (with at most the intelligence of an earthworm) is. They will do it anyway, because they got barely anything else to go on.

So for allot of people Facebook might become the most expensive web-site/service they ever used. That includes the Boss who picked the really shitty employee, because of a nice facebook-data-set.

Errrr... that's the link to their privacy policy... dude, Facebook informs it's users so well that it's fanboys can't even distinguish the terms of service and the privacy policy... I'm sorry, but your posts about this (first not distinguishing the articles of the consitution with the bill of rights amendments, now not distinguishing the terms of service with the privacy policy...) are way outside of reasonably tolerances.

Terms of service, privacy policy, whatever... does not supersede the bill of rights. Facebook can put in them what they want, they're still perverted lying motherfuckers for what they do...

How about civil servants of the social administration roaming Facebook data in order to gather evidence to support a decision to retract unemployment benefits... this is done every single day, and it violates both the character of the content on Facebook which falls under the 1st Amendment, and the procedural guarantees of the citizen who's benefits were retracted under the 4th Amendment. That's all...

I view their privacy policy as their explanation to their legal-babble ToS. I thought I made that clear by implying it so strongly. I also meant the 4th article [of the bill of rights], more formally known as the 4th amendment when I was referring to rights/violations.

Facebook may not be anyone's favorite company when it comes to privacy, but my core point is that they are nothing, barely a blip on the radar at all, compared to the NSA in terms of their violations and future malicious potential.

You've not sufficiently countered any core principle regarding whether or not we should support Zuckerberg's efforts and stand in solidarity with him. Instead you've responded with a non-sequitur about disagreeing how the social welfare aspects of our society determine eligibility. Good day sir.

I'm not sure, but I think PRISM collects from facebook. A growing real concern for the NSA is the "going dark" problem with the internet as more connections become SSL. If facebook wanted to, they could go full HTTPS and even implement perfect forward secrecy in some of their services (where appropriate) and either would effectively block data collection by PRISM (NSA has other techniques).

More to the point, the comments made by Zuckerburg strongly implies that Facebook will not cooperate with the NSA. The line has been drawn in the sand. If the largest transactors of people's personal information online aren't cooperating, then the NSA might not have their databases and/or be prevented from updating their info by encrypted communications. In the end, doing basically nothing (just using https) is actually helping a lot since they aren't contributing to the NSA problem via cooperating with them.

You make allot of assumptions...

Intentions are worthless, Why give him credit for good deeds he hasn't done yet. Implementing https & perfect forward security isn't sorcery, it's been over half a year since Snowden blew the Whistle, what's the hold up.

It is abundantly clear that Obama is either unwilling or incapable of reigning in the surveilance-state. No meaningful political resistance has formed.

There is nothing left to do but to but to secure our communication.

To take back the net.

"...Zuckerburg strongly implies..."  = rhetoric = worthless.

Wow, stirred quite a discussion here. 

I still don't know what to or not to believe about facebook.

Fact of the matter is, as the age-old story goes, just be careful what you post online.

i got 5 on it.

What I find most hilarious, is that a full surveillance state and a nation-state level cracking attempts can't break a single TNO system. So like, a truecrypt container with a passphrase, or a private VPN connection using self-generated certs. In other words, the going dark problem is real /for the NSA/ and the only reason a surveillance state can even exist alongside modern cryptography is because SSL isn't ubiquitous yet. Dealing with the authentication issue is going to take a while for https since protocol level encryption for http_v2 isn't happening.

Facebook has done more than you give them credit for. They have already implemented HTTPS everywhere they can; they did it a while back actually. Head over to ssllabs.com and enter in facebook.com, then look at the Handshake Simulation section to see if "FS" is there or not. It is for all the newer browsers/clients. Forward secrecy is a bit more complicated since that depends on client support much more dramatically and some services on facebook don't lend themselves to https very well in the first place (I suspect mainly games and 3rd party apps since they are difficult for FB to control). Still tho the server will offer FS as the first choice for many clients, meaning that even if the NSA compromises facebook's private cert (letting them decrypt most of facebook's traffic and impersonate facebook), they still can't decrypt any traffic captured while ECDHE was used (DHE is an implementation of forward secrecy). 

It's been half a year and we have seen a dramatic rise in VPN use, release of many security products and major companies like Google and Facebook have increased their backend security systems. Think of china, how effective is their blocking for anyone who wants to get around it? If the defeat of the NSA's surveillance system isn't happening from top down (very unfortunate), then I'll make it happen from bottom up. You seem to agree with this principle.

"..Zuckerburg strongly implies..." [and SSL labs confirms] that Facebook, isn't cooperating with the NSA. I tend to caveat my phrases a bit too much sometimes.

I actually really like the concept of facebook, but it just bums me out that practically every single social media platform is doing the wrong things. I'd pay for a service which is a crossover between facebook and google+, and in turn does not have ads and does not invade my privacy. Its the same with pretty much every bigger company and the fact that whatsapp isn't independent anymore doesn't exactly help the situation either. I think privacy is the next big thing between now and 2084, but it hurts seeing companies and governments using their money and influence to stop good things from happening, There really is a need for an internet revolution...

So math & laws of nature beats money & power, no surprise there.

I don't believe that Face-book-money can only buy kinda sorta encryption & porous security. For example They could act as proxy for third-party-Ty-in-software. I won't give Zuckerboy a break until one gets an option to use Face-book without any privacy loss.

"...Facebook, isn't cooperating with the NSA." And that means nothing to me as long as Facebook is getting pwnd in some way or another by the NSA, all of their servers, stay blacklisted. I might even consider upgrading to a vpn-service that has a managed connection, to block off stuff further down the pipe.

Rant

The deal with privacy was this: Citizens won't be monitored, data-raped etc unless there is specific evidence that the individual is evolved in serious crimes. Therefor we accept that governments have the ability to intrude, & trust it won't be abused. Since this trust has been broken & the culprits don't even acknowledge their guilt. I will now abandon Privacy and strive for absolute Anonymity, I will no longer accept that governments can intrude on my communications . Nobody is exempt from behaving in a civil & ethical manor, & there are no excuses. EVER!

Every government in human history that engaged in mass-surveillance, turned into more or less an oppressive tyranny. Hence the NSA, GCHQ etc are a greater threat to our way of life than terrorists with a dirty-bomb.

/Rant