| ▲ | bluGill 2 days ago |
| I would say you have a responsibility to ensure you are getting legal data. you don't buy stolen things. That is meta has a reponsibility to ensure that they are not partnering with crooks. Flo gets the largest blame but meta needs to show they did their part to ensure this didn't happen. (I would not call terms of use enough unless they can show they make you understand it) |
|
| ▲ | gruez 2 days ago | parent | next [-] |
| >Flo gets the largest blame but meta needs to show they did their part to ensure this didn't happen. (I would not call terms of use enough unless they can show they make you understand it) Court documents says that they blocked access as soon as they were aware of it. They also "built out its systems to detect and filter out “potentially health-related terms.”". Are you expecting more, like some sort of KYC/audit regime before you could get any API key? Isn't that the exact sort of stuff people were railing against, because indie/OSS developers were being hassled by the play store to undergo expensive audits to get access to sensitive permissions? |
| |
| ▲ | hedgehog 2 days ago | parent | next [-] | | Facebook chose to pool the data they received from customers and allow its use by others, so they are also responsible for the outcomes. If it's too hard to provide strong assurance that errors like Flo's won't result in adverse outcomes for the public, perhaps they should have designed a system that didn't work that way. | | |
| ▲ | gruez 2 days ago | parent [-] | | >Facebook chose to pool the data they received from customers and allow its use by others, so they are also responsible for the outcomes. "chose" is doing a lot of the heavy lifting here. Suppose you ran a Mastodon server and it turned out some people were using it to share revenge porn unbeknownst to you. Suppose further that they did it in a way that didn't make it easily detectable by you (eg. they did it in DMs/group chats). Sure, you can dump out the database and pore over everything just to be sure, but it's not like you're going to notice it day to day. If a few months later the revenge porn ring got busted should you be charged with "intentionally eavesdropping" on revenge porn or whatever? After all, to some extent, you "chose" to run the Mastodon server. | | |
| ▲ | hedgehog a day ago | parent [-] | | Transmitting messages between users is a functional property of Mastodon that is of course visible and valuable to the users. Transmitting protected health data from Flo users to anyone with a dollar to buy some ads is not a functional property of Flo itself or a mobile ad product, and likely surprising to both Flo and Flo's users. Facebook has discretion on how they use that data. If this is a rare and unavoidable consequence of their business model Facebook should be comfortable paying the settlements as judgements occur. |
|
| |
| ▲ | bluGill a day ago | parent | prev [-] | | Details matter. Sometimes blocking as soon as you are aware of it is enough, sometimes enough. Those "systems to detect and filter out “potentially health-related terms.”" need to be examined in depth - are they enough, were they done only after the fact when they should have been more proactive? Not knowing those details (they are probably available but I'm not interested enough to read the court documents) I'm going to defer to the courts on this. Understand that depending on ongoing appeals I may have to change my stance a few times. If this keeps coming up I may eventually have to get interested and learn more details so I can pressure my representative to change the laws, but for now this just isn't important enough - to me - to dig farther than the generalizations I made above. |
|
|
| ▲ | hennell 2 days ago | parent | prev | next [-] |
| I have the type of email address that regularly receives email meant for other people with a similar name. Invites, receipts, and at one point someones Disney+ account. At one point I was getting a strangers fertility app updates - didn't know her name, but I could tell you where she was in her cycle. I've also had NHS records sent to me, again entirely unsolicited, although that had enough I could find who it was meant for and inform them of the data breach. I'm no fan of facebook, but I'm not sure you can criminalise receiving data, you can't control what others send you. |
| |
| ▲ | WhyCause 2 days ago | parent [-] | | > ...you can't control what others send you. Of course not. You can, however, control what you then do with said data. If a courier accidentally dropped a folder full of nuclear secrets in your mailbox, I promise you that if you do anything with it other than call the FBI (in the US), you will be in trouble. | | |
| ▲ | gruez 2 days ago | parent [-] | | Except in this case it's unclear whether any intentional decision went on at meta. A better analogy would be if someone sent you a bunch of CSAM, it went to your spam folder, but then because you have backups enabled the CSAM got replicated to 3 different servers across state lines, and the FBI is charging you with "distributing" CSAM. |
|
|
|
| ▲ | deadbabe 2 days ago | parent | prev | next [-] |
| If Flo accepted the terms of use, then it means they understand it. Really the only blame here should be on Flo. |
|
| ▲ | richwater 2 days ago | parent | prev [-] |
| > you don't buy stolen things. This happens accidentally every single day and we don't punish the victim |
| |
| ▲ | bluGill 2 days ago | parent [-] | | We do punish the victum - we take away stolen goods. if they know it was stolen goods they can be punished for it. money laundy laws get a lot of innocent people doing legal things. |
|
