It’s always been a source of personal amazement that people still ascribe some credibility to the words that come out of Mark Zuckerberg’s mouth. This is especially true when it comes to paeans to privacy: Any politician who lied about one subject on such a frequent basis would be laughed at when he made yet another pro forma denial, but the Facebook CEO swears he’s going to protect our information better and the media seems to lean back, fold their collective hands and say, “Well, maybe he’s gonna do it this time.”
I was reminded of this credulous attitude on Wednesday when I looked at the front page of The New York Times. “After Facebook’s Scandals, Mark Zuckerberg Says He’ll Shift Focus to Private Sharing,” the headline read. It was typical naïveté from the first paragraph: “Social networking has long been predicated on people sharing their status updates, photos and messages with the world. Now Mark Zuckerberg, chief executive of Facebook, plans to start shifting people toward private conversations and away from public broadcasting.”
“We’re building a foundation for social communication aligned with the direction people increasingly care about: messaging each other privately,” Zuckerberg said in an interview.
“I believe a privacy-focused communications platform will become even more important than today’s open platforms.”
Now, here’s my point about this serial liar being given unbelievable amounts of deference: Nowhere in the article, it must be noted, did The New York Times mention a report from several days prior that Facebook was using its two-factor authentication (2FA) feature to allow your phone number to be looked up by whoever so pleases — including advertisers.
Oh, and once you’ve allowed your number to be public, which is the default setting, you’re stuck with it.
“Facebook is using the phone numbers they collect via two-factor authentication to serve ads, and now it turns out you can’t opt out of the service once you’ve opted in,” Techspot reported Monday.
“Additionally, Facebook is using the phone numbers as a ‘unique identifier,’ allowing everyone with an account to look up any user by their phone number. These uses of the data they collected under the guise of 2FA is sketchy at best, and nefarious at worse, and the company has once again come under fire for its data collection and security practices.
“Facebook has already admitted to using phone numbers collected under the guise of two-factor authentication in order to target ads, and now it turns out you can’t opt-out of the service once you’re committed.”
In case you’re unfamiliar with 2FA, it’s basically a method to secure your account by tying a login on a new device to your phone. When you log in to the device, you either have to input a code from a text message or respond to a prompt on the phone.
However, one user noticed something curious:
For years Facebook claimed the adding a phone number for 2FA was only for security. Now it can be searched and there’s no way to disable that. pic.twitter.com/zpYhuwADMS
— Jeremy Burge 🐥🧿 (@jeremyburge) March 1, 2019
And once you turn it on, it can’t be turned off.
Techspot has some advice if you don’t want the number to be searched: “To disable the phone number look-up feature, open the Facebook menu and select ‘settings.’ From there, click on the ‘privacy’ tab and you’ll find the setting in question under the ‘how people find and contact you’ banner.”
However, this is just the latest privacy issue to hit Facebook since the Cambridge Analytica scandal put the issue front and center, and most of the scandals involve hideously creative ways to use your private data to make money for them.
“If people feel like they can’t trust the tools they use when they try to do things that are good for their security, they just stop doing it,” Jessy Irwin, head of security at blockchain company Tendermint, told CNET. “There should be some things that are treated as sacred, especially when we talk about improving account security.”
Apparently, your phone number isn’t one of them, particularly when advertisers are involved. But please, let’s give Zuckerberg yet another chance to say that this time will be different.
“Frankly we don’t currently have a strong reputation for building privacy protective services, and we’ve historically focused on tools for more open sharing,” The New York Times notes in their article that he wrote in a blog post. “But we’ve repeatedly shown that we can evolve to build the services that people really want, including in private messaging and stories.”
That story, it’s again worth noting, appeared two days after the 2FA reports began appearing. Why do we keep on listening to a man whose words apparently mean nothing?
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.