Ctrl + N

House Democrats are pressing Facebook on the privacy protections it has in place for people who share sensitive health information in forums for group discussion on the site. 

House Energy and Commerce Chair Frank Pallone Jr. (D-N.J.) and Rep. Jan Schakowsky (D-Ill.) sent a letter to Mark Zuckerberg on Tuesday asking him for a staff briefing about whether Facebook is “misleading” users about the nature of “closed groups.” These groups are listed publicly but only allow invited or approved social media users to see discussions inside the forum.

The lawmakers are concerned about health information people may have shared in closed groups that are labeled as “anonymous” — implying a certain level of privacy in spaces devoted to discussing deeply personal issues, such as substance abuse or sexual assault.

“Despite the indications that the groups were private and anonymous, people and companies who should not have been admitted to these groups gained access to them and to lists of group members,” the lawmakers wrote. “People used the member lists and other information from these groups to target and harass members of the groups.” Pallone and Schakowsky, who chairs the Subcommittee on Consumer Protection and Commerce, also said that insurance companies that gain access to this data could use it in making decisions about offerings.

So much of the privacy debate focuses on what data the companies seek to collect from users. But these lawmakers are spotlighting just how much sensitive data — including medical details — social media companies have on their platforms that's freely offered up by users themselves. Determining the right kind of protection for this kind of data could be a particularly tough challenge for lawmakers as they work toward crafting privacy legislation this Congress.

Meg Marshall, an executive at health information technology company Cerner, said: 

In the letter, lawmakers signaled that Facebook needs to be more transparent with users, especially about who can access deeply personal information they post online. 

"Labeling these groups as closed or anonymous potentially misled Facebook users into joining these groups and revealing more personal information than they otherwise would have," the lawmakers wrote. "And Facebook may have failed to properly notify group members that their personal health information may have been accessed by health insurance companies and online bullies, among others.”

Pallone and Schakowsky sent the letter to Facebook in response to a complaint filed to the Federal Trade Commission, which was first published this week. The complaint, initially filed in December, says Facebook "deceptively solicited" patients to use its Groups feature to discuss health issues. The security researcher and health advocates who filed the complaint say Facebook has marketed this product as a "personal health record."

The privacy concerns surrounding Facebook's health-related Groups first got attention over the summer, when CNBC reported Facebook closed a loophole that allowed third parties to discover the names of members in closed groups. Before the change, the leader of a private group for women with BRCA, a gene mutation that indicates a higher likelihood of breast cancer, discovered that marketers had been using a web extension to siphon off group members' names and other personal information. Facebook said at the time that the change was not a result of that group's complaints. 

Facebook defended itself Tuesday night, making the case that users know what they're signing up for when they join groups.  

"Facebook is not an anonymous platform; real-name identity is at the center of the experience and always has been," the company said in a statement. "It's intentionally clear to people that when they join any group on Facebook, other members of that group can see that they are a part of that community, and can see the posts they choose to share with that community. There is value in being able to know who you’re having a conversation with in a group, and we look forward to briefing the committee on this.”

The issue of storing sensitive data could only become bigger as Big Tech eyes business opportunities in health and wellness. Companies such as Amazon and Google are increasingly investing in services ranging from a digital pharmacy to fitness tracking. But as the companies face a wide range of questions about their existing privacy practices, these new services could open a Pandora's box of new issues.

Facebook itself was exploring a broader push into healthcare, and it even pursued data-sharing partnerships with top medical groups and hospitals, according to a report last year from CNBC. However it backed off those plans last year in the fallout of other privacy controversies, saying that it needed to "focus on other important work, including doing a better job of protecting people's data and being clearer with them about how that data is used in our products and services."

Facebook is facing mounting scrutiny for a range of privacy controversies. Currently the company is in early negotiations with the FTC for a multi-billion-dollar fine following the Cambridge Analytica scandal, in which a political consultancy collected sensitive data about Facebook users without their consent. Any settlement the company reaches will likely come with a new order that could require the company to submit to more regular privacy checkups.

BITS, NIBBLES AND BYTES

BITS: Microsoft has identified another Russian government-affiliated operation targeting think tanks that have been critical of Russia, according to my colleagues Elizabeth Dwoskin and Craig Timberg. It's the second such finding the company has made in the last six months. 

“The 'spear-phishing' attacks — in which hackers send out phony emails intended to trick people into visiting websites that look authentic but in fact enable them to infiltrate their victims’ corporate computer systems — were tied to the APT28 hacking group, a unit of Russian military intelligence that interfered in the 2016 U.S. election," my colleagues wrote. "The group targeted more than 100 European employees of the German Marshall Fund, the Aspen Institute Germany, and the German Council on Foreign Relations, influential groups that focus on transatlantic policy issues.”

The attacks took place over the last three months of 2018, and they come ahead of Europe's parliamentary elections in May. “The attacks we’ve seen recently, coupled with others we discussed last year, suggest an ongoing effort to target democratic organizations,” Microsoft said in a blog post. “They validate the warnings from European leaders about the threat level we should expect to see in Europe this year.”

NIBBLES: YouTube is updating its penalties for creators who breach the platform's Community Guidelines, TechCrunch's Sarah Perez reported. The company wants to make its strike system more transparent and consistent for content that violates the platform's rules such as graphic content or threats. “With today’s changes, all strikes will now carry the same punishment: a temporary ban from YouTube activity, with the length of time increasing with the strikes,” TechCrunch reported.

YouTube also said that starting on Feb. 25, it will issue a one-time warning when a creator posts content that runs afoul of its rules for the first time, as Perez noted. The warning will not carry any penalty but the content will have to be removed. The company said in a blog post that the warning aims to give creators an opportunity to learn more about the rules. “This is to make sure everyone takes the time to learn about our Community Guidelines, and then can quickly get back to creating great content and engaging with their audience in a way that complies with our rules,” YouTube said.

BYTES: Twitter said it is expanding an initiative to make political advertising more transparent on its platform in the European Union, India and Australia, the Hill's Emily Birnbaum reported. Advertisers who want to publish political ads on Twitter in those countries will have to first go through a certification process — the changes are set to take effect on March 11. Twitter also said that people will be able to look up information about ads that endorse a candidate or a political party.

“The tools will allow users to browse the billing information, demographic targeting and ad spending details behind each political advertisement,” the Hill reported. “It will also require political advertisers to prove that they are not a foreign entity seeking to interfere in regional elections.”

The company has also assembled a team to help protect the integrity of the E.U. election that is set to be held in May, Karen White, director of public policy for Europe at Twitter, said in a blog post. “Using our proprietary-built internal tools, the team will proactively protect the integrity of regional trends, support partner escalations, and identify potential threats from malicious actors,” White said.

From White:

PRIVATE CLOUD

— Ren Zhengfei, the founder of Chinese telecommunications giant Huawei Technologies, denied in an interview on “CBS This Morning” that the company shares information with Chinese authorities, according to The Washington Post's Hamza Shaban. “Asked whether his company’s hardware has built-in vulnerabilities to enable government spying, perhaps without his knowledge, he said, ‘It is not possible because across our entire organization we have stressed once and again that we will never do that,’” Hamza reported.

— More technology news from the private sector:

On Tuesday, a Google spokesperson told Business Insider it had made an "error."
Business Insider
If it feels like there is a steady stream of fresh outrage over consumer-brand gaffes, it may be because companies have become more adept at managing controversy than at pre-empting it.
The Wall Street Journal
What if stemming the tide of misinformation on YouTube means punishing some of its biggest stars?
The New York Times
PUBLIC CLOUD

-- A database that was left unprotected online revealed the extent of China's efforts to monitor its own population via facial recognition technology in the western region of Xinjiang, the Associated Press's Yanan Wang and Dake Kang reported. Victor Gevers, a Dutch cybersecurity researcher, found that the exposed database contained information including names, birth dates and places of employment on more than 2.5 million people in the region. “The database Gevers found appears to have been recording people’s movements tracked by facial recognition technology, he said, logging more than 6.7 million coordinates in a span of 24 hours,” the AP reported.

— Cisco said in a report that U.S. policies have given the United States a strong position in the race to dominate 5G wireless networks, The Post's Brian Fung reported. The development of 5G is expected to make download speeds faster and help boost new technology including self-driving vehicles. “The U.S. has made a good start in changing policies to support the deployment of 5G, and as we look around the rest of the world, policy changes of the type we’ve seen here in the U.S. have not yet happened,” said Mary Brown, senior director of government affairs at Cisco, according to my colleague. “We do expect that’s going to be changing over the next 12 to 18 months, and so the race to 5G is very real.”

— President Trump signed a policy directive laying out a plan to create a Space Force, The Post's Dan Lamothe reported. The document directs the Defense Department to come up with legislation for Congress that would establish the Space Force within the Air Force Department. “The move appears to mark a rhetorical and political compromise: While the Trump administration will continue to call the new service the Space Force, it will more closely resemble a previous proposal on Capitol Hill for a smaller Space Corps that does not have a new, separate service secretary appointed by the president,” Dan wrote.

— More technology news from the public sector:

Facebook is not currently in EU regulators’ crosshairs but it may well be in future because of the crucial role played by data, Europe’s antitrust chief said on Tuesday.
Reuters
Two Democratic lawmakers introduced a bill this month that would require phone, cable and internet providers to include all charges in advertised prices.
MarketWatch
New Zealand's government is considering a plan to tax multinational tech corporations at a higher rate, citing a disparity between the taxes paid by New Zealanders and large corporations such as Facebook and Google.
The Hill
FAST FWD

— A digital advocacy group wants to support employees of tech companies who seek to speak out against “unethical tech,” the Guardian's Sam Levin reported. The group Fight for the Future launched a campaign that features ads on social media that are directed at tech workers. “A new website, SpeakOut.Tech, encourages workers to safely leak information and organize their colleagues and includes a video ad that the group is promoting by using the micro-targeting ad features of Facebook and Google,” according to the Guardian.

The SpeakOut.Tech website says workers should ask themselves whether the products that they are working on could potentially cause harm to people. “Does the product you’re building have the ability to unfairly target communities of color, endanger families seeking asylum, or expose survivors of abuse?” says a message on the site.

— More news about tech workforce and culture:

Netflix Inc said on Tuesday it is creating a production hub with two studios in Toronto that is expected to create 1,850 jobs per year.
Reuters
#TRENDING

— Tech news generating buzz around the Web:

Consumer Tech
Exclusive: A new study finds bugs in five of the most-popular password managers. So how is it safe to keep all your eggs in one basket?
Geoffrey Fowler
Question tweets have proliferated on Twitter, interesting brands and setting off a backlash.
The Daily Beast
@MENTIONS

— Natalie Gillam McLaughlin is joining TechNet, a network of tech executives, as director of communications, according to a news release from the group.

404 ERROR

— News about tech incidents and blunders:

Politics
Stone has said the now-deleted photo he posted of Judge Amy Berman Jackson with crosshairs next to her head was not intended as a threat.
Reis Thebault, Manuel Roig-Franzia and Rachel Weiner
BURN RATE

— Today in funding news:

Google today announced its intention to acquire Alooma, a company that allows enterprises to combine all of their data sources into services like Google’s BigQuery, Amazon’s Redshift, Snowflake and Azure.
TechCrunch
Amazon.com Inc’s Chinese joint venture is in talks about a merger with local e-commerce firm Kaola, which sells imported products in the Asian country, business magazine Caijing reported on Tuesday.
Reuters
CHECK-INS

Coming soon:

WIRED IN

Trump wishes Bernie Sanders “well” in 2020 run:

The controversies of Karl Lagerfeld on and off the catwalk:

Why are people up in arms over “Green Book”?