Because you gave it to them. The alternative goes right to rules that prevent everyone (not just FB) from remembering things, and ultimately more censorship.
Is it just me or has a whole generation lost the concept of personal responsibility? I don't use FB because it's been obvious for a long time this was happening, and it's an awful platform, designed to socially engineer their flock of product people.
Use products that you control. LineageOS + FDriod is a great start.
This libertarian utopia obviously breaks down any time you're presented with a 200-page Terms of Service. Nobody has the time and/or skills to read and understand the content at the level required for "informed consent".
Which is why societies have come up with a far better method: collectively decide (or collectively choose people to decide) on reasonable limits for certain types of transactions.
My German law professor used to say that she never read ToS. Because under the country's law, they are either reasonable or unenforceable.
Such laws have nothing to with censorship. If you really need your users private messages, you just have to more explicitly present them with the choice, and respect their decision to say no without unreasonably denying them service.
The US has far more lenient standards for such one-sided contracts, but the basic principle is obviously the same: If Facebook were to add a paragraph giving them ownership of your house somewhere deep in the ToS, they wouldn't stand a chance in a court of law.
You don't need to read a 200-page ToS or live in a libertarian utopia to know what data they have access to and to assume they'll abuse it. A few quick examples:
Don't use Facebook - it's basically a tool for turning any little aspect of your social network into ad revenue. Communicate directly with people you actually value and fuck the rest of 'em.
Don't use Dropbox, their employees have access to all your data, so does someone who breaks in. Encrypt your data before it hits the internet or forget about it.
Don't use a paid VPN service for anonymity, they have your billing data and connecting IP directly and you have no way to verify if they "don't log". Don't trust them. Use an anonymity network which tries its damnedest using technical means to mask those sorts of details.
If you give someone else your data, think not what they can legally do with it, but what they can technically do with it. Write laws all you want, Facebook will still abuse your data to the maximum, attackers will still get access to far too much data, it doesn't help. Personal responsibility is the final solution to the problem. When you give someone data, always assume the worst. Computers have an amusing tendency to tend to make technical feasibility into reality.
I’m always amazed by the ability of libertarians to believe that in the jungle, they’d be tigers rather than tiger shit. More often it turns out they just have a grossly inflated opinion of themselves, as in this case. We’re all human, all weak, and we all need to depend on each other a lot, it’s just the way it is.
I think that people who go out of their way to present what they believe are alpha male characteristics are essentially hanging a neon sign above themselves. That sign is begging for someone with those characteristics to come along and fix the worlds problems in the way that the stereotypical Clint Eastwood or Arnold Schwarzenegger character solved his problems. In other words, an alpha male exerting his will, delivering satisfying one liners, and saving the world.
Why else would nearly every single popular conservative media "character" be so uncannily similar? Why did nearly all of those characters triple down on this machismo roughly 18 months ago? Could it be that they got back the results of their latest A/B test?
I think this all drives at the most interesting, world changing possibility that could come out of this reckoning with Facebook. What will happen when it becomes conventional wisdom that the true power of collecting all of this data is not the ability to predict what you will do, but the ability to direct what you will do? What will happen when it truly registers with people that this necessarily removes their agency? What will prevent that critical mass from making the trivial jump in logic that advertisers and public relations firms have been progressively improving on these same skills to the same general ends for a century?
I don't think there has ever been a human society in which people took "personal responsibility" in the sense you are using the phrase. I don't think it's humanly possible for even the smartest person to keep track of their personal data given the quantity of it, the multiplicity of tracking mechanisms, and the uncertainty about how it all works. Not to mention, even if we all read all the agreements we click through, that doesn't mean they are all accurate, sufficient, legal, or adhered to by the authors.
As I wrote in another thread, I have used LinkedIn for a long time, and I have never wanted it to spam my contacts, so I have always had it foremost in my mind to click "No" whenever it asks to import them. Yet at some point, it did it anyway, because it asks me if I want to connect with people who are only email contacts and not on LinkedIn.
Now if you had complete logs of everything I did with my phone and computer, you might well be able to prove in court that I inadvertently gave permission at some point - perhaps I didn't read all of the legalese on something, or perhaps my finger slipped and I forgot.
I can't imagine I would find anyone at LinkedIn who cared about figuring out what happened, regardless.
There is something perverse, in my view, in appealing to "personal responsibility" of individuals dealing with corporations, as it seems to me that the entire concept of a corporation is a way for people to work together as an entity without taking personal responsibility. The reason we have corporations is because it's impractical for people to be held liable for their screwups.
I’m curious about what you’re saying here and I’ll certainly be thinking about it more, but here’s something I was thinking about: maybe a step in the right direction would be to require permissions to offer a user configurable time limit. I think that users should be able to set the permission they grant to expire after a term of their choice—if they want to grant perpetual permission, fine. I think it would be interesting to think about the implications of apps having to come back to get reauthorization. When permission expires, maybe that just means that no more data can be collected; maybe it means the vendor has to destroy those records. Either way, I don’t want large companies to be able to exploit people who click a button they don’t read. Maybe companies should be required by law to charge users some form of consideration just like other contracts so that we can do away with companies dangling their product as a free carrot in exchange for swaths of personal data, and then leaking it.
A time limit would be a good idea, but putting that into law is not. This is the point of open source, we don't want to be required to do things, you let the consumers choose. If they can examine the code (and this is only going to get more important), then they, or the people they trust to look at it, can make informed decisions.
> maybe a step in the right direction would be to require permissions to offer a user configurable time limit
They can scoop your contacts and SMS messages in 10 seconds after the first permission was granted. Maybe permission should also limit the number of contacts/messages it can access.
Your standard of “personal responsibility” includes the ability to audit code. I assume that you’re just irresponsible if a carmaker sells you a dangerous vehicle, because you don’t know how to detect the flaw? Doctors can just talk to you without consideration for your ignorance, because your failure to attend medical school represents your irresponsibility? If you can’t parse all of changing EULA’s in your life, you’re just irresponsible?
What’s obvious to you in your very limited field of expertise is not obvious to everyone. You shouldn’t insult everyone who isn’t a programmer by equating that narrow expertise with personal responsibility. I wouldn’t assume that your inability to understand a conversation between two surgeons meant that it was acceptable to harvest your organs.
You are making it sound like I argued against standards, that's not the case. Yes, ability to audit the code is paramount, and I want to go that direction for everything. We are merging with our creations, people have their noses so far in their phones they are starting to head mount and have it overlay their field of view. Without source access, we wont even be able to check if our own experiences are real.
Relying on experts to audit things is obvious and correct, but they must be "anyone", not just a select few that get to see the details. Maybe I am not qualified to evaluate something, but that is never a reason to prevent me from looking at the same information the experts have, in fact that's how those experts came to be.
The fact that some people don't care is irrelevant. They get tricked, and learn. Consider how many people are re-evaluating what FB even _is_ right now.
Much as I appreciate you responding to only the first sentence of my reply, I’m going to have to point out that your FOSS rant is only tangentially related to what I said, mate.