Facebook Internal Leaks, 2022 Q2

Leaked Facebook documents illustrate the company’s struggle to keep up with privacy regulations around the world, primarily because its engineers have lost visibility into user data flows and can no longer identify precisely where data goes on entering its system.

Facebook grew to be a $500 billion enterprise almost entirely due to its mass collection of user data and utilization of it through targeted advertising, but the ad-based juggernaut, plugged into tens of millions of websites and apps, may have expanded to the point that its own engineers can no longer keep track of it all. At the core of this issue is an inability to guarantee to regulators that it will not use “X” user data for “Y” purpose without an adequate level of control over its own internal systems

Meanwhile, in a leaked internal memo from late April obtained by The Verge, the Meta executive in charge of Facebook, Tom Alison, spelled out a new directive to employees: make the app’s feed more like TikTok. The new focus: instead of prioritizing posts from accounts people already follow, Facebook’s main feed will mimic TikTok’s, and place a heavy weight on recommending posts regardless of origin. Additionally, years after the split between Messenger and Facebook into separate apps, the two will be reunited, mirroring TikTok’s messaging functionality.

Investors are doubting Meta’s ability to navigate challenges to its ads business. And with its stock price already battered, the company needs to show that it can grow if Zuckerberg wants to keep funding his metaverse vision. The planned changes show how forcibly Meta is responding to the rise of TikTok, which has quickly become a legitimate challenger to its dominance in social media. One of Facebook’s core competencies has been recognizing upstarts and ruthlessly copying their core features, and while Instagram has already morphed to look more like TikTok with its focus on Reels, executives hope that a similar treatment to Facebook will reverse the app’s stagnant growth and potentially lure back young people.

Concern over Privacy Regulation

In the leaked document, a Facebook engineer describes the international privacy regulations that now loom over the company as a “tsunami.” Facebook’s largest legal trouble has come from the EU’s General Data Protection Regulation (GDPR), but it now faces various forms of compliance requirements from over 100 countries as well as a medley of state regulations emerging in its own backyard. Other developing issues include the EU Digital Services and Digital Marketing Acts, aimed squarely at tech platforms to further tighten existing privacy regulations.

The leaked document further expresses surprise at India and Europe’s developing privacy regulations from 2021, and highlights Europe’s final judgment on the company’s appeal of the Schrems II decision, which essentially rendered transfers of personal data from Europe to the US untenable, and which led to Facebook publicly considering the prospect of pulling out of the region entirely.

The leaked document expresses Facebook’s desire to comply with these privacy regulations but demonstrates a concern that due to its current issues tracking user data flow, the company will unwittingly misrepresent how it handles such user data. Facebook says that its policy enforcement plans were insufficient to handle second-party data issues “on any timeframe,” with the problem snowballing given the new first-party user data protections which emerged in Europe and India. Facebook claims that a multi-year investment to overhaul its ad system and internal infrastructure might be its only path out.

The leaked document further puts a spin on Facebook’s situation with user data, attributing it to their “culture of open systems” aimed at “contributor empowerment” as opposed to any shortsighted development or mismanagement. Facebook calls this its “data lineage” issue, and it appears to be one that the company was not fully considering until 2018 saw the GDPR take effect. From 2018 to 2020 only one regulation took effect per year, and while Facebook seemed to manage with these individually, the wave of regulations that started in 2021 appears to have taken it off guard.

The Threat of TikTok

According to the leak, the Facebook’s new goal is to build a “discovery engine” based on user’s online habits, a phrase mentioned as a top priority by CEO Mark Zuckerberg during an earnings call with Meta investors. To augment this, product teams are now tasked with encouraging users to message each other about the Reels they see inside Facebook rather than allowing posts to elicit conversations in third party apps.

Leaked internal documents also show that Facebook’s user base is steadily aging, and employees are unsure of a path that could course-correct this trend. And while Facebook might still be making billions of dollars a quarter, with a healthy 2.94 billion monthly users, there are signs that the giant has reached its twilight years, having experienced its first loss of users at the end of 2021.

The company was initially slow to see the competitive threat of TikTok, even as it initially grew by blanketing Facebook and Instagram with ads. But now, Meta sees the video app as increasingly encroaching on its home turf of social networking, with the increasing prominence of private messaging in TikTok and the introduction of a dedicated tab for viewing videos from friends. TikTok, owned by private Chinese tech conglomerate ByteDance, has an incredible 3.6 billion downloads, and per estimates, TikTok’s downloads were 20 percent higher than Facebook’s in 2021. The first three months of this year alone, iPhone users spent on average 78 percent more time on TikTok than on Facebook.


On Facebook’s concerns over privacy regulation compliance, Cillian Kieran, CEO and founder of Ethyca, elaborates: “Even in jurisdictions that already have leading regulations on personal data processing, the technical rule-making is not slowing down—it’s only getting steeper…”

On the personal privacy of Facebook users, Daniel Markuson, a cybersecurity expert at NordVPN, says: “Unfortunately, even if you are not an active user or don’t even have an account, your data is probably still not as private as you would expect. Numerous sites on the internet use Facebook’s plugins (the “Like” or “Share” buttons), logins, and ads analytics tools. Facebook collects data on everyone who visits websites like these, whether they’re registered users or not. It is hard to believe that the company will start to take care of the privacy of its users and security of data they collect… you may think it’s not a big deal if a social network knows your IP address, workplace, or telephone number. But what if a cybercriminal does? Considering Facebook’s sad history of data leaks (including the latest, which happened in April 2021) and the findings of the recent report, we can never be sure where our data may end up once we give it to Facebook.”

The leaked document might indicate major compliance trouble for Facebook, but according to an anonymous former employee there is speculation that it could lead to something of a “too big to fail” ploy, with Facebook framing themselves as being cornered by their unique user data collection scale and established infrastructure, rendering the tasks imposed by these regulations impossible, and potentially attempting to parlay this into special regulatory considerations. Conversely, some privacy researchers and advocates see this from a different perspective; essentially, a confession by Facebook that it cannot and does not comply with the GDPR (nor potentially any number of other regulations), a revelation which could drive fresh scrutiny and even legal action. It could also compel the Irish Data Protection Commission in its ongoing investigation into Facebook’s ad business, which until now appeared to be taking a considerably favorable direction towards the company.

Meanwhile, since the publication of Alison’s internal memo, some employees have voiced concern with Facebook’s hostile efforts in copying TikTok, finding that pushing AI generated content doesn’t quite jive with Facebook’s original family-and-friends-oriented vision. In an internal response, one employee wrote

“I think there’s a real risk in this approach that we lose focus on our core differentiation (the social graph and human choice) in favor of chasing short-term interests and trends,” while others expressed concern that the new direction could hurt long-term growth overall.

The reality however might be that people are already using the social network differently than they used to, with estimates that half the time people spend on Facebook is watching video. Employees claim that the company’s biggest trust and safety risks already come from its systems recommendations in areas like Facebook Watch. According to an anonymous employee it “amplifies the Russian IRA and other bad actors and increased the velocity of misinformation spread.” And after 2016, Facebook ended up drawing back a lot of its recommendations amidst an increased scrutiny of the platform, with employees instilling systems to identify and curtail sensitive posts on topics ranging from politics to vaccines, culminating in Facebooks decision to stop recommending political groups altogether after the spread of “Stop the Steal” groups on its platform ahead of the attempted January 6th insurrection.

Where Guardian from Wertheim Global Comes into Play

Facebook is no stranger to internal leaks – Just consider the Facebook Papers, an internal document leak back in 2021 which showed that, through reports based on internally commissioned studies, Facebook was fully aware of the harmful societal effects its platforms have on its own users – contributing to violence in developing countries, spreading false information, and promoting posts that provoke hate or inspire self-harm. Overnight these documents shot across the media, with reports flooding out from a consortium of news outlets, and the Wall Street Journal even producing a podcast on the matter. Sounds like a fun company to work at.

While we can’t say we support Facebook in its willful ignorance, we can say that Guardian would have been able to steer it away from that calamity, and all the others that followed, big and small. Whether it’s an entire trove of confidential documents or an internal memo on your server, Guardian uses its predictive analytics algorithm to track your users’ routines and flag any behavior determined to be out of the ordinary, with the ability to lock them out of the system instantaneously. So, to wit, we don’t condone willful ignorance, and alas, that now applies to you as well. Get guardian and proactively save your company from scandals big and small.

Give Us a Try:
Translate »