Meta announced today that it’s ending the third-party fact-checking program it introduced in 2016, and will rely instead on a Community Notes approach similar to what’s used on Elon Musk’s X platform.

The end of third-party fact-checking and related changes to Meta policies could help the company make friends in the Trump administration and in governments of conservative-leaning states that have tried to impose legal limits on content moderation. The operator of Facebook and Instagram announced the changes in a blog post and a video message recorded by CEO Mark Zuckerberg.

“Governments and legacy media have pushed to censor more and more. A lot of this is clearly political,” Zuckerberg said. He said the recent elections “feel like a cultural tipping point toward once again prioritizing speech.”

“We’re going to get rid of fact-checkers and replace them with Community Notes, similar to X, starting in the US,” Zuckerberg said. “After Trump first got elected in 2016, the legacy media wrote nonstop about how misinformation was a threat to democracy. We tried in good faith to address those concerns without becoming the arbiters of truth. But the fact-checkers have just been too politically biased and have destroyed more trust than they’ve created, especially in the US.”

Meta says the soon-to-be-discontinued fact-checking program includes over 90 third-party organizations that evaluate posts in over 60 languages. The US-based fact-checkers are AFP USA, Check Your Fact, Factcheck.org, Lead Stories, PolitiFact, Science Feedback, Reuters Fact Check, TelevisaUnivision, The Dispatch, and USA Today.

The independent fact-checkers rate the accuracy of posts and apply ratings such as False, Altered, Partly False, Missing Context, Satire, and True. Meta adds notices to posts rated as false or misleading and notifies users before they try to share the content or if they shared it in the past.

Meta: Experts “have their own biases”

In the blog post that accompanied Zuckerberg’s video message, Chief Global Affairs Officer Joel Kaplan said the 2016 decision to use independent fact-checkers seemed like “the best and most reasonable choice at the time… The intention of the program was to have these independent experts give people more information about the things they see online, particularly viral hoaxes, so they were able to judge for themselves what they saw and read.”

https://arstechnica.com/tech-policy/2025/01/meta-axes-third-party-fact-checkers-in-time-for-second-trump-term/

La sentenza della Corte Ue sul caso Schrems-facebook

“La circostanza che Maximilian Schrems si sia espresso sul suo orientamento sessuale in occasione di una tavola rotonda pubblica non autorizza il gestore di una piattaforma di social network online a trattare altri dati relativi al suo orientamento sessuale ottenuti, se del caso, al di fuori di tale piattaforma, al fine di aggregarli e analizzarli per proporgli della pubblicità personalizzata”, così si legge nell’incipit della sentenza della Corte di Giustizia dell’Unione europea contro facebook del Gruppo Meta.

Il caso è stato sollevato dalla Corte suprema austriaca, che ha chiesto alla Corte di giustizia dell’Unione di interpretare il Regolamento generale sulla protezione dei dati (il Gdpr).

Il caso

Tutto nasce in occasione di una tavola rotonda aperta al pubblico, alla quale Schrems ha partecipato a Vienna il 12 febbraio 2019, su invito della rappresentanza della Commissione europea in Austria, dove l’interessato ha fatto riferimento al suo orientamento sessuale.

Schrems intendeva in tal modo criticare il trattamento di dati personali effettuato da Facebook, tra cui il trattamento dei suoi propri dati. Questa tavola rotonda è stata diffusa in streaming e una registrazione è stata successivamente pubblicata sotto forma di «podcast», nonché sul canale YouTube della Commissione. Tuttavia, l’interessato non ha mai menzionato tale aspetto della sua vita privata nel suo profilo facebook.

Le motivazioni della sentenza

Secondo la Corte Ue, “la circostanza che una persona si sia espressa sul suo orientamento sessuale in occasione di una tavola rotonda pubblica non autorizza il gestore di una piattaforma di social network online a trattare altri dati relativi all’orientamento sessuale di tale persona ottenuti, se del caso, al di fuori di tale piattaforma a partire da applicazioni e siti Internet di partner terzi, ai fini di aggregarli e analizzarli per proporre a tale persona della pubblicità personalizzata”.

I giudici di Bruxelles, in questo caso, hanno applicato il principio della «minimizzazione dei dati», che vieta l’aggregazione, l’analisi e l’elaborazione di dati ai fini di pubblicità mirata ottenuti da piattaforme social.

Rimane da valutare se, in occasione della tavola rotonda, “il sig. Schrems abbia manifestamente reso pubblico il suo orientamento sessuale”, ma in questo caso, secondo il tribunale europeo, spetta alla Corte suprema austriaca verificarlo.

Circostanza che, tuttavia, si legge sempre nella sentenza, “non autorizza di per sé, il trattamento di altri dati personali relativi all’orientamento sessuale di tale persona”.

Anche il Dsa contro facebook

Anche perché la pubblicità online è ormai regolamentata dal Digital service act (Dsa), che mira a creare un nuovo equilibrio tra la tutela dei dati personali ed esigenze del mercato advertising.

Di fatto, il Dsa prescrive che i fornitori di piattaforme online non possono presentare pubblicità ai destinatari del servizio basate sulla profilazione, utilizzando dati sensibili, dati genetici e dati biometrici e cioè tutte le categorie speciali di dati personali elencate nel Gdpr

Leggi le altre notizie sull’home page di Key4biz

https://www.key4biz.it/privacy-schrems-vince-contro-facebook/506810/

Ago 28, 2024 Stefano Silvestri Attacchi, Minacce, News, Phishing, Tecnologia, Vulnerabilità 0

---

Il phishing è una delle minacce informatiche più diffuse e pericolose che colpiscono utenti e aziende di tutto il mondo. Perché abbia successo, i criminali informatici creano copie perfette di siti web legittimi, inducendo le vittime a credere di trovarsi di fronte a una comunicazione autentica.

Nonostante la crescente consapevolezza e le campagne di sensibilizzazione, le tecniche si fanno sempre più sofisticate, il che spiega perché il phishing continui a mietere vittime, con danni economici e reputazionali importanti.

I giganti del web sono tra i bersagli principali di questi attacchi e, secondo un nuovo studio condotto da Kaspersky su 25 aziende globali di grande rilievo, nel 2024 Google, Facebook e Amazon sono stati i brand più frequentemente presi di mira da attacchi di phishing.

Nel 2024 l’incremento di attacchi è stato infatti quasi 1,5 volte superiore rispetto all’anno precedente.

La ricerca ha evidenziato che nella prima metà di quest’anno gli utenti di tutto il mondo hanno tentato di accedere a risorse false che imitavano questi brand quasi 26 milioni di volte, un aumento di quasi il 40% rispetto allo stesso periodo del 2023.

Gli esperti di Kaspersky attribuiscono questo forte aumento a una maggiore aggressività dei criminali informatici piuttosto che a una diminuzione della vigilanza degli utenti.

Tra i brand analizzati, Google è risultato il più colpito, con oltre 4 milioni di tentativi di phishing bloccati dalle soluzioni di Kaspersky. Seguono Facebook, con circa 3,7 milioni di tentativi, e Amazon con circa 3 milioni.

Microsoft e DHL completano la top five con rispettivamente 2,8 e 2,6 milioni di tentativi. Altri brand come PayPal, Mastercard, Apple, Netflix e Instagram sono anch’essi tra i primi 10 obiettivi preferiti dai cybercriminali per il furto di credenziali e denaro nel 2024.

Gli attacchi contro Google sono aumentati del 243% nella prima metà del 2024 rispetto allo stesso periodo dell’anno precedente, facendo di Google uno degli obiettivi principali per i phisher. Mastercard ha registrato un incremento del 210% dei tentativi di furto di dati sensibili e denaro, seguita da Facebook e Netflix, entrambi con un raddoppio degli attacchi.

Olga Svistunova, esperta di sicurezza di Kaspersky, ha spiegato che il phishing contro Google è particolarmente preoccupante perché, ottenendo l’accesso a un account Gmail, i criminali possono accedere a una vasta gamma di altri servizi, rendendo Google un obiettivo privilegiato.

Il phishing contro Mastercard, d’altra parte, è aumentato in concomitanza con la proliferazione di falsi negozi online che simulano la vendita di beni e accettano pagamenti con presunte carte Mastercard.

Nonostante l’incremento generale, alcuni brand hanno registrato un calo nei clic sulle risorse di phishing. Microsoft, ad esempio, ha visto diminuire l’incidenza di questi attacchi, probabilmente grazie a una maggiore consapevolezza nelle organizzazioni. Anche DHL ha registrato un calo simile, un fenomeno osservato tra diversi brand nel settore trasporti e logistica.

Altri brand, pur non rientrando nella top 10, hanno visto crescere grandemente gli attacchi. HSBC, ad esempio, ha registrato un aumento di otto volte fino a 240.000 tentativi di phishing, ed eBay ha visto triplicare gli attacchi, superando i 300.000 casi. Airbnb, American Express e LinkedIn hanno registrato aumenti rispettivamente del 174%, 137% e 122%.

Per le aziende, è fondamentale identificare tempestivamente se il proprio brand sia stato preso di mira dai phisher. Kaspersky consiglia di monitorare regolarmente la presenza online del brand, informare i clienti sui canali ufficiali e segnalare tempestivamente alle autorità eventuali tentativi di phishing.

Queste misure, unite a una costante sensibilizzazione dei propri utenti, possono contribuire a ridurre l’efficacia di questi attacchi e a proteggere meglio i dati sensibili. L’industria della cybersicurezza deve dunque continuare a evolversi e a innovare per fronteggiare una minaccia che non mostra segni di rallentamento, mantenendo alta la guardia contro un nemico invisibile ma estremamente pericoloso.

---

---

---

https://www.securityinfo.it/2024/08/28/kaspersky-cresce-phishing-google-facebook-amazon/?utm_source=rss&utm_medium=rss&utm_campaign=kaspersky-cresce-phishing-google-facebook-amazon

The Children’s Health Defense (CHD), an anti-vaccine group founded by Robert F. Kennedy Jr, has once again failed to convince a court that Meta acted as a state agent when censoring the group’s posts and ads on Facebook and Instagram.

In his opinion affirming a lower court’s dismissal, US Ninth Circuit Court of Appeals Judge Eric Miller wrote that CHD failed to prove that Meta acted as an arm of the government in censoring posts. Concluding that Meta’s right to censor views that the platforms find “distasteful” is protected by the First Amendment, Miller denied CHD’s requested relief, which had included an injunction and civil monetary damages.

“Meta evidently believes that vaccines are safe and effective and that their use should be encouraged,” Miller wrote. “It does not lose the right to promote those views simply because they happen to be shared by the government.”

CHD told Reuters that the group “was disappointed with the decision and considering its legal options.”

The group first filed the complaint in 2020, arguing that Meta colluded with government officials to censor protected speech by labeling anti-vaccine posts as misleading or removing and shadowbanning CHD posts. This caused CHD’s traffic on the platforms to plummet, CHD claimed, and ultimately, its pages were removed from both platforms.

However, critically, Miller wrote, CHD did not allege that “the government was actually involved in the decisions to label CHD’s posts as ‘false’ or ‘misleading,’ the decision to put the warning label on CHD’s Facebook page, or the decisions to ‘demonetize’ or ‘shadow-ban.'”

“CHD has not alleged facts that allow us to infer that the government coerced Meta into implementing a specific policy,” Miller wrote.

Instead, Meta “was entitled to encourage” various “input from the government,” justifiably seeking vaccine-related information provided by the World Health Organization (WHO) and the US Centers for Disease Control and Prevention (CDC) as it navigated complex content moderation decisions throughout the pandemic, Miller wrote.

Therefore, Meta’s actions against CHD were due to “Meta’s own ‘policy of censoring,’ not any provision of federal law,” Miller concluded. “The evidence suggested that Meta had independent incentives to moderate content and exercised its own judgment in so doing.”

None of CHD’s theories that Meta coordinated with officials to deprive “CHD of its constitutional rights” were plausible, Miller wrote, whereas the “innocent alternative”—”that Meta adopted the policy it did simply because” CEO Mark Zuckerberg and Meta “share the government’s view that vaccines are safe and effective”—appeared “more plausible.”

Meta “does not become an agent of the government just because it decides that the CDC sometimes has a point,” Miller wrote.

Equally not persuasive were CHD’s notions that Section 230 immunity—which shields platforms from liability for third-party content—”‘removed all legal barriers’ to the censorship of vaccine-related speech,” such that “Meta’s restriction of that content should be considered state action.”

“That Section 230 operates in the background to immunize Meta if it chooses to suppress vaccine misinformation—whether because it shares the government’s health concerns or for independent commercial reasons—does not transform Meta’s choice into state action,” Miller wrote.

One judge dissented over Section 230 concerns

In his dissenting opinion, Judge Daniel Collins defended CHD’s Section 230 claim, however, suggesting that the appeals court erred and should have granted CHD injunctive and declaratory relief from alleged censorship. CHD CEO Mary Holland told The Defender that the group was pleased the decision was not unanimous.

According to Collins, who like Miller is a Trump appointee, Meta could never have built its massive social platforms without Section 230 immunity, which grants platforms the ability to broadly censor viewpoints they disfavor.

It was “important to keep in mind” that “the vast practical power that Meta exercises over the speech of millions of others ultimately rests on a government-granted privilege to which Meta is not constitutionally entitled,” Collins wrote. And this power “makes a crucial difference in the state-action analysis.”

As Collins sees it, CHD could plausibly allege that Meta’s communications with government officials about vaccine-related misinformation targeted specific users, like the “disinformation dozen” that includes both CHD and Kennedy. In that case, it appears possible to Collins that Section 230 provides a potential opportunity for government to target speech that it disfavors through mechanisms provided by the platforms.

“Having specifically and purposefully created an immunized power for mega-platform operators to freely censor the speech of millions of persons on those platforms, the Government is perhaps unsurprisingly tempted to then try to influence particular uses of such dangerous levers against protected speech expressing viewpoints the Government does not like,” Collins warned.

He further argued that “Meta’s relevant First Amendment rights” do not “give Meta an unbounded freedom to work with the Government in suppressing speech on its platforms.” Disagreeing with the majority, he wrote that “in this distinctive scenario, applying the state-action doctrine promotes individual liberty by keeping the Government’s hands away from the tempting levers of censorship on these vast platforms.”

The majority agreed, however, that while Section 230 immunity “is undoubtedly a significant benefit to companies like Meta,” lawmakers’ threats to weaken Section 230 did not suggest that Meta’s anti-vaccine policy was coerced state action.

“Many companies rely, in one way or another, on a favorable regulatory environment or the goodwill of the government,” Miller wrote. “If that were enough for state action, every large government contractor would be a state actor. But that is not the law.”

https://arstechnica.com/?p=2042567

The European Commission (EC) has finally taken action to block Meta’s heavily criticized plan to charge a subscription fee to users who value privacy on its platforms.

Surprisingly, this step wasn’t taken under laws like the Digital Services Act (DSA), the Digital Markets Act (DMA), or the General Data Protection Regulation (GDPR).

Instead, the EC announced Monday that Meta risked sanctions under EU consumer laws if it could not resolve key concerns about Meta’s so-called “pay or consent” model.

Meta’s model is seemingly problematic, the commission said, because Meta “requested consumers overnight to either subscribe to use Facebook and Instagram against a fee or to consent to Meta’s use of their personal data to be shown personalized ads, allowing Meta to make revenue out of it.”

Because users were given such short notice, they may have been “exposed to undue pressure to choose rapidly between the two models, fearing that they would instantly lose access to their accounts and their network of contacts,” the EC said.

To protect consumers, the EC joined national consumer protection authorities, sending a letter to Meta requiring the tech giant to propose solutions to resolve the commission’s biggest concerns by September 1.

That Meta’s “pay or consent” model may be “misleading” is a top concern because it uses the term “free” for ad-based plans, even though Meta “can make revenue from using their personal data to show them personalized ads.” It seems that while Meta does not consider giving away personal information to be a cost to users, the EC’s commissioner for justice, Didier Reynders, apparently does.

“Consumers must not be lured into believing that they would either pay and not be shown any ads anymore, or receive a service for free, when, instead, they would agree that the company used their personal data to make revenue with ads,” Reynders said. “EU consumer protection law is clear in this respect. Traders must inform consumers upfront and in a fully transparent manner on how they use their personal data. This is a fundamental right that we will protect.”

Additionally, the EC is concerned that Meta users might be confused about how “to navigate through different screens in the Facebook/Instagram app or web-version and to click on hyperlinks directing them to different parts of the Terms of Service or Privacy Policy to find out how their preferences, personal data, and user-generated data will be used by Meta to show them personalized ads.” They may also find Meta’s “imprecise terms and language” confusing, such as Meta referring to “your info” instead of clearly referring to consumers’ “personal data.”

To resolve the EC’s concerns, Meta may have to give EU users more time to decide if they want to pay to subscribe or consent to personal data collection for targeted ads. Or Meta may have to take more drastic steps by altering language and screens used when securing consent to collect data or potentially even scrapping its “pay or consent” model entirely, as pressure in the EU mounts.

So far, Meta has defended its model against claims that it violates the DMA, the DSA, and the GDPR, and Meta’s spokesperson told Ars that Meta continues to defend the model while facing down the EC’s latest action.

“Subscriptions as an alternative to advertising are a well-established business model across many industries,” Meta’s spokesperson told Ars. “Subscription for no ads follows the direction of the highest court in Europe and we are confident it complies with European regulation.”

Meta’s model is “sneaky,” EC said

Since last year, the social media company has argued that its “subscription for no ads” model was “endorsed” by the highest court in Europe, the Court of Justice of the European Union (CJEU).

However, privacy advocates have noted that this alleged endorsement came following a CJEU case under the GDPR and was only presented as a hypothetical, rather than a formal part of the ruling, as Meta seems to interpret.

What the CJEU said was that “users must be free to refuse individually”—”in the context of” signing up for services—”to give their consent to particular data processing operations not necessary” for Meta to provide such services “without being obliged to refrain entirely from using the service.” That “means that those users are to be offered, if necessary for an appropriate fee, an equivalent alternative not accompanied by such data processing operations,” the CJEU said.

The nuance here may matter when it comes to Meta’s proposed solutions even if the EC accepts the CJEU’s suggestion of an acceptable alternative as setting some sort of legal precedent. Because the consumer protection authorities raised the action due to Meta suddenly changing the consent model for existing users—not “in the context of” signing up for services—Meta may struggle to persuade the EC that existing users weren’t misled and pressured into paying for a subscription or consenting to ads, given how fast Meta’s policy shifted.

Meta risks sanctions if a compromise can’t be reached, the EC said. Under the EU’s Unfair Contract Terms Directive, for example, Meta could be fined up to 4 percent of its annual turnover if consumer protection authorities are unsatisfied with Meta’s proposed solutions.

The EC’s vice president for values and transparency, Věra Jourová, provided a statement in the press release, calling Meta’s abrupt introduction of the “pay or consent” model “sneaky.”

“We are proud of our strong consumer protection laws which empower Europeans to have the right to be accurately informed about changes such as the one proposed by Meta,” Jourová said. “In the EU, consumers are able to make truly informed choices and we now take action to safeguard this right.”

https://arstechnica.com/?p=2038473

On Wednesday, the Supreme Court tossed out claims that the Biden administration coerced social media platforms into censoring users by removing COVID-19 and election-related content.

Complaints alleging that high-ranking government officials were censoring conservatives had previously convinced a lower court to order an injunction limiting the Biden administration’s contacts with platforms. But now that injunction has been overturned, re-opening lines of communication just ahead of the 2024 elections—when officials will once again be closely monitoring the spread of misinformation online targeted at voters.

In a 6–3 vote, the majority ruled that none of the plaintiffs suing—including five social media users and Republican attorneys general in Louisiana and Missouri—had standing. They had alleged that the government had “pressured the platforms to censor their speech in violation of the First Amendment,” demanding an injunction to stop any future censorship.

Plaintiffs may have succeeded if they were instead seeking damages for past harms. But in her opinion, Justice Amy Coney Barrett wrote that partly because the Biden administration seemingly stopped influencing platforms’ content policies in 2022, none of the plaintiffs could show evidence of a “substantial risk that, in the near future, they will suffer an injury that is traceable” to any government official. Thus, they did not seem to face “a real and immediate threat of repeated injury,” Barrett wrote.

“Without proof of an ongoing pressure campaign, it is entirely speculative that the platforms’ future moderation decisions will be attributable, even in part,” to government officials, Barrett wrote, finding that an injunction would do little to prevent future censorship.

Instead, plaintiffs’ claims “depend on the platforms’ actions,” Barrett emphasized, “yet the plaintiffs do not seek to enjoin the platforms from restricting any posts or accounts.”

“It is a bedrock principle that a federal court cannot redress ‘injury that results from the independent action of some third party not before the court,'” Barrett wrote.

Barrett repeatedly noted “weak” arguments raised by plaintiffs, none of which could directly link their specific content removals with the Biden administration’s pressure campaign urging platforms to remove vaccine or election misinformation.

According to Barrett, the lower court initially granting the injunction “glossed over complexities in the evidence,” including the fact that “platforms began to suppress the plaintiffs’ COVID-19 content” before the government pressure campaign began. That’s an issue, Barrett said, because standing to sue “requires a threshold showing that a particular defendant pressured a particular platform to censor a particular topic before that platform suppressed a particular plaintiff’s speech on that topic.”

“While the record reflects that the Government defendants played a role in at least some of the platforms’ moderation choices, the evidence indicates that the platforms had independent incentives to moderate content and often exercised their own judgment,” Barrett wrote.

Barrett was similarly unconvinced by arguments that plaintiffs risk platforms removing future content based on stricter moderation policies that were previously coerced by officials.

“Without evidence of continued pressure from the defendants, the platforms remain free to enforce, or not to enforce, their policies—even those tainted by initial governmental coercion,” Barrett wrote.

Judge: SCOTUS “shirks duty” to defend free speech

Justices Clarence Thomas and Neil Gorsuch joined Samuel Alito in dissenting, arguing that “this is one of the most important free speech cases to reach this Court in years” and that the Supreme Court had an “obligation” to “tackle the free speech issue that the case presents.”

“The Court, however, shirks that duty and thus permits the successful campaign of coercion in this case to stand as an attractive model for future officials who want to control what the people say, hear, and think,” Alito wrote.

Alito argued that the evidence showed that while “downright dangerous” speech was suppressed, so was “valuable speech.” He agreed with the lower court that “a far-reaching and widespread censorship campaign” had been “conducted by high-ranking federal officials against Americans who expressed certain disfavored views about COVID-19 on social media.”

“For months, high-ranking Government officials placed unrelenting pressure on Facebook to suppress Americans’ free speech,” Alito wrote. “Because the Court unjustifiably refuses to address this serious threat to the First Amendment, I respectfully dissent.”

At least one plaintiff who opposed masking and vaccines, Jill Hines, was “indisputably injured,” Alito wrote, arguing that evidence showed that she was censored more frequently after officials pressured Facebook into changing their policies.

“Top federal officials continuously and persistently hectored Facebook to crack down on what the officials saw as unhelpful social media posts, including not only posts that they thought were false or misleading but also stories that they did not claim to be literally false but nevertheless wanted obscured,” Alito wrote.

While Barrett and the majority found that platforms were more likely responsible for injury, Alito disagreed, writing that with the threat of antitrust probes or Section 230 amendments, Facebook acted like “a subservient entity determined to stay in the good graces of a powerful taskmaster.”

Alito wrote that the majority was “applying a new and heightened standard” by requiring plaintiffs to “untangle Government-caused censorship from censorship that Facebook might have undertaken anyway.” In his view, it was enough that Hines showed that “one predictable effect of the officials’ action was that Facebook would modify its censorship policies in a way that affected her.”

“When the White House pressured Facebook to amend some of the policies related to speech in which Hines engaged, those amendments necessarily impacted some of Facebook’s censorship decisions,” Alito wrote. “Nothing more is needed. What the Court seems to want are a series of ironclad links.”

“That is regrettable,” Alito said.

https://arstechnica.com/?p=2033738

US Surgeon General Vivek Murthy wants to put a warning label on social media platforms, alerting young users of potential mental health harms.

“It is time to require a surgeon general’s warning label on social media platforms stating that social media is associated with significant mental health harms for adolescents,” Murthy wrote in a New York Times op-ed published Monday.

Murthy argued that a warning label is urgently needed because the “mental health crisis among young people is an emergency,” and adolescents overusing social media can increase risks of anxiety and depression and negatively impact body image.

Spiking mental health issues for young people began long before the surgeon general declared a youth behavioral health crisis during the pandemic, an April report from a New York nonprofit called the United Health Fund found. Between 2010 and 2022, “adolescents ages 12–17 have experienced the highest year-over-year increase in having a major depressive episode,” the report said. By 2022, 6.7 million adolescents in the US were reporting “suffering from one or more behavioral health condition.”

However, mental health experts have maintained that the science is divided, showing that kids can also benefit from social media depending on how they use it. Murthy’s warning label seems to ignore that tension, prioritizing raising awareness of potential harms even though parents potentially restricting online access due to the proposed label could end up harming some kids. The label also would seemingly fail to acknowledge known risks to young adults, whose brains continue developing after the age of 18.

To create the proposed warning label, Murthy is seeking better data from social media companies that have not always been transparent about studying or publicizing alleged harms to kids on their platforms. Last year, a Meta whistleblower, Arturo Bejar, testified to a US Senate subcommittee that Meta overlooks obvious reforms and “continues to publicly misrepresent the level and frequency of harm that users, especially children, experience” on its platforms Facebook and Instagram.

According to Murthy, the US is past the point of accepting promises from social media companies to make their platforms safer. “We need proof,” Murthy wrote.

“Companies must be required to share all of their data on health effects with independent scientists and the public—currently they do not—and allow independent safety audits,” Murthy wrote, arguing that parents need “assurance that trusted experts have investigated and ensured that these platforms are safe for our kids.”

“A surgeon general’s warning label, which requires congressional action, would regularly remind parents and adolescents that social media has not been proved safe,” Murthy wrote.

Kids need safer platforms, not a warning label

Leaving parents to police kids’ use of platforms is unacceptable, Murthy said, because their efforts are “pitted against some of the best product engineers and most well-resourced companies in the world.”

That is nearly an impossible battle for parents, Murthy argued. If platforms are allowed to ignore harms to kids while pursuing financial gains by developing features that are laser-focused on maximizing young users’ online engagement, platforms will “likely” perpetuate the cycle of problematic use that Murthy described in his op-ed, the American Psychological Association (APA) warned this year.

Downplayed in Murthy’s op-ed, however, is the fact that social media use is not universally harmful to kids and can be beneficial to some, especially children in marginalized groups. Monitoring this tension remains a focal point of the APA’s most recent guidance, which noted that in April 2024 that “society continues to wrestle with ways to maximize the benefits of these platforms while protecting youth from the potential harms associated with them.”

“Psychological science continues to reveal benefits from social media use, as well as risks and opportunities that certain content, features, and functions present to young social media users,” APA reported.

According to the APA, platforms urgently need to enact responsible safety standards that diminish risks without restricting kids’ access to beneficial social media use.

“By early 2024, few meaningful changes to social media platforms had been enacted by industry, and no federal policies had been adopted,” the APA report said. “There remains a need for social media companies to make fundamental changes to their platforms.”

The APA has recommended a range of platform reforms, including limiting infinite scroll, imposing time limits on young users, reducing kids’ push notifications, and adding protections to shield kids from malicious actors.

Bejar agreed with the APA that platforms owe it to parents to make meaningful reforms. His ideal future would see platforms gathering more granular feedback from young users to expose harms and confront them faster. He provided senators with recommendations that platforms could use to “radically improve the experience of our children on social media” without “eliminating the joy and value they otherwise get from using such services” and without “significantly” affecting profits.

Bejar’s reforms included platforms providing young users with open-ended ways to report harassment, abuse, and harmful content that allow users to explain exactly why a contact or content was unwanted—rather than platforms limiting feedback to certain categories they want to track. This could help ensure that companies that strategically limit language in reporting categories don’t obscure the harms and also provide platforms with more information to improve services, Bejar suggested.

By improving feedback mechanisms, Bejar said, platforms could more easily adjust kids’ feeds to stop recommending unwanted content. The APA’s report agreed that this was an obvious area for platform improvement, finding that “the absence of clear and transparent processes for addressing reports of harmful content makes it harder for youth to feel protected or able to get help in the face of harmful content.”

Ultimately, the APA, Bejar, and Murthy all seem to agree that it is important to bring in outside experts to help platforms come up with better solutions, especially as technology advances. The APA warned that “AI-recommended content has the potential to be especially influential and hard to resist” for some of the youngest users online (ages 10–13).

https://arstechnica.com/?p=2031954

Meta ha confermato che sospenderà i piani per iniziare ad addestrare i suoi sistemi di intelligenza artificiale utilizzando i dati dei suoi utenti nell’Unione Europea e nel Regno Unito. La mossa fa seguito alla denuncia della Commissione irlandese per la protezione dei dati (DPC), il principale regolatore di Meta nell’UE, che agisce per conto di diverse autorità di protezione dei dati in tutto il blocco.

Anche l’Information Commissioner’s Office (ICO) del Regno Unito ha chiesto a Meta di sospendere i suoi piani fino a quando non potrà rispondere alle preoccupazioni sollevate. “Il DPC accoglie con favore la decisione di Meta di sospendere i suoi piani per addestrare il suo ampio modello linguistico utilizzando contenuti pubblici condivisi da adulti su Facebook e Instagram in tutta l’UE/SEE”, ha affermato il DPC venerdì.

Decisione di concerto

Meta sta già sfruttando i contenuti generati dagli utenti per addestrare la propria intelligenza artificiale in mercati come gli Stati Uniti, ma le normative del GDPR hanno creato ostacoli per tutte le aziende che cercano di migliorare i propri sistemi di intelligenza artificiale, compresi modelli linguistici di grandi dimensioni con i cosiddetti “ugc”, user generated content. Tuttavia, Meta il mese scorso ha iniziato a notificare agli utenti un imminente cambiamento della sua politica sulla privacy, che gli darà il diritto di utilizzare contenuti pubblici su Facebook e Instagram per addestrare la sua intelligenza artificiale, inclusi contenuti di commenti, interazioni con aziende, aggiornamenti di stato, foto e relative didascalie.

L’azienda ha sostenuto che era necessario farlo per riflettere “le diverse lingue, geografie e riferimenti culturali delle persone in Europa”. Queste modifiche sarebbero dovute entrare in vigore il 26 giugno. Ma i piani hanno spinto l’organizzazione no-profit di attivisti per la privacy NOYB a presentare 11 reclami ai paesi costituenti dell’UE, sostenendo che Meta sta violando vari aspetti del GDPR. Uno di questi riguarda la questione dell’opt-in rispetto all’opt-out, rispetto dove avviene il trattamento dei dati personali, agli iscritti dovrebbe essere chiesto prima il permesso anziché richiedere un’azione per rifiutare. Meta, da parte sua, si affidava ad una disposizione del GDPR denominata “interessi legittimi” per sostenere che le sue azioni fossero conformi alle normative. E non è la prima volta: in precedenza Meta aveva utilizzato lo stesso schema per giustificare il trattamento degli utenti europei per pubblicità mirate.

C’è notifica e notifica

La società ha affermato di aver inviato più di 2 miliardi di notifiche per informare gli utenti delle imminenti modifiche, ma a differenza di altri importanti messaggi pubblici che sono affissi nella parte superiore dei feed degli utenti, come le richieste di uscire e votare, queste notifiche sono apparse accanto a quelle standard: compleanni degli amici, avvisi di tag foto, annunci di gruppo e altro ancora. Quindi, se qualcuno non controlla regolarmente la sezione, rischiava di perdere l’aggiornamento. E, anche dopo aver letto l’avviso, niente spiega come opporsi o rinunciare.

Inoltre, tecnicamente gli utenti non sono in grado di “rinunciare” all’utilizzo dei propri dati, se non compilando un modulo di opposizione in cui si espongono le loro argomentazioni sul motivo: e resta a discrezione di Meta accogliere o meno la richiesta.

Burocratese social

La scorsa settimana, quando è stato chiesto perché questo processo richiedesse all’utente di presentare un’obiezione anziché aderire, il responsabile delle comunicazioni sulle politiche di Meta, Matt Pollard, ha spiegato: “Crediamo che questa base legale [“interessi legittimi” ] è l’equilibrio più appropriato per l’elaborazione dei dati pubblici sulla scala necessaria per addestrare modelli di intelligenza artificiale, nel rispetto dei diritti delle persone”.

Quindi il modo migliore per aggirare il problema era emettere una notifica solitaria tra le altre degli utenti; nascondere il modulo di opposizione dietro una mezza dozzina di clic per chi cerca autonomamente la “rinuncia”; e poi farli giustificare la loro obiezione, invece di dare loro una chiara rinuncia. In un post aggiornato venerdì, il direttore globale per la politica sulla privacy di Meta, Stefano Fratta, ha affermato di essere “deluso” dalla richiesta ricevuta dal DPC. “Questo è un passo indietro per l’innovazione europea, la concorrenza nello sviluppo dell’intelligenza artificiale e ulteriori ritardi nel portare i benefici dell’intelligenza artificiale alle persone in Europa” ha scritto Fratta. “Rimaniamo fortemente fiduciosi che il nostro approccio sia conforme alle leggi e ai regolamenti europei. La formazione sull’intelligenza artificiale non è un’esclusiva dei nostri servizi e siamo più trasparenti di molti dei nostri omologhi del settore”.

La corsa all’AI

Se i tentativi di Meta di addestrare la sua intelligenza artificiale sui contenuti pubblici degli utenti in Europa per ora sono bloccati, probabilmente il colosso rialzerà la testa in un’altra forma dopo aver consultato il DPC e l’ICO. “Per ottenere il massimo dall’intelligenza artificiale generativa e dalle opportunità che offre, è fondamentale che il pubblico possa avere fiducia che i suoi diritti alla privacy saranno rispettati fin dall’inizio”, ha affermato Stephen Almond, direttore esecutivo dell’ICO per il rischio normativo. “Continueremo a monitorare i principali sviluppatori di intelligenza artificiale generativa, incluso Meta, per rivedere le misure di salvaguardia che hanno messo in atto e garantire che i diritti di informazione degli utenti siano protetti”.

Leggi le altre notizie sull’home page di Key4biz

https://www.key4biz.it/meta-cambia-idea-non-usera-piu-i-nostri-dati-sui-social-per-addestrare-la-sua-ai/494324/

The European Center for Digital Rights, known as Noyb, has filed complaints in 11 European countries to halt Meta’s plan to start training vague new AI technologies on European Union-based Facebook and Instagram users’ personal posts and pictures.

Meta’s AI training data will also be collected from third parties and from using Meta’s generative AI features and interacting with pages, the company has said. Additionally, Meta plans to collect information about people who aren’t on Facebook or Instagram but are featured in users’ posts or photos. The only exception from AI training is made for private messages sent between “friends and family,” which will not be processed, Meta’s blog said, but private messages sent to businesses and Meta are fair game. And any data collected for AI training could be shared with third parties.

“Unlike the already problematic situation of companies using certain (public) data to train a specific AI system (e.g. a chatbot), Meta’s new privacy policy basically says that the company wants to take all public and non-public user data that it has collected since 2007 and use it for any undefined type of current and future ‘artificial intelligence technology,'” Noyb alleged in a press release.

And “once their data [is] in the system,” Noyb said, “users seem to have no option of ever having it removed.”

As Meta has given EU users until June 26 to opt out of the data processing, Noyb has asked data processing authorities in the EU to intervene urgently. After that, “there will be no way back,” Noyb said, and personal data cannot be deleted from Meta’s AI models.

“We keep training data for as long as we need it on a case-by-case basis to ensure an AI model is operating appropriately, safely, and efficiently,” one Meta AI privacy page said. “We also may keep it to protect our or other’s interests or comply with legal obligations.”

More than 400 million EU users could be affected, Noyb argued, and many Facebook users who have abandoned their accounts likely aren’t aware their data will be processed for this purpose. Noyb also claimed that Meta has intentionally complicated the opt-out process using “dark patterns” to ensure that the fewest number of users block data processing.

Why Meta AI wants EU users’ data

Meta has said that collecting personal data is necessary to train AI services that reflect “the diverse cultures and languages of the European communities who will use them.” Participating will help Meta “provide and curate artificial intelligence technology in our Products, enabling the creation of content like text, audio, images, and videos, including by understanding and recognizing your use of content in the features,” an AI policy page said.

“This includes features not yet available in Europe, like allowing people to create customized stickers for chats and stories, as well as Meta AI, our virtual assistant you can access to answer questions, generate images, and more in our family of apps and on devices,” Meta’s blog said.

The AI initiative seems to be part of the social media company’s effort to appeal to younger users, according to a blog from head of Facebook, Tom Alison. He described “the future of Facebook” as being all about developing “the world’s best recommendation technology” and “building one of the world’s best collections of open models, tools, and resources for generative AI.”

https://arstechnica.com/?p=2029628

<img src="https://rassegna.lbit-solution.it/wp-content/uploads/2024/05/robert-f-kennedy-jr-sues-meta-citing-chatbots-reply-as-evidence-of-shadowban.jpg" alt="Screenshot from the documentary Who Is Bobby Kennedy?“>

In a lawsuit that seems determined to ignore that Section 230 exists, Robert F. Kennedy Jr. has sued Meta for allegedly shadowbanning his million-dollar documentary, Who Is Bobby Kennedy? and preventing his supporters from advocating for his presidential campaign.

According to Kennedy, Meta is colluding with the Biden administration to sway the 2024 presidential election by suppressing Kennedy’s documentary and making it harder to support Kennedy’s candidacy. This allegedly has caused “substantial donation losses,” while also violating the free speech rights of Kennedy, his supporters, and his film’s production company, AV24.

Meta had initially restricted the documentary on Facebook and Instagram but later fixed the issue after discovering that the film was mistakenly flagged by the platforms’ automated spam filters.

But Kennedy’s complaint claimed that Meta is still “brazenly censoring speech” by “continuing to throttle, de-boost, demote, and shadowban the film.” In an exhibit, Kennedy’s lawyers attached screenshots representing “hundreds” of Facebook and Instagram users whom Meta allegedly sent threats, intimidated, and sanctioned after they shared the documentary.

Some of these users remain suspended on Meta platforms, the complaint alleged. Others whose temporary suspensions have been lifted claimed that their posts are still being throttled, though, and Kennedy’s lawyers earnestly insisted that an exchange with Meta’s chatbot proves it.

Two days after the documentary’s release, Kennedy’s team apparently asked the Meta AI assistant, “When users post the link whoisbobbykennedy.com, can their followers see the post in their feeds?”

“I can tell you that the link is currently restricted by Meta,” the chatbot answered.

Chatbots, of course, are notoriously inaccurate sources of information, and Meta AI’s terms of service note this. In a section labeled “accuracy,” Meta warns that chatbot responses “may not reflect accurate, complete, or current information” and should always be verified.

Perhaps more significantly, there is little reason to think that Meta’s chatbot would have access to information about internal content moderation decisions.

Techdirt’s Mike Masnick mocked Kennedy’s reliance on the chatbot in the case. He noted that Kennedy seemed to have no evidence of the alleged shadow-banning, while there’s plenty of evidence that Meta’s spam filters accidentally remove non-violative content all the time.

Meta’s chatbot is “just a probabilistic stochastic parrot, repeating a probable sounding answer to users’ questions,” Masnick wrote. “And these idiots think it’s meaningful evidence. This is beyond embarrassing.”

Neither Meta nor Kennedy’s lawyer, Jed Rubenfeld, responded to Ars’ request to comment.

https://arstechnica.com/?p=2025044