AUSTRALIA CARD MARK II: no national digital ID number will mean no access to any Australian federal government services

“When signing up to the platform for the first time, users will be asked to provide their name, email address, and phone number, and verify their details via email or SMS. They will then be asked to provide information from three identity documents, which goes through the exchange to the identity provider for verification. The exchange receives encrypted details back which it passes on to the government service the user wants to reach, which then grants the user access.”  [IT News, 20 March 2015]

IT News, 8 February 2018:

The Department of Human Services looks set to become the federal government's exclusive manager of digital identities after being selected to build the identity provider solution that will be used for the Govpass platform.

The Govpass framework is a decentralised identity model that allows individuals to choose their identity provider - an organisation that issues identity documents, like Australia Post or the ATO - and access a range of public and private sector services through a single digital identity credential.

There is no limit on the number of identity providers outside of the Commonwealth that can be accredited for Govpass; Australia Post has already indicated it will seek to become the first non-government identity provider, using its Digital iD platform.

Several state and territory government agencies and private sector entities are also expected to become identity providers over time.

However, the federal government last year made the decision that only one identity provider would operate for the entire Commonwealth.

The Digital Transformation Agency revealed the decision following meetings with existing Commonwealth identity service providers, DHS and the ATO. Its rationale for the move was to focus security efforts in one place and avoid complex administrative structures.

iTnews revealed in October that the DTA was yet to make up its mind up on which of the two agencies would serve as the federal government’s sole identity provider for GovPass, even as testing of the new platform was taking place with the ATO’s new online tax file number application service.

Instead the DTA said it was working closely with the ATO and DHS on the “next steps” for the platform.

But in response to questions on notice from recent estimates hearings, DHS revealed it had been instructed to develop the federal government’s single identity provider platform, to be known as myGov IdP.

“The department was commissioned by the DTA to build the identity provider (IdP) for the whole-of-government,” it said.

“The myGov IdP will enable citizens to verify their identity online and use it to apply for government services.”

iTnews has made several attempts to clarify the statements with the DTA and DHS, but both refused to comment on the build and DHS’ apparent position as the single government identity provider.

The ATO similarly redirected questions about its involvement with Govpass, including whether it had also been asked by the DTA to build an identity provider solution, to the DTA.

Selecting DHS as the sole government identity provider would be an obvious choice for the DTA - the agency is the government’s current defacto whole-of-gov identity provider through the myGov digital services platform.

A private beta release of myGov IdP is currently planned for later this month.

Identity providers on Govpass will use the DTA-built identity exchange – and in turn the document verification service (DVS) and facial verification service (FVS) – to verify an individual’s credentials without revealing their identity to service providers.

[my yellow bolding]

Note: The Face Identification Service (FIS) is a one-to-many, image-based identification service that can match a photo of an unknown person against multiple government records to help establish their identity. FIS is also available to police, security services, Dept. of Immigration and Dept. of Foreign Affairs. [Australian Attorney-General's Department, October 2017]

NSW Auditor-General not impressed by government agencies cyber security risk management

“Specific financial reporting, controls and service delivery comments are included in the individual 2017 cluster financial audit reports tabled in Parliament from October to December 2017.” [NSW Auditor-General, Report on Internal Controls and Governance 2017, December 2017]

On 20 December 2017 the NSW Auditor-General released the Report on Internal Controls and Governance 2017.

The Sydney Morning Herald reported on 28 December 2017:

Two-thirds of NSW government agencies are failing to properly safeguard their data, increasing the risk of improper access to confidential information about members of the public and identity fraud by cyber criminals.

The finding has emerged from an audit of dozens of government agencies, including those holding highly sensitive personal information collected from millions of citizens, such as NSW Health, the department of education, NSW Police Force, Roads and Maritime Services and the justice department.

While the report by auditor-general Margaret Crawford does not name the agencies failing to properly manage privileged access to their systems, it highlights the potential consequences.

"Personal information collected by public sector agencies about members of the public is of high value to cyber criminals, as it can be used to create false identities to commit other crimes," she says in the report.

"Despite these risks, we found that one agency had 37 privileged user accounts, including 33 that were dormant. The agency had no formal process to create, modify or deactivate privileged users."

Overall, Ms Crawford's report found 68 per cent of NSW government agencies "do not adequately manage privileged access to their systems".

In addition, she said, the audit determined that 61 per cent of agencies "do not regularly monitor the account activity of privileged users".

"This places those agencies at greater risk of not detecting compromised systems, data breaches and misuse," the report said.

The audit found 31 per cent of agencies "do not limit or restrict privileged access to appropriate personnel". Of those, just one-third monitor the account activity of privileged users.

It found that almost one-third of agencies breach their own security policies on user access.

The report warns that if agencies fail to implement proper controls "they may also breach NSW laws and policies and the international standards that they reference".

Read the full article here.

List of NSW Government Agencies Examined by NSW Auditor-General

Education

Department of Education

Family and Community Services

Department of Family and Community Services

New South Wales Land and Housing Corporation

Finance, Services and Innovation

Department of Finance, Services and Innovation * Specifically identified in report

Place Management NSW

Property NSW

Service NSW

Health

NSW Health

Industry

Department of Industry

Destination NSW

Forestry Corporation of New South Wales

Office of Sport

TAFE Commission

Water NSW

Justice

Department of Justice

Fire and Rescue NSW

Legal Aid Commission of New South Wales

NSW Police Force

Office of the NSW Rural Fire Service

Planning and Environment

Department of Planning and Environment

Essential Energy

Hunter Water Corporation

Landcom

Office of Environment and Heritage

Office of Local Government

Sydney Water Corporation

Premier and Cabinet

Department of Premier and Cabinet

Transport

NSW Trains

Rail Corporation New South Wales

Roads and Maritime Services

Sydney Trains

Transport for NSW

WCX M4 PTY Limited

WCX M5 PTY Limited

Treasury

Crown Finance Entity

Insurance and Care NSW

Lifetime Care and Support Authority

NSW Treasury Corporation

NSW Self Insurance Corporation

Excerpt from Report on Internal Controls and Governance 2017:

Some deficiencies were common across agencies

The most common internal control deficiencies were poor or absent IT controls related to:

user access management

password management

privileged access management

user acceptance testing.

The most common governance deficiencies related to:

management of cyber security risks

capital project governance

management of shared service arrangements

conflicts-of-interest management

gifts-and-benefits management

risk management maturity

ethical behaviour policies and statements.

Turnbull Government's data retention privacy blunder just rolls on and on...

“If data can be re-identified with no more than SQL, there's no "if" about a leak, and the "when" is history.” [Journalist Richard Chirgwin, Twitter 18 December 2017]

“But why are medical records so attractive? Well, it turns out that there’s a metaphorical holiday feast of enticing data served up in your average health record. Family history, demographic data, insurance information, medications, etc. means there’s enough information to completely steal an individual’s identity and commit medication fraud, financial fraud, insurance fraud and a wide array of other crimes. When this very private, unchangeable information gets into the wrong hands, devastation can ensue.” [Robert Lord writing in Forbes, 15 December 2017]

First the Australian general public were told that patient data was well protected and data breaches wouldn't happen as a result of government's drive to collect, cross-match and retain as much information about each and every Australian citizen/permanent resident as possible.

Then when the inevitable day came where poor data security was laid bare - as the personal histories of 550,000 blood donors were placed on an insecure computer and accessed, as Medicare details began to be offered for sale on the Internet's dark web and Medicare itself became careless with its encryption -  the public was told in the first instance that misuse was unlikely, in the second instance that personal medical information couldn't be accessed and that patients couldn't really be individually identified in the third instance where a billion line encrypted data set was publicly released.

After that the Turnbull Government assured the population that it would create legislation which would make it illegal for anyone to de-encrypt anonymised data and create a Notifiable Data Breaches scheme.

We were all going to be safe once more in the arms of the Turnbull Government.

Now the cat is out of the bag, because that billion-line 30 year's worth of personal health information about est. 3 million people just won't stay in the back of the ministerial cupboard where Greg Hunt shoved it.

 [Fairfax journalist Ben Grubb, Twitter 18 December 2017]

The Sydney Morning Herald, 18 December 2017:

One in ten Australians' private health records have been unwittingly exposed by the Department of Health in an embarrassing blunder that includes potentially exposing if someone is on HIV medication, whether mothers have had terminations, or if mentally unwell people are seeing psychologists.

A report, published on Monday by Dr Chris Culnane, Dr Benjamin Rubinstein and Dr Vanessa Teague from the University of Melbourne's School of Computing and Information Systems, outlines how de-identified historical health data from the Australian Medicare Benefits Scheme (MBS) and the Pharmaceutical Benefits Scheme (PBS) released to the public in August 2016 can be re-identified using known information about the person to find their record.

The study reveals unique patient records matching the online public information of seven prominent Australians, including three (former or current) MPs and an AFL footballer. While a unique match may not always be accurate, Dr Rubinstein said there was the possibility to improve confidence by cross-referencing other data.

"Because only 10 per cent of Australians are included in the sample data, there can be a coincidental resemblance to someone who isn't included," he said.

"We can improve confidence by cross-referencing with a second dataset of population-wide billing frequencies. We can also examine uniqueness according to the characteristics of commercial datasets we know of, such as bank billing data."…….

Privacy analyst and Lockstep consultant Stephen Wilson said the breach damaged public confidence in health policy makers and data custodians.

"It's a huge breach of trust," he said.

"Promises of 'de-identification' and 'anonymisation' made by health officials, and ABS too in connection with census data releases, have been shown to be erroneous.

"The ability to re-identify patients from this sort of public release is frankly, in my view, catastrophic. Real dangers are posed to patients with socially difficult conditions.

"It beggars belief that any official would promise 'anonymity' any more. These promises cannot be kept."

Computer security researcher Troy Hunt said re-identification of anonymised records was attractive to researchers and nefarious parties alike.

"In this case, clearly more work needs to be done to protect individuals' identities,' he said. "My hope is that the government embraces responsible research like this and strives to improve confidentiality rather than penalise those seeking to report deficiencies such as this."

The federal Department of Health was notified about the issue December last year.

"The Department of Health takes this matter very seriously and had already referred this to the Privacy Commissioner," a Department of Health spokesperson told Fairfax Media......

Meanwhile, the Office of the Australian Information Commissioner, which houses Australia's privacy commissioner, said it was investigating the publication of the datasets.

"The investigation was opened under section 40(2) of the Australian Privacy Act 1988 (Privacy Act) in late September 2016 when the Department of Health notified the OAIC that the datasets were potentially vulnerable to re-identification," a spokesperson said.

"Given the investigation into the Medicare Benefits Scheme (MBS) and Pharmaceutical Benefits Scheme (PBS) datasets is ongoing, we are unable to comment on it further at this time.

However, the commissioner will make a public statement at the conclusion of the investigation."

The OAIC said it continued to work with Australian government agencies to enhance privacy protection in published datasets.....

Australians to own their own banking, energy, phone and internet data? How wonderful! Except.....

Read the news coming out of Canberra…..

Assistant Minister for Cities and Digital Transformation and Liberal MP for Hume Angus Taylor, media release, 26 November 2017:

Australians to own their own banking, energy, phone and internet data

The Turnbull Government will legislate a national Consumer Data Right, allowing customers open access to their banking, energy, phone and internet transactions.

Australians will be able to compare offers, get access to cheaper products and plans to help them ‘make the switch’ and get greater value for money.

Assistant Minister for Cities and Digital Transformation Angus Taylor said it was the biggest reform to consumer law in a generation.

“Government is pursuing the very simple idea that the customer should own their own data. It is a powerful idea and a very important one,” Assistant Minister Taylor said.

“Australians have been missing out because it’s too hard to switch to something better. You may be able to access your recent banking transactions, or compare this quarter’s energy bill to the last, but it sure isn’t quick or easy to work out if you can get a better deal elsewhere.”

The Consumer Data Right was one of 41 recommendations from the Productivity Commission’s Data Availability and Use Inquiry, tabled in parliament in May this year.

The Government’s formal response to the inquiry will be published in coming weeks.

“It won’t be far down the track when you can simply tap your smartphone to switch from one bank to another, to a cheaper internet plan, or between energy companies.

Government is lifting the lid on competition in consumer services and technology is the enabler,” Assistant Minister Taylor said.

Following on from the Prime Minister’s recent agreement with electricity retailers, and the Treasurer’s open banking initiative, the Consumer Data Right will be established sector-by-sector, beginning in the banking, energy and telecommunications sectors.

Utilities will be required to provide standard, comparable, easy-to-read digital information, that third parties can readily access. New Commonwealth legislation to give effect to these reforms will be brought forward in 2018. [my yellow highlighting]

Take a minute to feel good about this.

Then realise that not all the publicly or privately held digital data retained about you will actually be ‘owned’ by you.

If anything it appears that individuals will have a limited joint right to certain data and what access to data they have will probably attract a fee to view and/or download.

It is also likely that data held about you by the banking, energy, phone and internet sectors will be transferred to third parties even when you prefer this didn't happen. It may become a condition of changing service providers as it will likely give the new provider a wealth of information about you and your credit rating.

It is also highly likely that the new legislation will allow third parties to access, disclose and trade in data sets and/or consumer data - without consumers necessarily being made aware this is occurring.

Eventually the Turnbull Government's consumer data rights along with those third party rights will apply to all sectors, including the insurance industry.

If you are interested in some background reading start with the Australian Productivity Commission’s March 2017 report here.

Are banks and insurance companies misusing personal health information and medical files?

“After an insured has made a claim against their policy, the insurer obtains access to and reviews the insured’s medical records. PIAC has seen instances of insurers obtaining an insured’s complete medical history, including from doctors that treated the insured during childhood, before deciding a claim.

PIAC has found that insurers often rely on matters ‘discovered’ during the review of the insured’s medical records to allege that the insured has breached their duty of disclosure.

Often the conclusions drawn by the insurer from the insured’s medical record about their experiences of mental health are inconsistent with the insured’s medical record and the opinions of their treating medical practitioners.

PIAC has represented individuals who have had a policy avoided because the insurer has relied on medical records to impute a medical condition that either did not exist or that the insured did not know existed at the time of applying for insurance.

In PIAC’s experience, it appears that consumers are being disadvantaged by the reforms to the remedies available to insurers (as set out above), or at the very least, are not seeing any benefits flowing from the increased flexibility.” [Public Interest Advocacy Centre, 18 November 2016]

Parliament of Australia, Inquiry into the life insurance industry:

On 14 September 2016, the Senate referred an inquiry into the life insurance industry to the Joint Parliamentary Committee on Corporations and Financial Services for report by 30 June 2017.

The committee welcomes individual stories that may identify widespread issues and recommendations for reform. The committee is not able to investigate or resolve individual disputes.

If you make adverse comment about people in your submission, the committee may reject such evidence or offer a right of reply.

Submissions close on 18 November 2016.

On 29 March 2017, the Senate extended the reporting date from 30 June 2017 to 31 October 2017.

Submissions received by the Committee can be found here.

ABC News, 8 September 2017:

Doctors are pushing back against insurance companies asking them to send them their patients' entire health records as they make decisions about life insurance.

"I am very alarmed that there might be tens of thousands of people's entire health record across the country now stored with insurance companies," Labor Senator Deborah O'Neil told Parliament's joint committee on corporations and financial services.

Edwin Kruys from the Royal Australian College of General Practitioners told the committee doctors do not believe it is appropriate to send entire files to insurance companies.

"It contains information that is often not relevant to the claim, it is all sorts of information that patients have shared with their doctor over the years and they may not even remember what they have shared," Dr Kruys said.

Anne Trimmer from the Australian Medical Association (AMA) told the committee it is challenging for a doctor to determine which parts of a file are relevant.

"And you overlay that with doctors who are time poor with busy practices, it is really hard to make the determination of what is really relevant," she said.

Helen Troup who is managing director of the Commonwealth Bank's Life Insurance arm, CommInsure, told their insurance customers agreed to let doctors provide the files.

"We do get a full authority," Ms Troup said.

She said the company keeps the files but could not say how many it had.

"Our claims principle is to ask for information that is relevant to the claim assessment," she said.

But she said it sometimes meant the company received the full file.

"We of course take due care with that information," Ms Troup said.

But Dr Kruys said he did not take a tick in a box on a form as true consent from his patients to hand over their records, so he contacted them and checked.

He told the committee that they often then withdrew that consent and he would instead send a much more specific report.

Associate Professor Stephen Bradshaw of the Medical Board of Australia told the committee that the request for medical records could come months or years after the doctor had seen the patient.

Would you trust these men with your personal health information? Part Two

Left to Right: Minister for Human Services and Liberal MP for Aston, Alan Tudge

& Minister for Health and Liberal MP for Flinders, Greg Hunt

The Guardian, 8 July 2017:

The government found itself facing heavy criticism this week over how it handles Australians’ personal information, after a Guardian investigation revealed a darknet trader was illegally selling the details of any Medicare card holder on request by “exploiting a vulnerability” in a government system.

The data had been for sale since at least October 2016, and the seller appears to have sold the Medicare details of at least 75 Australians…..

“What’s happening is the community is wrapping these attacks together and seeing them as a threat, and it adds to a perception that their data is not safe,” said Australia’s privacy commissioner, Timothy Pilgrim. “All the players need to work out a way to build up that trust.”

But why do these breaches keep happening? And is the government doing everything it can to stop them, and reassure the public when they do happen?

After being alerted by the Guardian to the Medicare breach, the minister took swift action, referring it to the Australian federal police for investigation. Pilgrim welcomed this as an appropriate response…..

The most critical risk to Australians from the misuse of Medicare card data is one of identity fraud. A fake Medicare card with legitimate details can get a criminal a quarter of the way to an entire fake ID. This could then be used by organised crime groups in any number of ways, for example by leasing property or equipment. It could also be used to fraudulently obtain services from Medicare itself.

In this case, the darknet was the vehicle for this particular identity fraud scam. But it didn’t need to be, and it is likely similar, less-sophisticated scams are taking place right now.

Tudge has used an unusual line to explain the breach. He has said it was not a hack or cyber attack, but “traditional criminal activity”. What he’s edging around is that his department believe this was a case of an individual using a legitimate method to access Medicare data – but for an unauthorised and illegal purpose.

But contrary to Tudge’s assertion, access control is very much a matter of cybersecurity. And there are a lot of problems with the way Medicare card details can be obtained.

For instance more than 200,000 individual users can potentially look up Medicare card details through the department’s system. The department has declined to answer whether each access is logged, which could allow it to trace when a particular card was looked up. If those controls aren’t there, it’s unlikely the darkweb vendor selling this data will be found.

It doesn’t mean someone sitting in a doctor’s clinic has been supplying the data. A prospective patient could show up at a GP’s reception, pretending to be someone else, and just ask for that person’s Medicare card details. Guardian Australia has spoken with one employee at a medical practice who said people regularly asked for their card details to be supplied.

Identity fraud using Medicare cards is coming to be seen as a big problem in the government. The human services department acknowledged in February 2016 that there had been 1,500 “probable” cases of Medicare fraud, a jump from 269. The Australian reported that in 2014 the justice minister, Michael Keenan, set out to quantify the scale of Medicare card fraud taking place. A study found Medicare cards and driving licences were the mostly commonly used forms of ID for fraudsters.

The problem appears to be growing worse as those given credentials to access Medicare card details legitimately has increased – jumping 25% in the last financial year – and as organised crime groups grow more sophisticated in their methods.

All of this contributes to the loss of trust….

Would you trust these men with your personal health information? , 5 July2017

You're not on Facebook? Why not?!

One of the many reasons some people are closing their Facebook accounts and walking away – excessive, obsessive data collection and the uses to which it is put.

News.com.au, 1 May 2017:

FACEBOOK has come under fire over revelations it is targeting potentially vulnerable youths who “need a confidence boost” to facilitate predatory advertising practices.

The allegation was revealed this morning by The Australian which obtained internal documents from the social media giant which reportedly show how Facebook can exploit the moods and insecurities of teenagers using the platform for the potential benefit of advertisers.

The confidential document dated this year detailed how by monitoring posts, comments and interactions on the site, Facebook can figure out when people as young as 14 feel “defeated”, “overwhelmed”, “stressed”, “anxious”, “nervous”, “stupid”, “silly”, “useless”, and a “failure”.

Such information gathered through a system dubbed sentiment analysis could be used by advertisers to target young Facebook users when they are potentially more vulnerable.

While Google is the king of the online advertising world, Facebook is the other major player which dominates the industry worth about $80 billion last year.

But Facebook is not one to rest on its laurels. The leaked document shows it has been honing the covert tools its uses to gain useful psychological insights on young Australian and New Zealanders in high school and tertiary education.

The social media services we use can derive immense insight and personal information about us and our moods from the way we use them, and arguably none is more fastidious in that regard than Facebook which harvests immense data on its users.

The secret document was put together by two Australian Facebook execs and includes information about when young people are likely to feel excited, reflective, as well as other emotions related to overcoming fears.

The Guardian, 3 May 2017:

For two years I was charged with turning Facebook data into money, by any legal means. If you browse the internet or buy items in physical stores, and then see ads related to those purchases on Facebook, blame me. I helped create the first versions of that, way back in 2012.

The ethics of Facebook’s micro-targeted advertising was thrust into the spotlight this week by a report out of Australia. The article, based on a leaked presentation, said that Facebook was able to identify teenagers at their most vulnerable, including when they feel “insecure”, “worthless”, “defeated” and “stressed”.

Facebook claimed the report was misleading, assuring the public that the company does not “offer tools to target people based on their emotional state”. If the intention of Facebook’s public relations spin is to give the impression that such targeting is not even possible on their platform, I’m here to tell you I believe they’re lying through their teeth.

Just as Mark Zuckerberg was being disingenuous (to put it mildly) when, in the wake of Donald Trump’s unexpected victory, he expressed doubt that Facebook could have flipped the presidential election.

Facebook deploys a political advertising sales team, specialized by political party, and charged with convincing deep-pocketed politicians that they do have the kind of influence needed to alter the outcome of elections. 

I was at Facebook in 2012, during the previous presidential race. The fact that Facebook could easily throw the election by selectively showing a Get Out the Vote reminder in certain counties of a swing state, for example, was a running joke.

Express online, 6 January 2017:

FACEBOOK siphons an enormous amount of data from its users – whether it's monitoring your mouse movements, tracking the amount of time you spend on any given post, or the subject of your photographs……

The US social network is constantly tracking information about its users – however, most users will not be aware of just how much data it can siphon from a single photograph.

Facebook hints at how much data it is able to detect when it suggests people who might be in the photograph, prompting you to tag their faces.

But in reality, the California-based social network is tracking much more than just faces.

When you upload a photo on Facebook, the social network scans the image and detects how many people are in the photograph, and whether it was taken indoors or outside.

Facebook is also able to identify humans, animals and inanimate objects.

It is not always accurate, but the social network is able to differentiate between people who are standing, or sitting down.

To find out exactly what Facebook is reading into your photos, software developer Adam Geitgey has created a useful Chrome browser extension that reveals the data Facebook is collecting from your images.

Show Facebook Computer Vision Tags reveals data that Facebook usually keeps hidden from its users.

The free Google Chrome extension can be downloaded from the Chrome extension store.

Facebook has implemented object recognition technology since April 2016, a spokesperson for the company told Metro.co.uk.

The Verge, 27 May 2016:

Facebook will now display ads to web users who are not members of its social network, the company announced Thursday, in a bid to significantly expand its online ad network. As The Wall Street Journal reports, Facebook will use cookies, "like" buttons, and other plug-ins embedded on third-party sites to track members and non-members alike. The company says it will be able to better target non-Facebook users and serve relevant ads to them…

Some of the data Facebook collects to facilitate ad placements, according to The Washington Post on  19 August 2016:

1. Location
2. Age
3. Generation
4. Gender
5. Language
6. Education level
7. Field of study
8. School
9. Ethnic affinity
10. Income and net worth
11. Home ownership and type
12. Home value
13. Property size
14. Square footage of home
15. Year home was built
16. Household composition

As explained on that shiny new portal, Facebook keeps ads “useful and relevant” in four distinct ways. It tracks your on-site activity, such as the pages you like and the ads you click, and your device and location settings, such as the brand of phone you use and your type of Internet connection. Most users recognize these things impact ad targeting: Facebook has repeatedly said as much. But slightly more surprising is the extent of Facebook’s web-tracking efforts and its collaborations with major data brokers.

While you’re logged onto Facebook, for instance, the network can see virtually every other website you visit. Even when you’re logged off, Facebook knows much of your browsing: It’s alerted every time you load a page with a “Like” or “share” button, or an advertisement sourced from its Atlas network. Facebook also provides publishers with a piece of code, called Facebook Pixel, that they (and by extension, Facebook) can use to log their Facebook-using visitors.

While you’re logged onto Facebook, for instance, the network can see virtually every other website you visit. Even when you’re logged off, Facebook knows much of your browsing: It’s alerted every time you load a page with a “Like” or “share” button, or an advertisement sourced from its Atlas network. Facebook also provides publishers with a piece of code, called Facebook Pixel, that they (and by extension, Facebook) can use to log their Facebook-using visitors.

17. Users who have an anniversary within 30 days
18. Users who are away from family or hometown
19. Users who are friends with someone who has an anniversary, is newly married or engaged, recently moved, or has an upcoming birthday
20. Users in long-distance relationships
21. Users in new relationships
22. Users who have new jobs
23. Users who are newly engaged
24. Users who are newly married
25. Users who have recently moved
26. Users who have birthdays soon
27. Parents
28. Expectant parents
29. Mothers, divided by “type” (soccer, trendy, etc.)
30. Users who are likely to engage in politics
31. Conservatives and liberals
32. Relationship status

On top of that, Facebook offers marketers the option to target ads according to data compiled by firms like Experian, Acxiom and Epsilon, which have historically fueled mailing lists and other sorts of offline efforts. These firms build their profiles over a period of years, gathering data from government and public records, consumer contests, warranties and surveys, and private commercial sources — like loyalty card purchase histories or magazine subscription lists. Whatever they gather from those searches can also be fed into a model to draw further conclusions, like whether you’re likely to be an investor or buy organic for your kids.

Wired, 28 December 2012:

In 2010, while researching his thesis, he asked Facebook if it could send him all of the user data the company had relating to his own account. Amazingly, he got a response.

Facebook was, in Schrems' words, "dumb enough" to send him all his data in a 1,200-page PDF. It showed that Facebook kept records of every person who had ever poked him, all the IP addresses of machines he had used to access the site (as well as which other Facebook users had logged in on that machine), a full history of messages and chats and even his "last location", which appeared to use a combination of check-ins, data gathered from apps, IP addresses and geo-tagged uploads to work out where he was.

As Schrems went through the document, he found items he thought he had deleted, such as messages, status updates and wall posts. He also found personal information he says he never supplied, including email addresses that had been culled from his friends' address books. European law is worded vaguely, but says that personal data must be processed "fairly"; people should be given comprehensive information on how it will be used; the data processed should not be "excessive" in relation to the purpose for which it was collected; it should be held securely and deleted when no longer needed. And each person should have the right to access all of their personal data.