Facebook’s latest attempt to infiltrate the financial services sector has seen the rebranding of their Libra cryptocurrency project into the new Facebook brand Novi. Last year this release was widely criticized by both regulators and the technology industry. After the initial announcement and code drop last year, the Libra name has been dragged through the mud by the press due to the project’s complete disdain for compliance, horrific privacy implications, and bizarre code architecture. However, nothing about this project has changed in any meaningful way and its intentions are just as insidious as they were last year. Novi is an attempt to build a large global data mining project on consumer financial data. If the Facebook Novi project is allowed to launch, it has the potential to create conflicts of interest which rival the 2018 Cambridge Analytica scandal.
This new rebranding attempts to whitewash the train wreck of the Libra launch and reframe itself in a regulatory friendly light. However, Facebook’s sixteen-year history has repeatedly shown that creating the impression of trustworthiness while profiting from deception is central to their business operations. When you peel back the lies of their marketing department’s story of openness and connectedness, the ugly truth of their motivations becomes clear.
This all comes in the same week that the Wall Street Journal, New York Times and the Washington Post have all broken widening scandals on the company, including covering up internal whistleblowers, and illegal activity with shareholders and governance concerns.
While the United States struggles with social unrest and Zuckerberg cozies up to the Trump administration for favours, the Novi project is business as usual. The executives are right now trying to weasel through the requirements across the US and Europe to put this new project into place. Regulators are being asked to allow Facebook to quietly construct a massive data mining apparatus on top of the American and European financial systems. This new move would allow Facebook directly into the most personal data of citizens. As has always been the business model of Facebook, user data will at best be sold off to Novi consortia members, monetised for advertisers, and at worst used for the same political purposes as we saw in 2018.
What we see in this project may unfold into a massive scandal exactly how it has in the past, but with even greater damage to the social order if Facebook is left to recklessly hold the funds and financial data of citizens. This article serves as a publication on a matter of public interest from a concerned programmer working in tech, about how the future will unfold and how we can stop it now.
If you believe the Novi “fine print” their stance toward data privacy is to not share data with Facebook, except when they chose to. And not surprisingly all aggregate data they mine from the transaction stream is explicitly exempted from consumer consent:
Aside from limited cases, Novi will not share account information or financial data with Facebook, Inc. or any third party without customer consent.
Aggregated data: Novi may share aggregated data to Facebook, Inc. or third parties relating to the performance of its products and services.
The usual dark pattern for Facebook around “customer consent” is to disable the functionality of the product until the “opt-in” consent to link with Facebook accounts is turned back on. This can happen at any time in the product life cycle, while technically opt-in provides no mode of operation without connection to Facebook. The second pattern in the Facebook playbook is to simply go to market with one set of terms and conditions and then swap them out for another. Leaks of the internal Facebook database schemas have revealed the existence of a cross-product shadow account system and it is unclear if any Chinese wall exists between divisions of the company to protect consumer interests.
We see this playbook explicitly spelled out in the testimony for the 2019 FTC vs. FACEBOOK, Inc. case. The settlement for this case resulted in a $5 billion fine against the company for deceptive disclosures and involuntary privacy settings modifications that undermined users’ privacy preferences in violation of the 2012 FTC order. In a 2019 complaint filed for the case, the FTC writes:
To encourage users to share information, Facebook promises users that they can control the privacy of their information through Facebook’s privacy settings. However, through at least June 2018, Facebook subverted users’ privacy choices to serve its own business interests.
With Novi, the game that will almost certainly be played by Facebook is to enable users to onboard to the system under one set of terms and conditions where a linked Facebook account won’t be required to add funds to their Novi account, and this will continue for a fixed period of time until Facebook swaps out the terms and conditions that do require the linking of Facebook accounts. This will be done under the guise of additional KYC obligations but will effectively lock the majority of the user base out of their accounts and funds until they “opt-in” to additional Facebook permissions to restore access to their funds. This privacy bait and switch is the core Facebook business model, and giving the company access to hold user funds ransom only increases the potency of this model.
Libra’s own website is the clearest example of a deceptive presentation by the company. The central marketing for the organization appropriates the financial struggles of women in developing nations for its own branding. Since the launch, the project has presented this false narrative of “banking the unbanked’’, but as the Financial Times reported there is no actual mechanism for this product to uplift developing economies nor has Facebook invested any actual work toward pursuing this as a project goal. At the last annual shareholder meeting, the motivation behind this project was made crystal clear: it is purely a means to expand their advertising profits by analyzing financial data. This two-faced marketing is central to the fundamental duplicity of Novi: financial inclusivity as a cover for data strip mining.
As I wrote previously, the Novi project’s positioning of itself around a “blockchain” technology is odd and counterproductive. The story around these fringe technologies seems to shift every year but the only real use-case is the creation of censorship-resistant stores of value. These products serve the interests of a certain class of investors looking to speculate on highly volatile instruments beyond the reach of tax authorities. There is no reason that Novi needs a blockchain at all, and this entire pointless architecture could be simply replaced with a database.
Nevertheless, this bizarre technology choice carries with it some very strange and troubling assumptions that have profound regulatory and privacy implications. In the past, I have argued that an architecture that requires the consortium of legally bound validators in a closed network to maintain byzantine consensus of account states is technologically absurd. No regular institution would ever choose this mode of storing data since it is a completely wasteful model that serves no purpose. However, intrinsic to this technical architecture is that all data is necessarily replicated in the clear across the multinational consortium members and must be stored in the clear to validate the consistency of the shared ledger state. In most financial services information security standards the base level of compliance requires encryption at rest and encryption in transit. Yet the Libra blockchain has no encryption at all. The whitepaper released is non-committal on the technical difficulties of this problem and suggests that “new techniques” would be required:
Another outcome of the above design decisions is that the Libra Blockchain will support a privacy approach that will take into account the variety of participants on the network. The Association oversees the evolution of the Libra Blockchain protocol and network and continuously evaluates new techniques to enhance privacy compliance on the blockchain while taking into account applicable regulatory requirements.
Furthermore, the use of this architecture means that the transactions of millions of citizens will be kept in an immutable audit log that lasts forever. Indeed, the architectural documents for Libra blockchain have not clarified how or when the organisation would allow for effective removal or unlinking of user data or how to reconcile this requirement with the underlying technical implementation. The code is open source and a dive into the codebase finds that the current solution simply stores all transaction data in the clear at the consensus level. Moreover, the codebase has yet to address the validator isolation problem I brought up one year ago. It is a simple question to ask how data will be demarcated between separate companies who run validators in this network and who have conflicts of interest with each other’s businesses. There is no answer to this simple question.
Facebook has deliberately tried to evade this in its marketing campaign and presentations to regulators with obscurantist language and false promises instead of actual detail. Thus, in its current form, Facebook has deliberately chosen an architecture where the protocol cannot conform to either GDPR, Bundesdatenschutzgesetz, or the encryption requirements needed to obtain a money transmitter license in most European countries.
Most importantly, the real question for European representatives is a simple one, do German and French citizens want their private financial data domiciled on American servers and mined by American capitalists with no recourse or oversight from their own governments? In this last century alone, history has taught us the hard lessons about the consequences of Zerfall der Privatsphäre. The entire Libra project is a threat to the strategic sovereignty of Europe and its ability to enforce its own data protection laws.
An active area for journalists to look into is the potential transactionality of Facebook’s dealings with the current administration. The launch of Novi would require a great deal of federal support to even launch within the United States and it is unclear what has changed since last year to attempt this again. Their current dealings on this front are all behind closed doors, but it may be the case that Facebook has been fast-tracked through the regulatory hurdles necessary to obtain the licenses in exchange for recent actions. What is public record, however, is that Facebook’s political donations have been very tactically targeted at politicians who are members of subcommittees regarding financial services regulation and privacy oversight. The preparations for this product launch have been years in the making.
In addition, while most of the Libra consortium members fled the organisation after the initial project implosion, there are a few that have cut deals with the organisation in the last few months. The lynchpin to his rollout has been Shopify as the pilot partnership to become the first company to accept the new Facebook payments. Shopify which has chosen a very bad time to align itself with Facebook in light of recent events. And Shopify management will have to come to terms with the tradeoffs of saving small fees on card transactions compared to the backlash that connecting to this controversial network will bring.
In The Age of Surveillance Capitalism, Shoshana Zuboff wrote about the parasitic mechanism of Facebook’s business:
It revives Marx’s old image of capitalism as a vampire that feeds on labor, but with an unexpected turn. Instead of labor, surveillance capitalism feeds on every aspect of every human’s experience.
After sixteen years of lying to users, Zuckerberg has long ago torched whatever shred of trust ever existed between Facebook and the public. However, in the presence of failing institutional controls and passive shareholders the company will be allowed to continue to recklessly rip apart our democracies all in the name of increasing advertising profits.
Luck has granted us a small window in which to take action. There may not be any time remaining to prevent it’s rollout in the US. However if you can write to your MEP and tell them that Facebook’s Surveillance Apparatus has no place in Europe. Don’t wait for the privacy scandal to hit the front page of the Financial Times and Der Spiegel.
Facebook is an unethical company. It is a business whose core model is the perpetuation of an outrage Skinner box that exploits our relationships with family and friends for profit. It is an organisation that has put itself on the wrong side of history and decided to cash in on the same social dynamics that gave us Trump: the politics of social strife, resentment and surveillance. Novi represents an expansion of the same Facebook goals, and this vampire company must be starved of this new feeding ground for human experience.
